Virginia legislative agencies and commissions hit with ransomware attack
A ransomware attack has hit agencies and commissions within the Virginia legislature, according to a statement from the governor's office to the Associated Press.
Alena Yarmosky, spokesperson for Virginia Governor Ralph Northam, said the governor has been briefed on the attack, which currently affects Virginia's Division of Legislative Automated Systems, the General Assembly's IT agency. Yarmosky did not respond to requests for comment about the specifics of the attack.
Legislative leaders in the state were emailed about the incident and told that hackers attacked the state systems on Friday. The attack took down the website for the Division of Capitol Police, and all of the internal systems for bill drafting or bill referrals were hit hard during the ransomware incident, according to The Associated Press.
The Assembly's voicemail system was down, and many of the systems involved in budgeting were disrupted due to the attack. The Virginia Law Portal is also down because of the attack.
The FBI and other law enforcement agencies are now involved. Cybersecurity firm Mandiant took to Twitter to confirm that they are assisting in response to the incident.
Yarmosky told The Washington Post that the ransom note received by the agencies provided little information. Most of the organization's servers were shut down to stop the spread of ransomware.
The Richmond Times-Dispatch reported that the attack began at the Department of Legislative Automated Systems on Sunday before spreading to "almost all legislative branch websites." The only things spared were the Legislative Information System on the General Assembly site and the executive branch agencies.
In September, the Virginia Defense Force and the Virginia Department of Military Affairs revealed that a cyberattack impacted them in July.
Ransomware groups have made millions from attacking local governments at the city, county and state levels. Experts told The Washington Post in August that for 2020, at least 2,354 governments, healthcare facilities and schools across the US were hit with ransomware.
Dozens of local governments have opted to pay ransomware actors to get their systems back. After being attacked by the Ryuk/Conti gang, Jackson County, Georgia; Riviera Beach, Florida; and LaPorte County, Indiana, paid ransoms ranging from $130,000 to nearly $600,000.