Editor's note: Colorado's main government website resumed normal operation Thursday after a cybersecurity incident. Read the original story below:
DENVER – A cyberattack orchestrated by anonymous agent on Wednesday took down Colorado’s main government website, according to a news release from the state.
Colorado.gov went offline Wednesday afternoon and a landing page with links to other state services took its place. All other state websites and services were still available, according to the Governor’s Office of Information Technology.
A spokesperson from the office said the suspected “foreign actor” targeted multiple state government services and websites across the country but did not provide information as to which other states were affected by the cyberattack.
On Thursday, the spokesperson said the cyberattack wasn't tied to ransomware, so no ranswom was demanded by the suspect.
Other state websites, including the Colorado Secretary of State’s website, the state’s legislature website, the Colorado Department of Revenue website, the Colorado Department of Education website, or the state’s health department website did not appear to be affected as of 4:15 p.m.
The state’s office of information technology and the State Emergency Operations Center is actively working with state and federal partners to restore access to the Colorado.gov page.
Officials said other security measures are being taken to make sure other state websites and services remain unaffected.
There is currently no estimated time for bringing the state website back online, officials said.
Colorado is no stranger to cyberattacks. In 2018, the Colorado Department of Transportation (CDOT) was the victim of two SamSam ransomware attacks, in which hackers demanded Bitcoin payments to release hijacked files and unlock the system. Two Iranian men were indicted on charges related to hacking for the attack.
And just last month, the City of Wheat Ridge was hit with a ransomware attack known as BlackCat, in which the attackers, likely from Eastern Europe, demanded $5 million to unlock the city’s municipal data and computer systems, according to our partners at The Denver Post.
Editor's note on Oct. 6 at 2:40 p.m.: This story has been updated with information from the Office of Information Technology, stating the cyberattack was not tied to ransomware; therefore, no ransom was ever demanded.
