A security incident impacting the state of Nevada has been confirmed to be a ransomware attack.
Nevada’s chief information officer (CIO) Tim Galluzi provided the update in a press conference on August 27, also revealing that the attackers had exfiltrated data from state networks.
“At this stage of our intensive investigation, we cannot yet identify or classify the specific nature of this data. The process of analyzing the information to determine exactly what was taken is complex, methodical and time consuming,” Galluzi commented.
“Should we determine that any sensitive personal information of our citizens was compromised, we are prepared to follow the appropriate steps,” he added.
A forensic investigation is ongoing among third-party specialists and state and federal partners to establish the scale and nature of the data breach.
No known cybercriminal actor has publicly claimed responsibility for the incident at the time of writing.
The Office of the Governor of Nevada first disclosed on August 25 that it had experienced a network security incident, resulting in the closure of government offices and digital services being taken offline.
In the latest update, Galluzi acknowledged residents’ frustration in being unable to access state services, but emphasized that restoration of systems is a “meticulous process.”
He said that systems were taken offline shortly after the attack was detected on August 24 in order to prevent further intrusion.
“Our goal is to restore full functionality as quickly as possible, but we have a duty to do so safely and securely,” Galluzi said.
Read now: Maryland Confirms Cyber Incident Affecting State Transport Systems
CISA Pledges Support for Nevada’s Response and Recovery
The US Cybersecurity and Infrastructure Security Agency (CISA) revealed it is providing real-time incident response support to Nevada at no cost in a press release published on August 27.
This includes CISA’s Threat Hunting teams being deployed to mitigate any remaining threats on the network.
“CISA’s work is part of a broader unified effort to support Nevada’s response and recovery. The agency advised on the Federal Emergency Management Agency’s (FEMA) emergency response grants and other available assistance. Additionally, the Federal Bureau of Investigation (FBI) is assisting in the investigation,” the agency wrote.
Read now: CISA Execs ‘Hopeful’ for Extension of Cybersecurity Information Sharing Act