Investigators work to determine scope of ransomware attack that hit Virginia IT agency

Posted: Dec 24, 2021 / 01:30 PM EST / Updated: Dec 24, 2021 / 01:30 PM EST

RICHMOND, Va. (WRIC) – Investigators looking into the ransomware attack on the Virginia legislature’s information technology agency won’t know more about its scope until just after the new year — or at least that’s the hope.

A law enforcement investigation led by Virginia State Police is underway and the agency hit with the attack, the Division of Legislative Automated Systems (DLAS), is performing a forensic analysis.

DLAS teams working to fix the issue are conducting a “meticulous, around-the-clock forensic analysis” of the agency’s systems, servers and all connection points, according to its director Dave Burhop.

“A full forensic analysis generally takes several weeks to complete for a digital footprint that’s the size of our legislative systems and we are hoping to have the initial analysis completed just after the new year,” Burhop wrote in an email to 8News.  

The attack affected the computer systems for Virginia’s legislative agencies and commissions, including the Division of Legislative Services and the Division of Capitol Police. DLAS’ internal servers, including the system lawmakers use to draft and modify bills, were impacted as well.

With the 2022 legislative session set to begin Jan. 12, concern has grown over how the attack may affect operations for state lawmakers. Despite this, legislators have been able to file their bills for the upcoming session.

In a ransomware cyberattack, hackers typically infiltrate a computer network to hold the user’s data hostage by encrypting it and demanding they pay a ransom for the hackers to decrypt the data.  

The cybercriminals who hit DLAS provided a note “but details are scant”…