Chris Lange, FISM News
The operations of two government agencies in Virginia have been crippled by separate cyberattacks occurring just days apart.
State officials on Sunday reported a ransomware attack targeting the information technology systems of the General Assembly, according to AP News. The attack, which occurred late Friday, barred staff and legislators from using software necessary to secure the Capitol and other governing agencies, operate computer services for the assembly, and draft legislation. The incident occurred only weeks ahead of the legislature’s biennial 60-day session during which time lawmakers determine the state’s budget for the next two years.
The state police Bureau of Criminal Investigation’s High Tech Crimes Division, with the help of the FBI and the Virginia Information Technologies Agency, has launched an investigation into “the scope of the intrusion,” according to Brian Moran, secretary of Public Safety and Homeland Security.
David Burhop, director of the Department of Legislative Automated Services, said hackers used “extremely sophisticated malware” in perpetrating the cyberattack, which occurred late Friday, adding that the perpetrators included a ransom note “with no specific amount (or date) to get our data back.” Burhop said the servers of all internal computers of the legislative agencies, “including bill drafting, our regulatory system, budget system, file servers and General Assembly voicemail,” were affected.
On the heels of the General Assembly IT breach, Virginia’s Department of Behavioral Health and Developmental Services on Tuesday reported yet another ransomware attack, this time targeting the Ultimate Kronos Group, a cloud-based human resources management company the agency uses to process and manage staff payroll, according to the Richmond Times Dispatch.
“At this time, we do not know if this is related to the ransomware attack over the weekend on Virginia’s legislative agencies,” said Lauren Cunningham, a spokesperson for the state agency. “There is no indication that information was compromised or that any DBHDS systems have been compromised, but it is clear that the operation of the KRONOS system has been paralyzed.” Despite the attack, Cunningham says staff will be paid on time.
No suspects have been named in either attack.
The incidents mark the latest in a string of cyberattacks in recent months targeting governments, critical infrastructure, and multiple major corporations across the globe. FISM previously reported that the U.S. Cybersecurity and Infrastructure and Security Agency and the FBI issued a joint statement last month urging businesses and entities that operate in areas of critical infrastructure to take added precautions to protect against cyberattacks as the holidays approach, citing a marked uptick in attacks.