What just happened? Las Vegas almost became the latest city to suffer a serious cyberattack—and in the middle of CES. Officials say that a major security incident took place at 4:30 AM on Tuesday, which forced staff to take several services offline, including its public website.
ZDNet writes that city IT staff were quick to spot the attack and were able to take steps that protected impacted systems. While officials haven’t revealed the exact nature of the breach, local reports say it likely occurred through an email, which suggests it could have been a phishing scheme or a ransomware attack.
On its official Twitter account, the City of Las Vegas wrote that it didn’t believe any data was lost from its systems and that no personal data was taken. It still doesn’t know who was responsible for the compromise, but “will continue to look for potential indications.”
"Thanks to our software security systems and fast action by our IT staff, we were fortunate to avoid what had the potential to be a devastating situation,” reads the statement, which adds that all data systems are now functioning as normal.
We do not believe any data was lost from our systems and no personal data was taken. We are unclear as to who was responsible for the compromise, but we will continue to look for potential indications.— City of Las Vegas (@CityOfLasVegas) 8 January 2020
Had this been a successful ransomware attack targeting the city networks, it could have potentially caused chaos at the world’s biggest consumer electronics show.
Ransomware has become many hackers’ weapon of choice over the last few years, especially when it comes to hitting US city and state governments. Louisiana has fallen victim twice, while Riviera Beach, Florida, voted to pay $600,000 for a decryption key. Another Florida location, Lake City, paid around $500,000 in bitcoins to regain access to its systems.
As of October last year, there were 81 incidents of ransomware affecting local US governments.