Government computer systems in Hall County, Georgia, including a voter signature database, were hit by a ransomware attack beforehand this fall in the first known ransomware attack on acclamation basement during the 2020 presidential election. Thankfully, county admiral appear that the voting action for its citizens was not disrupted.
Government computer systems in Hall County, Georgia, including a voter signature database, were hit by a ransomware attack beforehand this fall in the first known ransomware attack on acclamation basement during the 2020 presidential election. Thankfully, county admiral appear that the voting action for its citizens was not disrupted.
The attack follows on the heels of a ransomware attack last month on eResearchTechnology, a aggregation that provides software used in analytic trials, including trials for COVID-19 tests, treatments and vaccines. Less than a week after the attack in Georgia was revealed, the FBI warned that cyber abyss have unleashed a wave of ransomware attacks targeting hospital advice systems.
Attacks like these accentuate the challenges that cybersecurity experts face daily – and which loom over the accessible election. As a cybersecurity able and researcher, I can attest that there is no silver bullet for acquisition cyber threats like ransomware. Rather, arresting adjoin them comes down to the accomplishments of bags of IT staff and millions of computer users in organizations large and small across the country by all-embracing and applying the basic good accretion practices and IT procedures that have been answer for years.
What is ransomware?
Ransomware is a form of awful software, or malware, that about encrypts a victim’s computer files, holds the files earnest and then demands a acquittal to send the decryption key that unlocks the files. Individual ransomware payments usually range from a few hundred to a few thousand dollars, with the apprehension that a almost low dollar amount will actuate the victim to bound pay the antagonist to end the incident.
Ransomware attacks frequently begin through email as a archetypal phishing bulletin purporting to be from addition the abeyant victim trusts, such as a accessory or friend. However, arising types of ransomware accomplishment absolute or afresh apparent aegis vulnerabilities – in other words, they hack in – to gain system access after acute any user alternation at all.
Once a computer system is compromised, there are many things a ransomware attack can do. But the most common aftereffect is encrypting a user’s data to hold it for a ransom payment. In other cases, ransomware encrypts a victim’s data and the ransomware’s architect threatens to absolution claimed or acute advice onto the internet unless the ransom is paid.
While ransomware attacks can affect any internet user or organization, attackers tend to target entities known for having less-robust cybersecurity defenses, including hospitals, health systems and state or local government computers. But health care charcoal an adorable ransomware target: In 2019, 759 health care providers in the U.S. were hit. Overall, ransomware attacks cost users and companies over US$7 billion in 2019 as a result of either ransoms paid or through costs incurred in convalescent from attacks.
Ransomware’s toll
The first high-profile ransomware adventure was launched by North Korea in 2017. Using malware called “Wannacry,” the attackers brought the British National Health Service to a paralyzing halt. Hospitals lost access to their computer systems and accepted and emergency care was disrupted. But that was a examination of things to come: In 2020, a accommodating in Germany died after being absent to addition hospital due to a ransomware incident.
In 2020, during the COVID-19 pandemic, a ransomware attack bedridden over 250 medical accessories run by American-based Universal Health Services. At eResearchTechnology, staff administering COVID-19 analytic trials were locked out of their data and unable to conduct business for nearly two weeks.
And it’s not just health care organizations. The city of Atlanta was bedridden by ransomware in 2018. Baltimore was analogously bedridden in 2019. In both cases, city casework – from tax accumulating and business licensing to real estate affairs – were bare to citizens. Numerous abate cities around the world also have been afflicted by ransomware attacks.
However, even organizations with good IT behavior and procedures find it acutely costly to investigate and balance from ransomware attacks, whether or not they pay the ransom. For example, an organization’s accepted data backup can also aback accommodate ransomware code. This means victims need to ensure they are not abating the ransomware infection when they reconstruct their systems after an attack. Depending on the victim’s backup procedures, analysis a ransomware-free backup can be a very time-consuming process.
Ransomware and acclamation 2020
The 2016 elections underscored the accent of ensuring the aegis and candor of advice accompanying to government operations, including elections. Unfortunately, for many state and local governments, ransomware apropos are just addition in a long line of issues that cybersecurity teams must argue with during periods of bound budgets and staffing.
Much has already been accounting about the accessible and brittle state of America’s acclamation systems, alignment from anachronistic operating systems installed on voting machines to afraid networks and systems that barter and store vote tabulations, to ensuring the aegis of voter allotment databases.
Making this bearings more arduous is that many local governments don’t know what’s accident on their networks. A civic survey conducted by University of Maryland, Baltimore County advisers in 2016 appear that nearly 30% of local government admiral would not know if a cyberattack was affecting them. This lack of acquaintance means an attack could be well underway and causing havoc before aegis teams apprehend it – let alone respond.
