Federal and state authorities are investigating a ransomware attack that has disrupted key services across the state of Nevada.
The Sunday attack interrupted multiple government services, including phone systems and state agency websites.
The attackers were able to exfiltrate data during the intrusion, but officials still don’t know what they took, Tim Galluzi, Nevada chief information officer and executive director of the Governor’s Technology Office, said during a press conference Wednesday.
“The process of analyzing the information to determine exactly what was taken is complex, methodical and time consuming,” Galluzi said, adding that it would be reckless to speculate on the nature of the stolen information.
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI are helping Nevada officials respond to the intrusion. In a statement Wednesday, CISA said its threat hunters are helping analyze Nevada’s computer networks and mitigate any potential impact from the hack.
Officials did not identify the hackers behind the attack.
Top forensic experts are working with federal and state officials to investigate the hack, Galluzi said, promising a complete update once officials know more about the stolen data.
Galluzi acknowledged Nevadans’ concerns about the integrity of their sensitive personal data.
State officials also urged patience regarding the restoration of essential government services, warning that cybersecurity experts will need to verify the security of rebuilt systems before reactivating them.
State officials on Friday confirmed they are investigating a ransomware incident and are still analyzing what specific data that was removed during the attack.
Several critical service have remained operational, including unemployment claims, state payroll processing, public safety and emergency services and Medicaid, according to a spokesperson. The DMV is offering limited services.
“We’re restoring services in a validated, staged process and will share confirmed specifics as soon as it’s responsible to do so,” a spokesperson for the Governor’s Technology Office said.
Updates on other key services are being provided by the Nevada Office of Emergency Management.
Nathaniel Holland, special agent in charge of the FBI’s Las Vegas field office, declined to share specifics about the bureau’s investigation but said it “will not stand idly by” and allow criminals to hack government offices.
Holland urged anyone with information about the attack to contact the FBI.
Nevada officials said they first discovered the intrusion on Sunday morning, at which point they began working to isolate the threat and take certain systems offline.
The security of state and local government agencies has been a growing concern in recent years. In December, Rhode Island experienced a major hack of its social-services database that exposed roughly 660,000 residents’ personal information. In late July, a suspected ransomware attack on St. Paul, Minn., prompted the state’s governor to activate National Guard cyber protection units.
Editor’s note: Updates with additional comments from state officials.
