Is this email difficult to read? View it in a web browser. ›
The Wall Street Journal ProThe Wall Street Journal Pro

CybersecurityCybersecurity

Sponsored by Zscaler logo.

What to Learn From Nevada's Ransomware Attack

By Kim S. Nash
 

Hello. Post-mortem reports on cyberattacks are largely secret and even closely held within the victim company. 

But reports studying how a local government handled a hack are often made public, to uphold accountability to residents. These accounts can be good reading, with useful intelligence and lessons learned. 

Take the "after action report" from Nevada's technology office about what happened during and after a ransomware attack detected Aug. 24 that disrupted 60 state agencies, some for 28 days. Info Tech Research Group came in to dissect the incident, top to bottom. Its report is pretty revealing about what went wrong, tracing the problem to a state employee months earlier downloading malware from a spoofed site. He thought he was grabbing a legitimate administration tool. 

The report also lays out what went right, including highly orchestrated internal meetings during recovery, prior funding for cyber insurance and muscle memory from annual incident-response simulations. Recommended reading. 

More news below. 
 

‏‏‎ ‎
CONTENT FROM: ZSCALER
Why CIOs Are Adopting A Cafe-like Branch Architecture

Ransomware attacks often start with one compromised user — a single user in a branch can infect everything on your network. This is facilitated by an underlying design principle of MPLS and SD-WAN — lateral movement. Zscaler CEO Jay Chaudhry explains why CIOs are embracing cafe-like branches to stop ransomware, increase business agility and reduce cost.

It’s time to embrace cafe-like branches

 

More Cyber News

PHOTO: PABLO MARTINEZ MONSIVAIS/AP

Oracle hack ensnares the Washington Post. The media company said Thursday it was "impacted" by the early October breach of the Oracle E-Business Suite platform, without providing details. The statement came after the Clop ransomware group said online that the Washington Post was a victim. (Reuters)
  • Harvard University and the Envoy Air unit of American Airlines have said they are victims of the Oracle cyberattack. 

U.S. Congressional Budget Office confirmed Thursday that it was breached in recent days by a suspected foreign hacker. Concerns have grown about whether email between Congress and the office was accessed. The office has beefed up security, a spokeswoman said. (Washington Post)

Cyber company SonicWall said state-sponsored hackers have targeted its cloud-backup systems. This incident is separate from a ransomware attack on SonicWall's edge devices. 

  • Chief Executive Bob VanKirk explained in a video what the company is doing to better protect its products and services. (Cybersecurity Dive)

Connected cars collect more data than the average driver knows, including how people interact with their vehicles and information from various embedded tech systems. Car makers are often unclear about how they use the data or who they trade or sell it to. Consumers can take steps to close down at least some avenues of data leakage. (Associated Press)
 

About Us

The WSJ Pro Cybersecurity team is Deputy Bureau Chief Kim S. Nash and reporters Angus Loten, James Rundle and Catherine Stupp. Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.

 
Share this email with a friend.
Forward ›
Forwarded this email by a friend?
Sign Up Here ›
 
Desktop, tablet and mobile. Desktop, tablet and mobile.
Access WSJ‌.com and our mobile apps. Subscribe
Apple app store icon. Google app store icon.
Unsubscribe   |    Newsletters & Alerts   |    Contact Us   |    Privacy Notice   |    Cookie Notice
Dow Jones & Company, Inc. 4300 U.S. Ro‌ute 1 No‌rth Monm‌outh Junc‌tion, N‌J 088‌52
You are currently subscribed as [email address suppressed]. For further assistance, please contact Customer Service at pro‌newsletter@dowjones.com or 1-87‌7-975-6246.
Copyright 2025 Dow Jones & Company, Inc.   |   All Rights Reserved.
Unsubscribe