State of Vermont server taken offline after nationwide cyberattack

Guy Page

5 years ago

by Guy Page

The State of Vermont took a server offline as a result of being among 18,000 computer users affected by a nationwide cyberattack, Chief Information Officer John Quinn said this morning.

Yesterday, a sophisticated attack “compromised security firm FireEye, the US Treasury and Commerce departments and likely many more victims,” Malwarebytes.com reports.

“Threat actors hacked into IT company SolarWinds in order to use its software channel to push out malicious updates onto 18,000 of its Orion platform customers. This scenario, referred to as a supply-chain attack, is perhaps the most devious and difficult to detect as it relies on software that has already been trusted and that can be widely distributed at once,” Malwarebytes said.

The State of Vermont was among those customers, Quinn told Vermont Daily today. “We were one of the 18,000 solarwinds customers that were on the affected software version. We immediately took the server offline and have taken additional security steps to protect our systems and data. We have no evidence that we were compromised but are monitoring our environment very closely.”

The loss of the server did not affect computer services. “The server that we took offline monitored system performance of our servers. It is not noticable to our users or citizens,” Quinn said.

The University of Vermont Medical Center is emerging from a disastrous cyberattack that began in late October and took down the patient information portal and employee email. The cyberattack cost the hospital an estimated $63 million in overall costs.

According to its website, Solarwinds delivers IT solutions – including cybersecurity – to many state and national government agencies, including:

Defense: U.S. Army, U.S. Air Force, U.S. Navy, U.S. Marine Corp, IC, and DoD Agencies and the UK Defence Sector.
Civilian: U.S. Census Bureau, U.S. Department of Justice, Oak Ridge National Laboratory, Sandia National Laboratory, U.S. Department of Treasury, U.S. Department of Veterans Affairs, and more.
National/Central: UK National Health Service (NHS), UK Central Government, European Parliament, Health and Social Care Information Centre, Republic of Turkey Ministry of Health, NATO Support Agency, and more.
State, Local & Education: The State of Texas, The City of Indianapolis, Harrison College, University of California, Berkeley, and more.

According to the New York Times, the National Security Agency (NSA) was caught unawares. It was informed of the breach by a private company. It is not known how long the hackers – believed to be Russian-based – have been accessing information, nor is it known what information has been accessed.

mark milazzo on Twister hits townApril 19, 2026
The storm is Biden”s fault
Greg Houghton

Greg Houghton on Roper: 2024 Payroll Tax cited as one reason VT is losing manufacturing jobsApril 19, 2026
So, if this child care tax hasn’t created enough new slots I’d be interested in following the money. The employers…
Greg Houghton

Greg Houghton on Climate bill moving thru Senate April 19, 2026
Anti-ICE bill passes Senate – by a 23-7 vote, the Senate Tuesday, April 14 passed h849, granting the right to…
yankeebo

joe bottiggi on Dems bash guv for ignoring their House rep recommendationsApril 19, 2026
Shows the Dems still believe in the two party system…Them and Us.
Neil Johnson on VT trees are dying at an alarming rate, and lawmakers are making it worseApril 18, 2026
Yes,yes,yes and yes, we have lost so much to invasive species….the crime should be right up there with the death…

Share this: