LAS VEGAS (KLAS) — Extra particulars in regards to the cyber assault that crippled statewide laptop techniques for almost a month had been launched by Gov. Joe Lombardo’s workplace on Wednesday afternoon.
Amongst these particulars, the investigation by the Governor’s Know-how Workplace into the cyberattack discovered that “the threat actor infiltrated the system as early as May 14, 2025, when a state employee unknowingly downloaded a malware-laced system administration tool from a spoofed website.” The software put in a hidden backdoor, permitting the attacker to put in monitoring software program on a number of techniques and compromise consumer accounts.
8 issues to know in regards to the Nevada ransomware cyberattack
The After Motion Report for the 2025 Statewide Cyber Incident discovered that by mid-August, the attacker had moved throughout crucial techniques, accessing delicate directories and even the password vault server. On Sunday, Aug. 24, the attacker deployed ransomware, crippling statewide laptop techniques, impacting greater than 60 state businesses, together with the DMV, state healthcare entry, and public security.
DMV reviews ‘experiencing issues’ with processing licenses after reporting “100%” reopened
The report additionally famous that “The State of Nevada decided not to pay the ransom demanded by the threat actor.” No particulars on the ransom calls for had been supplied. It value the state round $1.3 million in exterior vendor help through the assault, which was cheaper and extra strategic than paying the ransom, in accordance with the report.
GTO Statewide Cyber Occasion AAR FinalDownload
Between Aug. 24 and Sept. 20, the report stated the state paid greater than $210K in extra time to some 50 staff working to resolve the difficulty, stating it was inexpensive than paying contractors to do the work. The state recovered about 90% of the impacted information.
For the reason that cyberattack, the state has reported reviewing and strengthening its techniques, together with deploying new safety instruments for cyber protection.
“Looking ahead, the State recognized that cybersecurity is a continuous journey, not a one-time achievement,” the report said.
