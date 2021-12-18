ContributorsPublishersAdvertisers
Politics

Youngkin calls cybersecurity funding ‘wholly inadequate’ as ransomware attacks disrupt state government

By Jackie DeFusco
WJHL
WJHL
 5 days ago

https://img.particlenews.com/image.php?url=1RbwrL_0dQAR76f00

RICHMOND, Va. (WRIC)- Days after multiple ransomware attacks were first detected, Virginia’s state government is still feeling the effects. It comes as Governor Ralph Northam is proposing new funding to sure up cybersecurity but Governor-elect Glenn Youngkin says it doesn’t far enough.

As of Friday evening, the FBI and the Virginia State Police were continuing to investigate a criminal ransomware attack disrupting the IT system that serves the General Assembly. Dave Burhop, director of the Division of Legislative Automated Systems, said the suspicious activity was first detected on Sunday, Dec. 12.

Ransomware attack hits Virginia General Assembly’s IT agency; similar incident earlier this year

At last check, the Virginia Department of Behavioral Health and Developmental Services was also continuing to grapple with what is believed to be a separate ransomware attack targeting the service the agency uses for timekeeping.

“It is clear the global KRONOS ransomware attack and the ransomware attack experienced over the weekend in Virginia are not connected, and there is no indication that information was compromised or that any DBHDS systems have been compromised,” said DBHDS Communications Director Lauren Cunningham in an email on Friday. “State facilities have switched back to manual systems that are very time-intensive, but they will get the job done and ensure staff are paid.”

Virginia Department of Behavioral Health and Developmental Services hit with ransomware attack

Stakeholders either didn’t respond to requests for comment or had no further updates when asked if ransoms had been paid out to attackers to resolve the issue.

As both investigations continued on Thursday, Governor Northam announced his two-year budget plan would include $60 million for cybersecurity improvements. Northam’s office said the proposal was drafted before the ransomware attacks occurred.

“It’s something that we take very seriously,” Northam said in an interview on Thursday. “If it takes more resources, we will have that in the budget to help prevent this from happening in the future.”

Asked about the proposal after Northam’s presentation, Governor-elect Youngkin was not impressed.

“I do believe the $60 million–the number I heard today that is being allocated to cybersecurity–is wholly inadequate and in fact it reflects the under-investment over a consistent period of time,” Youngkin said, adding that he would direct a review of resources after taking office.

Virginia needs more IT security staff to defend against cyber attacks, new report says

A recent report revealed the Virginia Information Technology Agency, which oversees the executive branch, currently lacks sufficient resources to monitor all 4,000 to 5,000 pieces of IT equipment that could be targeted for potential security vulnerabilities.

“VITA’s security group is not able to keep pace with all of the infrastructure changes that agencies are requesting and make sure they are consistent with the state’s security standards and that ultimately increases the risk of a cybersecurity breach in the commonwealth,” JLARC’s Chief Legislative Analyst for Ongoing Oversight Jamie Bitz said in a presentation to lawmakers.

According to Northam’s Spokesperson Alena Yarmosky, the governor’s outgoing budget proposal includes $25 million to increase cyber resiliency and recovery capabilities, $8 million for additional authentication resources, $5 million to establish a second backup data center, $4 million for antivirus tools, and targeted security measures across various state agencies.

Delegate David Reid (D-Loudoun) has been focused on the issue of cybersecurity for years, both in the legislature and professionally.

“If we’re experiencing this problem right now then it probably means that we have not been funding cybersecurity for the legislative branch or, if we have, it probably hasn’t been as robust as it should’ve been,” Reid said.

Reid is planning to propose several budget amendments on the topic in the 2022 legislative session. While he is still reviewing Northam’s proposal, he believes the governor has already included at least one of his requests. He said it would provide funding for the Virginia National Guard to conduct twelve cybersecurity assessments per year for localities to prevent ransomware attacks.

Another proposal would provide the Virginia State Police with additional funding to hire thirteen full-time cybersecurity support professionals. Reid also wants the state to manage a single, robust platform to continuously monitor, manage, and report cybersecurity risks at no cost to local public school districts.

With state revenues at record highs and the threat of ransomware attacks only expected to grow, Reid said now is the time for big investments.

“It definitely should be considered a wake up call,” Reid said. “Cybersecurity is kind of a lot like car insurance in that no one really wants to pay for it but they’re really glad they have it when they have an accident.”

Copyright 2021 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

For the latest news, weather, sports, and streaming video, head to WJHL | Tri-Cities News & Weather.

Comments / 0

Related
Washington Post

Prince George’s government affected by ransomware attack

Prince George’s County government has been affected by a national ransomware attack on Ultimate Kronos Group, a massive human resources company that serves as the timekeeping vendor for the county, officials said Tuesday. The announcement from County Executive Angela D. Alsobrooks (D) comes as Maryland’s health department is trying...
PUBLIC SAFETY
RELATED LOCAL CHANNELS
State
Virginia State
Fox News

Ransomware attack strikes Virginia state legislative agency

A Virginia legislative branch agency was struck by a ransomware attack, according to the office of Democratic Gov. Ralph Northam. Alena Yarmosky, a spokesperson for Northam, confirmed that Virginia’s Division of Legislative Automated Systems, which is the state legislature’s information technology agency, was hit in the attack, according to The Associated Press.
VIRGINIA STATE
WOWK 13 News

Cybersecurity incident disrupts payroll service for West Virginia state employees

