Loading...

Image: skeeze on Pixabay

Las Vegas city officials said they had barely avoided a major security incident that occurred on Tuesday, January 7.

According to a statement published by the city on Wednesday, the compromise took place on Tuesday at 4:30 AM.

The city said IT staff immediately detected the intrusion and took measures to protect affected systems. The city responded by taking various services offline, including the public website, which is still unavailable at the time of writing.

Municipal officials did not disclose details about the nature of the incident, but local press reported that it might have been an email delivery vector.

In a subsequent statement published on Twitter on Wednesday, the city confirmed that it “resumed full operations where all data systems were functioning normally”.

“Thanks to our software security systems and rapid action by our IT staff, we have been lucky enough to prevent what could be a devastating situation,” it said.

“We don’t believe any data was lost from our systems and no personal data was collected. We don’t know who was responsible for the compromise, but we will continue to look for possible clues,” the city added.

We do not believe that data has been lost from our systems and that no personal data has been copied. It is unclear who was responsible for the compromise, but we will continue to look for possible indications.

– City of Las Vegas (@CityOfLasVegas) January 8, 2020

Since this is supposed to be an email-based compromise, the type of attack that the city avoided can be anything from something as complex and dangerous as a ransomware infection that was triggered after an employee opened a booby-trapped email, to something as mundane as a phishing attempt that tried to get the login information from an employee.

All in all, Las Vegas officials can happily praise themselves, especially if this was an attempt to infect the city’s network with ransomware.

Major American cities such as Atlanta, Baltimore and more recently New Orleans have contracted ransomware infections in the last two years and needed all months to recover, and paid millions of dollars to secure and rebuild IT networks.