First ransomware attack in 2020 election hits voting infrastructure in Georgia

ransomware attack targeting the government systems of Georgia’s Hall County also impacted key voting infrastructure it has been revealed.

Local officials initially released few details regarding the Oct. 7 attack, stating that “critical systems within the Hall County Government networks” had been affected. Today, CNN reported the incident “may be the first ransomware attack to hit election infrastructure this political season.”

According to Hall County spokesperson Katie Crumley, the county’s voter signature database and voting precinct map were heavily impacted by the attack. However, Crumley noted the county is in the process of bringing affected systems back online, including the map and database.

“The voting process for our citizens has not been impacted due to the network issues.”

The attackers are not believed to have targeted Hall County’s voting systems specifically, with many of the county services being disrupted including phone and email.

Brett Callow of cybersecurity firm Emsisoft noted that US local government entities have been falling victim to ransomware attacks at a rate of approximately three per week, although he believes the impact on voting is more likely to be “collateral damage”.

But Callow believes we’ll see more incidents impacting voting systems ahead of election day with the impact going beyond mere technical damage.

“There is also a very real risk that they may shake voter confidence in the integrity of the vote, especially as confidence may already be quite low.”

Concerns have been mounting around the threat ransomware may pose to the U.S. presidential election for weeks, with security firm NTT warning last month that criminal actors may have already penetrated key government networks and could waiting to cause havoc closer to the election.

Callow said that criminals were interested in gaining maximum leverage. “What better time to extort money from a government by holding its systems to ransom than the time those systems are needed the most?” he said.

On Oct. 12, Microsoft announced it had disrupted the major ransomware network Trickbot, which was found to invoke political movements such as Black Lives Matter to trick victims into downloading malware. The IT conglomerate is also freely offering its security products to organizations involved in the election.

Also read: Crypto P2P adoption in Middle East stymied by politics and tech

Source: https://cointelegraph.com/news/first-ransomware-attack-in-2020-election-hits-voting-infrastructure-in-georgia