voting booth in 2016

Government Officials Worry That Ransomware Attacks Could Derail 2020 Elections

The Department of Homeland Security is preparing to launch an education program on the potential of ransomware attacks targeting voter databases, some of which were compromised by Russian hackers in 2016.

Amid concerns about the security of American election systems and the rapid rise in ransomware attacks on governments and other institutions, the U.S. government is planning to launch a program next month that will focus on protecting registration databases ahead of the 2020 elections, according to Reuters


The Department of Homeland Security and its cyber unit, the Cybersecurity Infrastructure Security Agency (CISA), fear that the databases are prime targets for ransomware, a type of malware that encrypts computer systems and can only be unlocked by a password provided by the hacker. The attacks recently hit 22 Texas towns and halted city operations in Atlanta and Baltimore. 


"Recent history has shown that state and county governments and those who support them are targets for ransomware attacks,”  Chris Krebs, the head of CISA, said in a statement to CNN. “Voter registration databases could be an attractive target for these attacks.” 


Russian hackers were able to compromise at least some of the voter registration systems in the 2016 elections. The threat continues to grow in 2020, as officials worry about breaches and the possibility of hackers manipulating, disrupting or destroying the data, Reuters reported. 


In order to combat the threat, the CISA program will contact state election officials to prepare for ransomware attacks and provide education material, remote computer penetration testing and vulnerability testing. In addition, the agency will give a list of recommendations on how to prevent and recover from ransomware. 


One thing the CISA program won’t cover: advice on if a state should pay a ransom to the hacker if its systems have been locked down. Companies, governments and other organizations have been increasingly willing to pay off hackers rather than try to recover their systems independently, which requires significant amounts of time, money and expertise. Insurance companies have also vouched to pay the fine rather than face ongoing costs, potentially fueling a rise in attacks, according to a recent ProPublica investigation. 


“Our thought is we don’t want the states to have to be in that situation,” a DHS official told Reuters of CISA’s decision not to recommend whether or not to pay the ransom. “We’re focused on preventing it from happening.”


Since 2016, DHS has been working with local officials to address what went wrong in the election cycle and how it could be prevented. But many lawmakers and cybersecurity experts fear that many states have not taken enough action to protect American voting systems. 


The Republican-controlled Senate has not taken up an election security bill passed by the House of Representatives in June, which would have required states to provide paper ballots and replace insecure voting equipment. 


Regardless of political disagreements over election security, Krebs said his agency is determined to prevent cyber attacks from derailing this year’s election cycle. 


“A successful ransomware attack at a critical point before an election could limit access to information and has the potential to undermine public confidence in the election itself,” Krebs said. “That is why we are working alongside election officials and their private sector partners to help protect their databases and respond to possible ransomware attacks.”


Featured

Featured Cybersecurity

Webinars

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3