State Data Stolen Following Ransomware Attack in Nevada
A ransomware attack has impacted the state of Nevada, as confirmed by Nevada's Chief Information Officer (CIO) Tim Galluzi in a press conference on August 27. The Office of the Governor of Nevada first disclosed a network security incident on August 25, resulting in the closure of government offices and digital services being taken offline.
The attackers have exfiltrated data from Nevada's state networks, but the specific nature of the exfiltrated data is yet to be identified. The process of analyzing the data to determine exactly what was taken is complex, methodical, and time-consuming. A forensic investigation is ongoing among third-party specialists and state and federal partners.
The press release from the US Cybersecurity and Infrastructure Security Agency (CISA) was published on August 27, pledging support for Nevada's response and recovery from the ransomware attack. CISA's support includes providing real-time incident response at no cost and deploying their Threat Hunting teams to mitigate any remaining threats on Nevada's network.
The Federal Bureau of Investigation (FBI) is also assisting in the investigation of the ransomware attack on Nevada's state networks. Should sensitive personal information of Nevada's citizens be compromised, appropriate steps will be followed.
CISA's support is part of a broader unified effort to support Nevada's response and recovery. In addition, CISA is advising on Federal Emergency Management Agency's (FEMA) emergency response grants and other available assistance.
No known cybercriminal actor has publicly claimed responsibility for the incident at the time of writing. No further details were provided about the extension of the Cybersecurity Information Sharing Act in the provided context.
The restoration of systems is a meticulous process, and it's unclear when government services will be fully restored. The state and federal partners are working diligently to ensure the security of Nevada's networks and the protection of its citizens' personal information.
In conclusion, the ransomware attack on Nevada's state networks has caused significant disruption, and the state is receiving support from CISA, the FBI, and other federal agencies. The investigation is ongoing, and the public will be updated as more information becomes available.
