Colorado web portal back online after ‘foreign’ cyberattack | Quick Hits

The state-run website went live Thursday night after the state said a cyberattack shut it down.

The homepage went live again around 6 p.m. Thursday, just over 24 hours after the State Emergency Operations Center said an “anonymous suspected foreign actor” took it offline. State officials said the attacker also targeted several other state government services and websites in the United States

Colorado officials have not released any additional information about who was responsible for the cyberattack, which states were affected, or what data may have been disclosed.

“This cybersecurity incident is part of an ongoing investigation in cooperation with state and federal partners,” the State Emergency Operations Center said in a statement. “Due to the sensitivity and nature of the cyber event, no further details are available at this time.”

CNN reported that pro-Russian hacking group Killnet was blamed for the cyberattack and also claimed to have taken down state government websites in Kentucky, Mississippi and other states.

NBC said the hacking group simply flooded the states’ websites with web traffic in an attempt to shut them down and there was no indication that any of the states’ internal systems were compromised.

Only the Colorado portal home page was affected by the cyberattack, all other websites and state government services were unaffected. The State Emergency Operations Center, the Governor’s Office of Information Technology, and the Statewide Internet Portal Authority actively monitor state websites and systems.

Former NSA operative arrested in Denver on espionage charges

This latest attack comes after a cyberattack in August hit most of Fremont County’s county departments, limiting the county’s services for several weeks. Most, but not all, government services were operational again Monday, Fremont County Commissioner Dwayne Mcfall said.

The Governor’s Office of Information Technology determined that Fremont County’s cyberattack was carried out by BlackCat ransomware, also known as ALPHV. Actors connected to BlackCat often demand multimillion-dollar ransom payments in cryptocurrency such as bitcoin or monero to recover encrypted digital files, according to the Federal Bureau of Investigation.

Cities and states across America have been the victims of cyberattacks in recent years – with increasing severity and regularity.

Comparitech, a company that reviews cybersecurity tools, said America has faced nearly 2,000 ransomware attacks since 2018, with the average ransom demand being nearly $2 million. These attacks, the company says, have cost healthcare organizations $20.8 billion, schools and colleges $3.56 billion, governments $18.9 billion and businesses $20.9 billion to date.

The National Conference of State Legislatures said at least 40 states, plus Puerto Rico, introduced or considered about 250 bills or resolutions dealing with cybersecurity this year alone.

Aurora resumes search for a new police chief after another finalist withdraws