US Cyber Defense Agency Deploys Support to Nevada Following Ransomware Incident
The U.S. cyber defense agency is providing incident response support to Nevada following a cyberattack that disrupted local agency systems, amid signs of a surge in ransomware and data theft affecting cities and counties.
See Also: Post-Quantum Cryptography – A Fundamental Pillar in the Future of Cybersecurity [ES]
The Cybersecurity and Infrastructure Security Agency said Wednesday it is helping restore networks “for lifesaving and critical services and rebuilding its systems” after a ransomware knocked out access to certain state websites, online portals and office phone lines. Nevada’s technology office implemented temporary routing and operational workarounds to maintain public access while restoring systems and investigating the breach, according to a press release (see: Nevada State Offices Halt Services After Cyber Incident).
Cyberattacks on local government entities often trigger urgent, costly responses and highlight the financial, operational and data privacy fallout of digital security incidents, said James Turgal, vice president of global cyber risk at Optiv and former executive assistant director of the FBI’s IT branch.
Cyberattacks on local governments create public safety risks, financial crises and operational breakdowns “all while eroding public trust in the government’s ability to function and protect its citizens,” Turgal told Information Security Media Group. “The combination of increasing attacks and detrimental consequences make local government cybersecurity a pressing issue nationwide.”
Cyberattacks targeting state and local governments have grown since 2021, according to most research. Although some studies show a slight decline in cyberattack rates in 2024, state and local entities are paying more each year to recover from incidents.
Many of the details surrounding the Nevada cyberattack are unclear – but the fact that the state had to lean on CISA and the FBI indicates “this wasn’t something their own IT teams could work through,” according to Marijus Briedis, chief technology officer at NordVPN.
“Cybercriminals love targeting state governments,” Briedis said. “They know these networks store everything from licenses to tax records, yet often run within thinner security budgets than big federal agencies.”
The Trump administration has steadily cut critical cybersecurity resources for state and local governments, eliminating funding for threat-sharing hubs and slashing nearly one-third of CISA’s workforce. Analysts say the combined actions have weakened coordination, with staff at ISACs reporting receiving far less threat data from CISA and the FBI in recent months (see: How Trump’s Cyber Cuts Dismantle Federal Information Sharing).
Analysts told ISMG that cybercriminals and foreign adversaries may see weakened federal oversight and the growing cybersecurity burden on states as an opportunity to strike. In early August, a coalition of local government groups urged Congress to restore funding for the Multi-State Information Sharing and Analysis Center, warning that its loss would leave rural and small communities especially vulnerable to cyberthreats.
The loss of funding “will lead to gaps in critical security services, making state and local governments more susceptible to cyberattacks, undermining public trust and safety,” the letter read.