[ad_1]
RICHMOND — State officials said Monday that the information technology agency that serves Virginia’s legislature has been hit by a ransomware attack that significantly impacted its operations.
Alena Yarmosky, spokesperson for Governor Ralph Northam, confirmed the attack on Virginia’s Legislative Automated Systems Division. In a brief statement to The Associated Press, Yarmosky said the governor had been briefed on the matter and directed the executive branch to offer assistance in “evaluating and responding to this ongoing situation.”
This Legislative Automation Systems Division, or DLASis the IT agency of the General Assembly. The timing of the attack is particularly problematic as lawmakers and staff prepare for the legislative session that begins in January.
The attack marks the latest in a ransomware scourge that exploded last year with attacks on governments, critical infrastructure and large corporations.
Cybersecurity researchers tracking ransomware say there is no previous record of a state legislature being hacked.
“This continues to show that no organization is safe from ransomware attacks. “Anybody can be shot anywhere,” said Allan Liska, an intelligence analyst at cybersecurity firm Recorded Future.
Hackers using “highly sophisticated malware” had accessed the system late Friday, a senior agency official told Virginia legislature leaders in an email received by the Associated Press.
A ransom note was sent with no specific amount or date, according to the email sent by Dave Burhop on Monday afternoon.
Burhop wrote that the agency is working with authorities to “determine the extent of the problem and plan for possible remediation.” All of the agency’s internal servers were affected, including the drafting of the bill, the budget system, and the General Assembly voicemail system, the email said.
“We can’t do much,” Senate Clerk Susan Clarke Schaar told the Richmond Times-Dispatch.
Burhop’s email said his agency was collaborating with law enforcement, including the FBI. An FBI spokesperson declined to comment.
The email also said that cybersecurity firm Mandiant has been held back over the summer for a “breach” involving the use of an employee’s credentials and is assisting with the investigation. A company spokesperson declined to comment.
“After the upcoming meetings, we will provide this leadership group with additional information, including a plan of action, but please understand this will not be resolved quickly,” Burhop wrote, who was not immediately available for further comment.
Brett Callow, a threat analyst at Emsisoft, said Virginia is the 74th state or local government affected by ransomware attacks this year, but the first legislature it has ever seen has been hacked.
“Honestly, I’m surprised this didn’t happen sooner,” Callow said.
Liska said it’s not uncommon for ransomware gangs to try to devote time to attacks with maximum pain to targets, as some hackers do to school districts at the start of a school year.
“They’re smart enough to do that,” he said.
website for Division The Capitol Police were also overthrown as a result of the attack. But a spokesperson said the agency is operational without impacting critical communications functions.
Despite DLAS A VITA spokesperson said it did not fall under the remit of the Virginia Information Technology Agency, which oversees IT for the state’s executive branch, but also assisted the agency’s response efforts.
[ad_2]
Source link