LAS VEGAS (KSNV) — The state now confirms that the cyberattack on Nevada on Sunday morning was a ransomware attack.
For the first time since the incident, there was a press conference on Wednesday in Carson City, where several agencies are working to restore services at state offices.
When it comes to the cyber attack itself, they weren’t able to provide a lot of information due to the ongoing investigation.
State officials couldn’t share whether a ransom was demanded or why the state was the target.
They are also looking into who was behind the attack.
Tim Galluzi, Executive Director of the Governor’s Technology Office, called it a sophisticated attack.
He said that as soon as they found the attack, they contained the threat.
And then isolated and took certain systems offline to prevent the spread of the attack.
That is what has led to several services being put on pause over the last few days, including at the DMV and social services office.
The state is currently receiving support from federal partners like the FBI in Las Vegas during the investigation.
One thing they have discovered so far is some compromised information.
“Our ongoing investigation has found evidence that indicates some data has been infiltrated, or moved outside of our state network, by malicious actors,” said Galluzi.
Right now, they can’t say what date or whose data was compromised.
But they say they will take steps if they find out it was citizens’ data.
As far as a timeline on restoring all state services, they say they are in the investigation process and don’t know at this time.
“Our goal is to restore full functionality as quickly as possible, but we have a duty to do so safely and securely,” said Galluzi.
DMV locations and their kiosks remained closed on Wednesday, while Turbo Titles and Rapid Register services did become available online the night before.
The doors at the Nevada Division of Welfare and Supportive Services office in West Las Vegas were open on Wednesday afternoon.
But signs on the doors said that they are available to accept paperwork applications and answer questions only.
“I was coming to get food stamps for me and my kids. But the office is, I guess, their system is down, and it’s gonna be down,” said Marlen Garcia.
She said she came to apply for benefits for herself and her four children.
“Everything’s so expensive, food is expensive, housing is expensive. It’s taking a toll on everybody. It’s just not me. It’s my whole family,” said Garcia.
Outside of offering food benefits like SNAP, the office provides energy and childcare assistance, Medicaid for medical needs, and job support.
But when Garcia and others showed up on Wednesday afternoon, some services, including signing up for new benefits, were not available because of the cyber attack on the state that happened on Sunday.
It caused frustration among those needing the help.
“Now what happens you are having people who need food or need their utilities on. I mean, it’s over triple digits in the desert,” said Annette Walker, a Las Vegas resident.
Lauri Taylor also left the office disappointed. She was able to meet with employees.
But she says the news was not good.
Taylor said the insurance she gets for her disability has been impacted.
“They told me that I have to come back with documentation, and they don’t know when they’ll be able to process my information,” said Taylor. “Now I have to pay co-payments that I don’t have money for, and I’m getting charged for missing appointments and things like that.”
While signing up for first-time benefits isn’t possible right now for the Division of Social Services, they are able to take paper applications, and they will be processed on a first-come, first-served basis when services are back.
Cyber experts say investigations into these large attacks are not easy.
“Now that it is moved into the criminal investigation, they’re looking at who who have, who created this particular type of attack, and what type of information was compromised or exploited. It could have been records that were read and not touched, or it could be records that were actually physically taken off the servers,” said Dr. Mack Jackson, a cybersecurity consultant and professor.
He shared a reminder to everyone: there are steps you can take to prevent being scammed right now.
“That’s to change our passwords. If you changed it two weeks ago, today, moving forward, change your password. That’ll make it harder,” said Jackson.
