The U.S. Cybersecurity and Infrastructure Security Agency (CISA), alongside public and private sector partners, is working with Nevada officials to respond to an August 24 cyberattack that disrupted essential state services. While the investigation into the Nevada cyberattack continues, CISA is prioritizing the restoration of networks supporting lifesaving and critical services, as well as the rebuilding of affected systems.
The nation’s lead cybersecurity agency provides integral cybersecurity support at the state and local levels in enhancing operational collaboration, strengthening defenses, and directing resources for maximum impact. The agency has cybersecurity experts embedded in communities nationwide, offering various no-cost services to protect governments’ networks and critical services.
“As America’s cyber defense agency, CISA is leading federal coordination with our state and local partners to restore necessary critical services as the state of Nevada responds to and recovers from this incident,” Madhu Gottumukkala, Acting CISA Director, said in a Wednesday media statement. “CISA is fully committed to providing cybersecurity services and expertise to the state of Nevada as long as necessary. This unified response is an example of operational collaboration in real time.”
“Sunday evening, CISA immediately engaged with state officials to assess the situation and offer any support needed at no cost,” the CISA release added.
At the state’s request, CISA’s Threat Hunting teams are actively examining state networks to identify the full scope of the situation and mitigate any threats. CISA’s work is part of a broader unified effort to support Nevada’s response and recovery. The agency advised on the Federal Emergency Management Agency’s (FEMA) emergency response grants and other available assistance. Additionally, the Federal Bureau of Investigation (FBI) is assisting in the investigation.
The Nevada cyberattack forced state offices to close for two days this week and disrupted some state websites and phone lines, the governor’s office said Tuesday. Agencies will announce when in-person services resume, according to the technology office of Gov. Joe Lombardo, whose own website was affected.
The origins of the Nevada cyberattack are still under investigation. While no specific hacker group has claimed responsibility, similar incidents in the past have been linked to financially motivated ransomware gangs. State officials are working with federal partners to determine the full extent of the data breach and assess any potential compromise of personal information.
While officials withheld technical details to protect internal systems, news reports have identified that there is no evidence that personal information was compromised, and emergency services remained operational. State employees were placed on administrative leave on Monday. Many returned Tuesday, with the remainder gradually resuming work as systems come back online.
CISA’s involvement underscores the importance of a unified, federal-state partnership in responding to cyber incidents. As the situation develops, ongoing collaboration between CISA, state officials, and federal agencies will be crucial in restoring Nevada’s critical services and enhancing resilience against future cyber threats.
