A sophisticated **ransomware-based cyberattack** disrupted Nevada’s state government networks, leading to a **statewide outage** of essential services. The attack infiltrated government systems, exfiltrated **personal data** (though its exact nature remains undisclosed), and forced the closure of **all state offices**, including DMV locations, law enforcement access to records, and state police dispatch phone lines (excluding 911). The breach paralyzed operations in **health, human services, and public safety sectors**, with no timeline for full restoration. Authorities emphasized a meticulous recovery process to ensure threat eradication before reconnecting systems. The incident aligns with a rising trend of ransomware targeting **local and state governments**, causing operational chaos, financial losses (estimated in billions nationally), and potential long-term reputational damage. The attack’s scale—affecting **critical infrastructure and citizen services**—highlights vulnerabilities in public-sector cybersecurity defenses, with experts urging interstate collaboration to mitigate future risks.
Source: https://www.cbsnews.com/news/cyberattack-cripples-nevada-state-systems/
TPRM report: https://www.rankiteo.com/company/nv-gto
"id": "nv-527082825",
"linkid": "nv-gto",
"type": "Ransomware",
"date": "8/2025",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'customers_affected': ['Nevada residents relying on '
'state services (e.g., DMV, '
'health and human services)'],
'industry': 'public administration',
'location': 'Nevada, USA',
'name': 'State of Nevada Government',
'type': 'government'}],
'customer_advisories': ['DMV appointments canceled until further notice; '
'residents advised to check for updates before '
'visiting offices.',
'Law enforcement and emergency services (e.g., 911) '
'remained operational despite other disruptions.'],
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': ['potentially high (personal '
'information)'],
'type_of_data_compromised': ['personal information '
'(unspecified)']},
'date_detected': '2024-07-21',
'date_publicly_disclosed': '2024-07-24',
'description': "Nevada officials revealed a 'sophisticated ransomware-based "
"cybersecurity attack' that infiltrated government networks on "
'Sunday, disrupting essential services statewide. Personal '
'information may have been compromised, though initially '
'denied. The attack caused widespread outages, including DMV '
'closures, law enforcement system disruptions, and halted '
'in-person state services. Forensic investigations confirmed '
'data exfiltration, but the specific nature of the compromised '
'data remains unidentified. Systems are being restored '
'meticulously to ensure the threat is fully eradicated.',
'impact': {'brand_reputation_impact': ['potential loss of public trust in '
'state government cybersecurity'],
'customer_complaints': ['citizens arriving at DMV offices for '
'appointments only to find closures'],
'data_compromised': True,
'downtime': ['DMV offices (closed as of 2024-07-24)',
'state offices (closed to in-person services until '
'further notice)',
'dispatch phone lines for Nevada State Police (down '
'for part of Sunday)',
'statewide outage affecting almost every state '
'agency'],
'identity_theft_risk': ['personal information may have been '
'compromised (specific nature '
'unidentified)'],
'operational_impact': ['disruption of essential services',
'halted in-person state services',
'law enforcement unable to access DMV '
'records',
'prioritization of safety and health '
'services over DMV'],
'systems_affected': ['state government networks',
'DMV systems',
'law enforcement dispatch phone lines (Nevada '
'State Police)',
'state agency operations',
'health and human services systems']},
'initial_access_broker': {'high_value_targets': ['state government networks',
'personal data '
'repositories']},
'investigation_status': 'ongoing (forensic investigation active as of '
'2024-07-24)',
'lessons_learned': ['State and local governments are prime targets for '
'cyberattacks, with a rising trend in the past 12–18 '
'months.',
'Importance of sharing information with other '
'states/cities to bolster defenses proactively.',
'Critical infrastructure (e.g., water systems, law '
'enforcement) is increasingly at risk, as seen in recent '
'attacks (e.g., Aliquippa, Pennsylvania).',
'Downtime from ransomware attacks on government entities '
'has cost an estimated $1.09 billion since 2018 (per '
'Comparitech).',
'Refusal to pay ransom (e.g., Fulton County, Georgia) can '
'lead to prolonged recovery but avoids funding criminal '
'activity.'],
'ransomware': {'data_exfiltration': True},
'recommendations': ['Enhance cybersecurity defenses for state and local '
'governments, including adaptive measures like behavioral '
'WAFs and network segmentation.',
'Establish robust incident response plans with clear '
'communication strategies for public advisories.',
'Collaborate with other states and federal cybersecurity '
'units (e.g., National Guard cyber teams) for rapid '
'response and recovery.',
'Prioritize critical services (e.g., 911, health systems) '
'during outages while restoring non-essential systems '
'methodically.',
'Invest in employee training and public awareness to '
'mitigate phishing and social engineering risks.'],
'references': [{'date_accessed': '2024-07-24', 'source': 'CBS News'},
{'source': 'Comparitech analysis on U.S. government ransomware '
'attacks (2018–2024)'},
{'date_accessed': '2024-07-24',
'source': 'University of Nevada, Las Vegas (UNLV) - Greg '
'Moody, Professor of Information Systems'}],
'response': {'communication_strategy': ['press conference by Gov. Joe '
'Lombardo and CIO Tim Galluzi',
'public advisories about service '
'disruptions'],
'containment_measures': ['disconnection of affected systems',
'closure of state offices to in-person '
'services'],
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'recovery_measures': ['ensuring threat eradication before '
'reconnecting systems'],
'remediation_measures': ['forensic investigation to identify '
'exfiltrated data',
'meticulous process to bring systems '
'back online']},
'stakeholder_advisories': ['Public advised that statewide outages are '
'prioritizing safety and health services over '
'non-essential operations (e.g., DMV).',
'Citizens urged to monitor official updates for '
'service restoration timelines.'],
'title': 'Sophisticated Ransomware Attack on Nevada State Government Networks',
'type': ['ransomware', 'data breach', 'cyberattack']}