Ransomware attack on Georgia county affects voter signature database
Hall County in Georgia reported a ransomware attack on October 7 but the effects are only visible now, nearly 3 weeks later. It left a lasting effect on the county’s public service system.
When the attack was reported by local authorities on October 7, there was no mention of the electoral system being attacked. However, a spokesperson for Hall County, Katie Crumley, clarified that the attackers had also targeted election machinery – a voter signature database and a voter precinct map.
On October 7, the authorities stated that “critical systems with the Hall County government networks” have been affected, and that phone services were also down. The next day, the County updated the story, clarifying that “department phone” service was back up. In its latest update, the County admitted on October 22 that the voting process for citizens had not been affected.
In the 16 days that followed the ransomware attack, Hall County authorities did not add details about the attack itself. Till date, there are no clear indications about which specific systems were attacked, and what was the ransom amount demanded. Spokesperson Crumley stated that the investigation into this matter was in progress.
Securing the electoral process
Undeniably, this election is one of the most important ones in the history of the USA. This means that cybersecurity in these times is paramount. Data leaks can be disastrous, and the chances of voter frauds skyrocket due to cyberthreats.
However, ransomware attacks have a defining characteristic – they are financially motivated. Therefore, it is unlikely that this attack was done with the purpose of breaking election machinery. It is more plausible that this was just another ransomware attack on public infrastructure, which happened to hold voter information.
Morning Tick previously reported about the perils of voter information falling in wrong hands. Hackers and/or foreign adversaries who obtain access to sensitive data can launch effective disinformation campaigns, which have the potential to shift electoral winds. Therefore, cybersecurity during the electoral process is critical.