As instances of cyberattacks increase in the U.S., it was recently found that a “malicious party” hacked the Virginia Department of Environmental Quality’s (DEQ) website. Luckily, according to a report from the Richmond Times-Dispatch, no data was said to be lost or compromised as a result of the incident.
The Virginia Information Technologies Agency (VITA), which oversees the state government’s cybersecurity apparatuses, said a technical vulnerability in the software for the DEQ website’s content management system allowed an outside actor to gain access into the system.
Marcella Williamson, a spokeswoman with VITA, explained that the cybersecurity agency was able to prevent significant changes within the website software. “A malicious party got into the system; however, the intruder was detected early by VITA and blocked,” Williamson said.
The hacking attempt was originally reported on May 22, causing the DEQ to take down the website for over two weeks. DEQ spokeswoman Ann Regn said that the website has since been restored, but some applications remained out of order as of Thursday.
Williamson said Thursday that her agency has not detected any additional intrusions at other state departments. Unfortunately, VITA was unable to confirm the identity of the cyber-attacker, or to be sure of their intent.
“The attacker was initially targeting the systems hosting the website and, it appears, further into other IT systems. Since this incident was discovered prior to compromising any additional IT, we can’t be sure of the ultimate goal,” she said.
The hack caused a delay in the public comment period allowing Virginians to weigh in on whether they believe the water quality permits for two natural gas pipelines will be adequate to protect the state’s waterways. The DEQ extended the period through this Friday as a contingency.
Of course, the timing of the hack raises questions as to who benefits. Certainly Green Antifa activists have promised to retaliate over the coming months after their attempt to physically block two energy projects failed miserably — having failed to do so, was this their next promised attack?
VITA has not yet completed a final report about the incident, according to Williamson. Nevertheless, it shows that even state agencies, which many may believe are unrelated to being vulnerable to attacks, are still targeted.
