After it was noticed late on Sunday, the Virginia General Assembly (VGA) became one of the many local governments that have been hit with ransomware in 2021, but the first state legislature. Initial analysis determined that the attack affected the Division of Legislative Automated Systems (DLAS) and caused the system to be taken offline. Eventually, the issue caused other systems to go offline as well, which has prevented legislators from using many resources. A ransom note has been received, but the requested amount has not been specified. Additionally, other entities like the Virginia Law Portal and the Virginia Capitol Police have also been affected, but to a less serious extent. This attack has come at a crucial time as the state will have a new governor in January. It is unclear whether the attacker had that in mind or not, but the attack could have been carried out to cause commotion leading up to the inauguration.
Analyst Notes
Other government groups and third-party security providers are working with the VGA to resolve the issue. It is unclear if the ransom will be paid or not, but comments made by Dave Burhop, the Director of the legislative IT Agency, indicate that the threat actors may have access to their backups as well, which leaves restoring out of the question.
https://www.databreachtoday.com/virginias-legislative-branch-hit-ransomware-attack-a-18125
