A ransomware attack has caused the suspension of computer systems and websites for Virginia legislative agencies and commissions, including the Division of Capitol Police and the Division of Legislative Services, which is preparing bills and resolutions for the forthcoming General Assembly session.
The attack started on Sunday at the Department of Legislative Automated Systems and has now expanded to practically all legislative branch websites, with the exception of the Legislative Information System on the General Assembly website. It has had no effect on state executive branch agencies.
Virginia Governor Ralph Northam's spokesperson, Alena Yarmosky, said the governor has been briefed about the attack. The incident was communicated to the state's legislative leaders through email, who were informed that hackers attacked the state's computers.
“Currently the bad guys have most of our critical systems locked up except for LIS,” Dave Burhop, director of the legislative IT agency, informed Senate and House of Delegates early on Monday morning. Capitol Police's website is unavailable, although spokesperson Joe Macenka stated that, "All of our critical communication systems are fine."
The attack employs ransomware, which a criminal organization implants in vital computer systems in order to extract money. The governor's office and Burhop both confirmed that the state had received a ransom note, but neither said what it contained. “The bad guys have left us a ransom note but details are scant and no amount of ransom has been specified yet,” Burhop said in the email to the House and Senate clerks.
According to Senate Clerk Susan Schaar, the Department of Legislative Automated Services is collaborating with the Virginia Information Technologies Agency to resolve the problem. VITA provides assistance to approximately 60 agencies in the executive department of state government. The legislative IT sites are managed separately from the executive branch sites by the Department of Legislative Automated Systems, according to Yarmosky. “As such, VITA has very little knowledge of the system and security architecture or tools in place to address cyber-attacks.”
The Virginia Defense Force and the Virginia Department of Military Affairs reported in September that they were victims of a cyberattack in July. Attacks on local governments at the city, country, and state levels have netted ransomware groups millions of dollars. Experts say, at least 2,354 governments, healthcare facilities, and schools in the United States were hit with ransomware in 2020, according to The Washington Post.