Ransomware hits Capitol Hill contractor
A company that provides a user engagement platform for US politicians has suffered a ransomware attack, leaving many lawmakers unable to email their constituents for days.
The attack, which hit DC-based iConstituent, has affected the offices of nearly 60 House lawmakers across both parties, Punchbowl News reported earlier today, citing House officials, lawmakers, and office aides.
Catherine Szpindor, the Chief Administrative Officer of the House, said she was informed of the attack, which appears to have been limited to iConstituent's e-newsletter service and did not impact the company's GovText text messaging system.
Szpindor, which is in charge of House cybersecurity, was also quick to distance the US government's network from the attack.
"At this time, the CAO is not aware of any impact to House data," Szpindor told Punchbowl News. "The CAO is coordinating with the impacted offices supported by iConstituent and has taken measures to ensure that the attack does not affect the House network and offices' data."
But the attack is likely also larger in scope. Besides House offices, iConstituent also provides services to state officials, which are also most likely impacted by the recent incident.
Per its official website, customers also include the states of Georgia, Hawaii, and Nevada, the cities of Los Angeles and Palo Alto, California, and the New York State Assembly.
iConstituent could not be reached for contact via the phone.
Allan Liska, a malware analyst at Recorded Future specialized in ransomware, told The Record that attacks like the one against iConstituent show just how much the US Congress is dependent on third-party software, just like any other company or industry vertical.
"We have all seen the damage caused by lax security within critical infrastructure, how much damage could lax security at one of these third party vendors cause, how much sensitive data could be released, what extortion possibilities are there?," Liska said.
News of a ransomware attack hitting so close to Capitol Hill broke just hours before Colonial Pipeline CEO Joseph Blount was set to testify in from of the US Senate about the ransomware attack that hit his company on May 7 and led to widespread fuel supply outages across the US East Coast.
Here's Colonial CEO Joseph Blount's prepared Senate testimony today. Doubles down on claiming paying the ransom was the right call. Big George W. Bush "Decision Points" vibes. An objectively wrong decision, which he stands by...because he did? Circular.https://t.co/EXLUivhLDP— Kevin Collier (@kevincollier) June 8, 2021
The news also comes after the US Department of Justice set up a special task force last week to deal with ransomware attacks, a task force that had its first major successful operation deliver results yesterday, when the DOJ announced it recovered around 85% of the ransom payment Colonial paid to hackers last month.
Around the same time the DOJ was announcing its ransomware task force, the White House National Security Council also issued an advisory urging companies to take measures to safeguard their networks against the ever-growing threat coming from ransomware gangs.
Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.