RICHMOND, Va. (AP) – The information technology agency that oversees Virginia’s lawmakers is still working to fix issues caused by a ransomware attack earlier this month, state officials said Tuesday.
The attack severely disrupted operations and occurred during preparations for a legislative term due to begin on January 12.
Dave Burhop, executive director of Virginia’s Division of Legislative Automated Systems, told The Associated Press in an email that the agency’s “goal is to get the general assembly meeting as operational as possible.”
“Our engineering, investigative, and administrative teams have worked tirelessly,” Burhop wrote.
Burhop said that a full forensic analysis generally takes several weeks to complete. And he said he hoped the first analysis would be completed shortly after the New Year.
“To this day, these teams continue to carry out a meticulous forensic analysis of our systems, servers and all connection points around the clock,” wrote Burhop on Tuesday.
The Division of Legislative Automated Systems (DLAS) is the IT agency of the General Assembly. The attack is the latest in a ransomware scourge that exploded over the past year with attacks on governments, critical infrastructure, and large businesses.
Cyber security researchers tracking ransomware said earlier this month that there was no previous record of an attack on a state legislature.
In an email The Associated Press received last week, a senior agency official said that hackers using “extremely sophisticated malware” accessed the system on December 10th. According to the email, a ransom note was sent with no specific amount or date.
All internal servers of the agency are affected, including those for the draft laws, the budget system and the voicemail system of the general assembly, it said in the email.
“Anything to do with drafting laws or referring to laws – all of that is affected,” Senate Secretary Susan Clarke Schaar said earlier this month.
Brett Callow, a threat analyst with Emsisoft, said Virginia was the 74th state or local government to be hit by ransomware attacks this year, but the first legislature he’d ever seen attacked.
“To be honest, I’m surprised it never happened,” Callow said.