Virginia local congress suffers massive ransomware infection

Alena Yarmosky, spokesperson for the government of Virginia, US, has confirmed that some systems within the state legislature have been affected by what appears to be a ransomware attack. Yarmosky says Gov. Ralph Northam is already aware of the infection, detected in the Division of Automated Legislative Systems, the IT agency of the State Congress.

An email received by members of Congress said the attack was detected last Friday and led to the complete shutdown of the Capitol Police Division website, as well as disrupting internal systems for drafting bills and other lawmakers’ own work. In addition to these interruptions, the Assembly’s voicemail system and many other administrative systems are down as a result of the intrusion.

The incident is already being investigated by outside cybersecurity specialists and the Federal Bureau of Investigation (FBI), although it is believed that this will not be an easy task because threat actors have exposed as little information as possible to victims, even the ransom note includes minimal details.

A hypothesis about the attack suggests that the infection began at Automated Legislative Systems sometime last weekend, spreading soon after. So far, it is known that the only areas of the system that have not been affected are the Legislative Information System and the offices of the executive branch of the state congress.

Ransomware operators have made millions of dollars attacking local governments in the U.S. Specialists estimate that, by the end of 2020, at least 2,350 government offices, health centers and public schools in the U.S. had suffered such an infection. Besides, this is a constantly growing trend and the cybersecurity community thinks organizations can simply train to address such incidents, as the possibility of becoming ransomware victim at some point is way too high.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.