KNOWLEDGE is POWER / REAL NEWS is KEY
New York: Friday, October 10, 2025
ยฉ 2025 U-S-NEWS.COM
Online Readers: 349 (random number)
New York: Friday, October 10, 2025
Online: 319 (random number)
Join our "Free Speech Social Platform ONGO247.COM" Click Here
Politics: state still mum on whether it paid ransom to

POLITICS: State still mum on whether it paid ransom to cyber attackers โ€“ USSA News

๐Ÿ”ด Website ๐Ÿ‘‰ https://u-s-news.com/
Telegram ๐Ÿ‘‰ https://t.me/usnewscom_channel

The governorโ€™s office did not directly respond to questions about additional details on the cyber attack, including what ransom was demanded by the attackers, and whether a ransom was paid by the state. (Photo: April Corbin Girnus/Nevada Current)

More than six weeks have passed since Gov. Joe Lombardoโ€™s office announced the State of Nevada had been breached by cyberattackers and Nevadans are still in the dark about the scope of the damage done, or whether the state has paid a ransom.

Cybersecurity professionals say investigations of incidents of this scale will likely take months, so itโ€™s expected that additional information is not available, but some worry information might be downplayed or delayed for political purposes.

On Aug. 24, the governorโ€™s office announced a โ€œcyber incident.โ€ All state agencies, including the Department of Motor Vehicles and social services offices, were physically shuttered for at least two days. All state agency websites were taken offline in what the governorโ€™s office described as a proactive and precautionary measure.

For weeks: The agency that processes Medicaid, SNAP and TANF applications reverted to having new applicants fill out paper forms; mandatory background checks for firearms were unavailable, halting legal sales and transfers for anyone without a concealed carry permit;ย  law enforcement databases containing information about criminal records and registered sex offenders wereย  inaccessible; and businesses like car dealerships and smog check shops that use DMV databases experienced delays and issues.

Greg Moody, director of the cybersecurity program at UNLV, called it โ€œthe largest state-focused attack in modern history.โ€ Others in the cybersecurity world have described it as an unprecedented attack.

On Sept. 12, the governorโ€™s office announced that โ€œ90%โ€ of public-facing state agency websites had been restored. Since then, the governor has provided no additional updates.

On Monday, the recovery update page set up by the state displayed a banner stating all state agency websites have been restored and the recovery page will no longer be updated. Itโ€™s unclear when that banner went up, and the governorโ€™s office did not directly respond to the Nevada Currentโ€™s question asking when the last state website was restored.

โ€œAll major constituent-facing services are back online, and Nevada is operational again,โ€ said Josh Meny, the governorโ€™s press secretary, in an emailed statement. โ€œOur agencies are diligently working to resolve any intermittent back-end issues, but the majority of these issues are not directly attributable to the cyber incident but are instead linked to other recent enhancements aimed at strengthening and securing our cyber environment.โ€

Some specific features of agency websites may still be down, but no full accounting of that is publicly available. As Meny put it, โ€œit may be challenging to precisely quantify the minor adjustments currently being implemented by agenciesโ€ but the state โ€œis actively compiling an inventory of these efforts.โ€

The governorโ€™s office did not directly respond to questions about additional details on the cyber attack, including what ransom was demanded by the attackers, and whether that ransom was paid by the state.

โ€œThe state remains committed to transparent communication and will share a final update once all efforts have been successfully completed,โ€ said Meny in the statement.

Moody from UNLV says itโ€™s not surprising there hasnโ€™t been additional information released. Nevada is working with the U.S. Department of Homeland Securityโ€™s Cybersecurity and Infrastructure Security Agency and the FBI on the investigation, and one or both of those agencies is likely the lead, he says.

It takes a lot of time and effort to retrace electronic actions, says Moody, and investigators must preserve evidence for possible prosecution.



โ€œIt makes the process go slower,โ€ he added.

Meny, for the governorโ€™s office, emphasized that the state still โ€œhas not seen evidence of any constituent PII (personally identifiable information) being compromised in this attack.โ€

He added, โ€œAs Governor Lombardo has previously said, if investigators eventually discover otherwise, the state will follow Nevadaโ€™s strict statutes about personal data breaches by notifying any affected individuals promptly and providing resources to help protect them.โ€

The state has previously said that data was exfiltrated โ€” meaning taken off the stateโ€™s system and moved elsewhere. But it has not said what that data entailed.

Moody notes Nevada Revised Statute includes a strict definition for โ€œpersonal information.โ€ To meet the definition, the data must include a full or partial name as well as another element, such as a driverโ€™s license number or password information.

If the information was encrypted, it would not meet the state definition, he added, because thereโ€™s โ€œsome reasonable assuranceโ€ that attackers would not have access to it.

Moody says the attackers could have gotten information that does not meet the stateโ€™s definition of personal identifiable information, or they could have been exploring how the stateโ€™s centralized IT system is set up in hopes of replicating an attack elsewhere.

โ€œWho knows,โ€ he said, โ€œUntil we know the hacker and the motivation itโ€™ll be hard to know what they were looking for.โ€

Lombardo in an earlier press conference has described the incident as a ransomware attack, and he has suggested the motivation was a financial ransom.

While some states have passed laws banning the paying of such ransoms, Nevada has no such law.



โ€œThey could have cut a deal or paid a ransom,โ€ said Michael Leonard, a former IT professional and publisher of Mikeโ€™s Reno Report whoโ€™s been following the cyberattack. โ€œโ€˜Keep quiet and weโ€™ll give you money.โ€™โ€

Leonard is critical of the lack of info, acknowledging that while the investigation must be taken into account, the state still needs โ€œto come forward with enough information to ensure us theyโ€™re investigating and credible.โ€

He suspects the silence is as driven by politics as much as by the investigation itself.

โ€œI would say itโ€™s equal motivation,โ€ said Leonard. โ€œTo protect the reputation of government officials and elected officials.โ€

โ€œThere are unanswered questions and we should be asking them,โ€ he added.

Lombardo is up for reelection next year and considered one of the most vulnerable governors in the nation. Candidate filing does not begin until March, but Attorney General Aaron Ford is currently considered the frontrunner to challenge him, though Ford faces a Democratic primary first.

Democratic legislative leaders expressed criticism of Lombardo in the days immediately after the cyberattack but have remained relatively quiet on the issue since.

Assembly Speaker Steve Yeager on Sept. 9 announced he would form a legislative working group on cybersecurity. His caucus did not respond to the Currentโ€™s request Thursday for an update on that effort.

This content is courtesy of, and owned and copyrighted by, https://www.nevadacurrent.com and its author. This content is made available by use of the public RSS feed offered by the host site and is used for educational purposes only. If you are the author or represent the host site and would like this content removed now and in the future, please contact USSANews.com using the email address in the Contact page found in the website menu.



Source link



OnGo247
New 100% Free
Social Platform
ONGO247.COM
Give it a spin!
Sign Up Today
OnGo247
New 100% Free
Social Platform
ONGO247.COM
Give it a spin!
Sign Up Today