Whoever came up with the slogan, "What happens in Vegas stays in Vegas," wasn't prepared for a cyberattack. But that's what happened in the early morning hours on Tuesday, when the team monitoring computers for the City of Las Vegas detected it had been "compromised."
The city, which tweeted about the attack, didn't say which systems were affected or how the attack happened, though the Las Vegas Review-Journal reported it may have been an email attack. But its timing couldn't have been worse.
As the attack was underway, Las Vegas was gearing up for the official start of CES, formerly known as the Consumer Electronics Show. The annual event is the largest show of the year for the tech industry and one of the biggest conferences in the US. Last year, CES drew more than 175,000 people and 4,400 exhibiting companies. More than half of Fortune 500 companies participate, including the tech giant Samsung, which this year showed off its 292-inch TV nicknamed The Wall, a robot "companion" called Ballie and new artificial intelligence technology from a subsidiary called Neon, among other things.
The attack came as cities across the country suffer from an onslaught of hacks that are usually designed to hold computer systems for ransom. More than 70 state and local governments in the US were attacked last year, according to IT security company Barracuda Networks. Governments are prime targets, making up two-thirds of all known ransomware attacks in the US last year. Malware has also hit hospitals, businesses and universities.
The effects can be "cataclysmic," as one New York official said, potentially gumming up communications, cutting off access to important files and slowing city offices for managing permitting, regulation and more. Local governments have often chosen to pay hackers to get back access to their systems, rather than spend potentially millions of dollars rebuilding the lost information.
The Vegas city government appears to have caught the attack early. Within a day, the government said its security and IT staff had avoided "what had the potential to be a devastating situation." The city said it doesn't believe any data was lost from its systems, nor was any data taken.
David Riggleman, communications director for the city government, said in a statement that they still don't know who was responsible for the attack.