A ransomware attack has hit agencies and commissions within the Virginia legislature, according to a statement from the governor's office to theAssociated Press. 

Recommends

The best security key

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.

Read now

Alena Yarmosky, spokesperson for Virginia Governor Ralph Northam, said the governor has been briefed on the attack, which currently affects Virginia's Division of Legislative Automated Systems, the General Assembly's IT agency. Yarmosky did not respond to requests for comment about the specifics of the attack. 

Legislative leaders in the state were emailed about the incident and told that hackers attacked the state systems on Friday. The attack took down the website for the Division of Capitol Police, and all of the internal systems for bill drafting or bill referrals were hit hard during the ransomware incident, according toThe Associated Press. 

The Assembly's voicemail system was down, and many of the systems involved in budgeting were disrupted due to the attack. The Virginia Law Portal is also down because of the attack. 

The FBI and other law enforcement agencies are now involved. Cybersecurity firm Mandiant took to Twitter to confirm that they are assisting in response to the incident. 

Yarmosky toldThe Washington Postthat the ransom note received by the agencies provided little information. Most of the organization's servers were shut down to stop the spread of ransomware. 

The Richmond Times-Dispatchreported that the attack began at the Department of Legislative Automated Systems on Sunday before spreading to "almost all legislative branch websites." The only things spared were the Legislative Information System on the General Assembly site and the executive branch agencies.

In September, the Virginia Defense Force and the Virginia Department of Military Affairs revealed that a cyberattack impacted them in July. 

Ransomware groups have made millions from attacking local governments at the city, county and state levels. Experts told The Washington Post in August that for 2020, at least 2,354 governments, healthcare facilities and schools across the US were hit with ransomware. 

Dozens of local governments have opted to pay ransomware actors to get their systems back. After being attacked by the Ryuk/Conti gang, Jackson County, Georgia; Riviera Beach, Florida; and LaPorte County, Indiana, paid ransoms ranging from$130,000 to nearly$600,000.  

Security

8 habits of highly secure remote workersHow to find and remove spyware from your phoneThe best VPN services: How do the top 5 compare?How to find out if you are involved in a data breach -- and what to do next

• 8 habits of highly secure remote workers
• How to find and remove spyware from your phone
• The best VPN services: How do the top 5 compare?
• How to find out if you are involved in a data breach -- and what to do next