(The Center Square) – Nearly four weeks after a statewide cyberattack shuttered government websites and services, Gov. Joe Lombardo announced the recovery process is nearing completion.
For his third public address of the issue, Lombardo gave an update on the general state of Nevada government websites and security steps the state was taking – including a mass password reset.
No criminal in the cyberattack was identified, and it remains unclear if personal information was stolen.
“ From the very beginning, I have been clear our top priority is restoring services that Nevadans depend on every day. That has not changed,” said Lombardo at a news conference Friday. “This kind of recovery is never easy. It requires patience, precision and constant vigilance. But I want Nevadans to know we are making real headway, and every day brings us closer to full restoration.”
Lombardo reported the state’s firewall to protect its online security system has faced a 300% increase in attacks since the recovery process began on Aug. 24, the day that the state government discovered the cyberattack.
To deal with the cyberattack, the state recently did a systemwide password reset to rid bad actors from the system. The minimum password strength was also increased, as well as multifactor authentication, which is when a login attempt must be verified on a separate device.
“ None of these technical recovery processes are simple, but they are working,” said Lombardo.
The Nevada Department of Motor Vehicles is now fully online, with the restoration of some services that were down last week.
“The remaining few services (on state government websites) that are not back online will continue to be prioritized for restoration in order of public safety and constituent impact,” said Lombardo.
The state government is still working through these leftover public-facing services, with Lombardo saying he was not sure of exactly what was left to restore. “I don’t have that information in front of me.” But he added that much of it is: “Key components of our entire system that require more due diligence before they’re released.”
Across the four-week investigation, there is still no evidence of any personal information having been leaked, Lombardo said.
The Republican governor said he would not answer any questions about the identity of the attackers or anything about the federal investigation into the cyberattack.
