Phishing activity directed towards state computer systems

Governor Jay Inslee announced on Thursday that Washington state is among those being targeted by what he called a “large-scale, highly sophisticated” nationwide phishing campaign.

While Inslee and other officials would not specify the details about the phishing activity, citing security reasons, they said that a recent uptick in efforts had caused concern.

At a press conference Thursday, Inslee said that the state is taking proactive measures to protect state systems, but he said that no ransomware activity has occurred among the agencies targeted, and no state services have been impacted.

“We’re using every resource at our disposal to prevent these criminals — and that’s what they are — from potentially putting us in that position,” Inslee said.

“We’ve seen a ramp up in activity over the past week, which is why we are taking the proactive measures we’re taking to make sure that we’re doing the due diligence that we need to do to protect the state and the state assets and resources,” said James Weaver, the state chief information officer. Weaver said that no personal information was obtained in any of the recent phishing efforts.

Weaver said that private and public entities across the country have been subjected to phishing attacks, and that the state is working with the Department of Homeland Security and other federal partners to combat the attacks. Inslee announced that he was activating the state’s emergency operations center and the National Guard’s cybersecurity team.

“We take this very seriously and it’s been all hands on deck,” Inslee said.

Weaver and Vinod Brahmapuram, the state chief information security officer, said that they haven’t seen any indicators that there were attempts to exploit the state’s election infrastructure but said they would continue to work with Secretary of State Kim Wyman.

“We will continue to work very collaboratively as we look at what we’re seeing as well as the activities that they may be seeing to make sure we are doing a coordinated and comprehensive response,” Weaver said.

Secretary of State Kim Wyman’s office stated;

“The Office of the Secretary of State is aware of an active cyber threat facing government entities throughout the country. Though we have no reason at this time to believe this is targeted at elections, we are working with our federal partners and have notified local elections officials.

“Out of an abundance of caution, the Office of the Secretary of State’s Security Operations Center is taking proactive steps to increase our security posture in response to these events. We have activated our incident response plan. There has been no indication of compromise at the Office of the Secretary of State. Additionally, continues to be secure and available for the public to use.”

An email from Inslee’s office said that an indicator in the current phishing campaign is that the sender’s email address doesn’t match the person supposedly sending the email.

Brahmapuram said that these phishing efforts are prevalent across the globe, and “that’s why it’s important for all of us to be so vigilant.”

“We cannot let our guards down, we have to always pay attention to what is coming through, what we click, what we do,” he said.