CHARLESTON, WV (WOWK) — The WV State Auditor’s Office says a cybersecurity incident disrupted the payroll administration service for State employees. The press release says that the cybersecurity incident disrupted the Kronos Private Cloud. Kronos, or UKG, is contracted by the State to provide payroll administration, specifically time and leave balances. They say that there […]
CHARLESTON, WV
ZDNet

Queensland government energy generator says ransomware attack not state-based

Queensland government-owned energy generator CS Energy provided an update on Wednesday that those behind its November ransomware incident was unlikely to be a state-based actor. On the same morning, Sydney's Daily Telegraph landed with a front page claiming China was behind the incident. Thanks to the appearance of CS Energy...
PUBLIC SAFETY
securitymagazine.com

How cybersecurity and executive leaders communicate about ransomware

How do cybersecurity and executive leaders communicate about ransomware? A new (ISC)² study, “Ransomware in the C-Suite: What Cybersecurity Leaders Need to Know About What Executives Need to Hear,” provides insights for cybersecurity professionals into the minds of C-suite executives and how they perceive their organizations’ readiness for ransomware attacks.
COMPUTERS
RELATED PEOPLE
Person
Ralph Northam
The Independent

Government unveils national cyber strategy in bid to protect UK from hostile states and ransomware plots

The government is set to announce its new National Cyber Strategy aimed, it says, at protecting the country from attacks by hostile states and organised crime, while projecting “Global Britain” as a “world leader” in the field.The programme, funded by £2.6bn allocated in the spending review, will carry out offensive operations against countries carrying out malign cyber activities and pursue criminals who are using the internet for ransomware plots to loot vast sums of money. The new strategy has been presented as it is claimed that hackers, believed to be Chinese, have “fully weaponised” software vulnerability which is causing “mayhem...
PUBLIC SAFETY
WHSV

UVA professor explains ransomware attacks

CHARLOTTESVILLE, Va. (WVIR) - The IT branch of Virginia’s legislature has been hit by a ransomware attack. Ransomware is malicious content that locks you out of your computer. The hackers will demand payment for a key to unlock the computer system. Angela Orebaugh, a computer science professor with the...
CHARLOTTESVILLE, VA
theregister.com

Canadian charged with running ransomware attack on US state of Alaska

A Canadian man is accused of masterminding ransomware attacks that caused "damage" to systems belonging to the US state of Alaska. A federal indictment against Matthew Philbert, 31, of Ottawa, was unsealed yesterday, and he was also concurrently charged by the Canadian authorities with a number of other criminal offences at the same time. US prosecutors [PDF] claimed he carried out "cyber related offences" – including a specific 2018 attack on a computer in Alaska.
ALASKA STATE
IN THIS ARTICLE
#Infrastructure Security#State Government#Information Security#Ransomware#Fbi#The Virginia State Police#The General Assembly#Kronos#Dbhds Systems#Dbhds Communications
Government Technology

2021 Cyber Review: The Year Ransomware Disrupted Infrastructure

What was the top cyber story in 2021? How will the cyber industry remember this year?. The headline answer clearly includes disruptive ransomware that, perhaps for the first time ever, seized global attention by crippling critical infrastructure — in the form of the Colonial Pipeline incident in the southeastern U.S.
TECHNOLOGY
KING-5

McMenamins targeted by ransomware attack

PORTLAND, Ore. — Portland hotel and brewpub chain McMenamins was hit with a ransomware attack that may have compromised employees' personal information, but no customer payment information appears to have been impacted, the company said Wednesday. A ransomware attack occurs when a cybercriminal deploys malicious software to block access...
PORTLAND, OR
1350kman.com

K-State employee data safe despite ransomware attack on vendor

Kansas State University says it has not received any information about sensitive data being leaked to hackers following last week’s ransomware attack on UKG, the external vendor for the KRONOS system used for some of K-State’s employees. A few sources had informed KMAN that all users hourly data...
KANSAS STATE
YOU MAY ALSO LIKE
NewsBreak
Data Security
News Break
Politics
Sentinel

State needs to do something to address ransomware attacks

A recent Pittsburgh Post-Gazette article details a troubling trend: Pennsylvania led the U.S. in data breach losses in 2020. These cyberattacks have disrupted and in some cases fully disabled the functioning of health care systems, gas pipelines, colleges and government offices. According to the report, in 2020, at least 116...
PITTSBURGH, PA
CBS Baltimore

State’s Attorney Mosby Says Hogan Is Responsible For City Violence, Calls For Audit Of State Agencies

BALTIMORE (WJZ) — The increasingly public feud between Baltimore City State’s Attorney Marilyn Mosby and Gov. Larry Hogan continued Tuesday with Mosby accusing the governor of criticizing Baltimore and its leaders to score political points. Mosby called a news conference Tuesday to share a decade’s worth of data detailing which cases the State Attorney’s Office chose not to prosecute. It was apparently in response to statements Hogan made last month when he threatened to freeze the agency’s funding if it did not release the data. In November, the governor threatened to withhold funding to Mosby’s office if he didn’t receive data to...
BALTIMORE, MD
Bank Info Security

Western Governments Gunning for Ransomware Infrastructure

The latest edition of the ISMG Security Report features an analysis of how the U.S. military has been "imposing costs" on ransomware groups. In this report, you'll hear (click on player beneath image to listen):. ISMG's Mathew Schwartz discuss how the U.S. military has been tasked with not just disrupting...
PUBLIC SAFETY
WJHL

WJHL

12K+
Followers
3K+
Post
1M+
Views
ABOUT

https://www.wjhl.com/ is your trusted source for local news in and around the Tri-Cities region!

 https://www.wjhl.com/

Comments / 0

Community Policy