Virginia General Assembly's IT unit hit by ransomware attack
The information technology unit for Virginia’s General Assembly has been hit by a ransomware attack, which barred legislators and staff from accessing the system that handles bills.
Alena Yarmosky, a spokesperson for Gov. Ralph Northam's (D-Va.) office, told The Hill said in a statement on Tuesday that the cyberattack targeted the legislative branch’s Division of Legislative Automated Systems. That agency represents the Virginia General Assembly for affairs involving “computer technology, legislative information collection and dissemination, and publication production and distribution,” per the group’s website, as cited by The Washington Post.
As of Tuesday morning, The Hill was unable to access the website. The Post first reported on the ransomware attack on Monday.
Yarmosky said Northam has been briefed on the situation and “directed relevant Executive Branch agencies to work quickly to offer any help in assessing and responding to this ongoing situation.”
She added that the cyberattack had been “very impactful to their business operations,” noting that “they have been cut off from most of their critical systems.”
Legislators and staff were unable to access the system that handles requesting, drafting and modifying bills, a legislative staffer who had been briefed by a senior IT official told the Post.
The unnamed staffer said, “You can’t do anything with legislation right now,” and predicted that addressing the situation “will likely not be a quick fix.”
“This could potentially take a few days … trying to assess everything that is compromised and what isn’t,” the staffer added.
The attack also impacted the Virginia Law Portal, which makes online versions of the state law and Constitution available, according to the Post, and the Virginia Capitol Police's website.
The police department's website was down as a result of the cyber incident, but a spokesperson said the department itself was still functioning.
“Capitol Police do still have communications capabilities,” spokesperson Joe Macenka said, according to the Post. “We’re still up and running. We’re fine, there are no issues on that end. We’re still operational.”
The General Assembly's IT agency shuttered operations on the majority of its servers in an attempt to stop the attack from spreading further, according to Yarmosky.
Virginia is working with the cybersecurity firm Mandiant to help handle the cyber breach. Company spokesperson Melanie Lombardi told The Hill on Tuesday that “Mandiant is working the incident response engagement.”
The breach comes one month before the General Assembly is set to begin its session, which is a busy time for legislators, the Post noted.
The U.S. has seen a number of ransomware attacks on various companies this year, including Colonial Pipeline and meat producer JBS USA.