Colorado’s state government homepage went offline Wednesday after a “suspected foreign actor” targeted Colorado.gov in a cyberattack, state officials confirmed in a news release.
Scant details about the outage were shared. State IT office and emergency operations center said late Wednesday they were working with federal partners to investigate what happened.
“We are actively investigating and don’t have any further details confirmed other than what’s in the press release,” said Brandi Simmons, a spokeswoman for the Governor’s Office of Information Technology.
CNN and other national media linked Colorado’s attack to a multi-state effort by Russian-speaking hackers, who claimed responsibility for disrupting state government websites in Colorado, Kentucky, Mississippi and other states.
Simmons would not confirm a connection between Colorado’s state government website outage and Russian-speaking hackers.
Some local security experts said it was too early to speculate what was going on.
But with just one state website impacted and no others, it could be a BGP attack, or a Border Gateway Protocol, where the “bad guys” try to confuse the internet routers about where to find the website, said Robb Reck, longtime Denver-area cybersecurity expert who is also the chief trust officer for security firm Red Canary in Denver.
“While I don’t know the particulars of the attack against Colorado.gov, there are a number of different attack types that attackers use against websites,” he said. “From attacks against the infrastructure of the internet, like rerouting DNS or BGP, gaining unauthorized access to the website in order to deface or disable the site, or simply overwhelming the website by flooding it with too much traffic.”
State officials had no timeline as to when the main page will be back online.
Colorado’s IT office set up a temporary page on Colorado.gov to direct visitors to common services, including filing an unemployment claim and renewing a driver’s license.
Only the main portal was taken offline, she said. All other state websites were still online and available.
The regular state webpage was still offline Thursday morning.
UPDATE, 6:10 p.m. on Oct. 6, 2022: Colorado’s IT office announced that the Colorado.gov state portal is back to normal. No details were shared about what caused the outage but in a news release sent at 6 p.m., the IT office said “This cybersecurity incident is part of an ongoing investigation in collaboration with state and federal partners. No further details are available at this time due to the sensitivity and nature of the cyber event.”