"Virginia Reeling from Ransomware"
Virginia is fighting cyber-fires on two fronts after ransomware attacks affected its state legislature and an agency within its executive branch. In a cyberattack that struck on the evening of December 12, critical IT systems under the Division of Legislative Automated Systems (DLAS) were rendered inaccessible. The attack was focused on certain internal servers, impacting the General Assembly voicemail server and the General Assembly’s Legislative Information System (LIS) portal, which allows lawmakers to draft bills and track legislation. Most of the websites for Virginia’s legislative agencies and commissions, including the Division of Legislative Services and the Division of Capitol Police, were later forced offline by the attack. A spokesperson confirmed on Monday that ransomware was to blame. DLAS director Dave Burhop said on Monday that while a ransom note had not yet been sent, Virginia was considering alternatives to paying a ransom, including restoring their system using backups. However, Burhop noted that the backups might also have been compromised in the attack. By Tuesday, the ransomware attack had spread to other agencies, the Joint Legislative Audit and Review Commission’s website, and the Virginia Law Portal, an online database containing Virginia’s constitution and state code.