The officials from the city of Las Vegas stated that they narrowly avoided a major security incident that took place on January 7.
The city said IT staff immediately detected the intrusion and took necessary measures to protect the affected systems. The city took several services offline, including its public website.
The officials have not disclosed any details about the nature of the incident, but according to some local press, it might have involved an email delivery vector.
The city published on Twitter that they have resumed full operations with all data systems functioning as normal. They also acknowledged the software security systems and the IT staff for their fast actions and stated that they were fortunate to avoid what could have been a devastating situation.
They also added that no data was lost from their systems and no personal data were compromised. However, they are not sure of who was responsible for the attack.
As it is considered to be an email-based compromise, the attack could be sometimes a complex and dangerous one like a ransomware infection that triggered after an employee opened a boobytrapped email, or a phishing attempt that tried to get an employee’s credentials.
Las Vegas officials can consider themselves lucky, especially if this was an attempt to infect the city’s network with ransomware.
Major US cities like Atlanta, Baltimore, and more recently New Orleans have suffered ransomware infections over the past two years. It would take months to recover from such an attack and would cost millions of dollars to secure and rebuild IT networks.