The Virginia General Assembly has been hit by a ransomware attack affecting key legislative systems as legislators and staffers prepare for the 2022 session that begins on January 12. Multiple state agency websites were offline Monday afternoon.
The Legislative Information System (LIS), which hosts legislation and the Code of Virginia, warned in an error message, “We’re experiencing a service outage with some of our servers. The Budget Portal, Law Portal, Reports to the General Assembly, and some other data may not be accessible. Our team is currently working to restore the service. We apologize for any inconvenience.”
The same group of Russian hackers behind the December 2020 SolarWinds attack are targeting companies in the U.S. technology supply chain, according to a Monday report released by Microsoft.
Russian hacking group Nobelium is targeting cloud infrastructure companies and information technology software resellers in an attempt to gain access to these companies’ customers, according to Microsoft’s research. Microsoft believes Nobelium to be the same group responsible for the SolarWinds hack in late 2020 that affected multiple Cabinet-level agencies, federal contractors and critical infrastructure companies.
“This recent activity is another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling – now or in the future – targets of interest to the Russian government,” Tom Burt, Microsoft’s vice president for customer security and trust, wrote in the report.
Representatives Abigail Spanberger (D-VA-07), John Katko (R-NY-24), and Andrew Garbarino (R-NY-02) co-introduced a bill directing the designation of systemically important critical infrastructure.
“Earlier this year, Central Virginia families and businesses felt the serious impacts of the cyberattack on the Colonial Pipeline. In our communities, we saw how critical infrastructure — such as the Colonial Pipeline — plays a fundamental role in our daily lives and in the day-to-day success of our regional economy,” Spanberger said in a Thursday press release.
Russian President Vladimir Putin denied that he was behind the recent cyberattacks across the United States, calling the allegations against him “farcical.”
“We have been accused of all kinds of things,” Putin told NBC News Monday. “Election interference, cyberattacks and so on and so forth. And not once, not once, not one time, did they bother to produce any kind of evidence or proof. Just unfounded accusations.”
Russian intelligence and Russian-speaking groups have launched wide-ranging cyberattacks in recent months, affecting American consumer goods ranging from gasoline to meat. President Joe Biden imposed sweeping sanctions against Russia in April after U.S. intelligence determined that Putin personally ordered a massive SolarWinds hack on federal agencies and for his interference in the 2020 presidential election.
Congresswoman Elaine Luria (D-Virginia-02) is cosponsoring the Pipeline Security Act, which requires the Travel Security Administration (TSA) to update its pipeline security policies, develop a staffing strategy for the Pipeline Security Section, and improve congressional oversight. On Tuesday, the bill reported out of the House Homeland Security Committee.
“Cybersecurity is a dangerous and emerging threat, and the recent attack on the Colonial Pipeline proves we need to do more to protect our vital infrastructure,” Luria said.
Hackers infiltrated the Colonial Pipeline’s systems, held its data hostage for a $5 million ransom, and in the process, triggered local gas shortages across the eastern U.S. In response, politicians began talking about needed reform to protect critical infrastructure. Cybersecurity experts say talk is common around such initiatives, but because of the recent attack’s impact on the everyday lives of Americans, legislators may finally be ready to make real changes.
Following the Nashville bombing, a viral post alleged a connection between SunGard, a nearby data facility, and SolarWinds’ parent company, Silver Lake. However, Silver Lake only owned SunGard from 2005 until 2015. After that, Fidelity National Information Services (FIS) assumed control once SunGard filed for bankruptcy. Since 2017, Silver Lake hasn’t held any shares in FIS.
“Please help dig on Solar[W]inds, SunGard data center, and 211 Commerce Street in Nashville,” wrote Ron Watkins, former 8Kun administrator. “Interested in finding correlations between these subjects.”