August 03, 2020
 
Caledonia Feed & SupplyCaledonia Feed MillCaledonia AgronomyLake Odessa Feed & GrainLake Odessa Agronomy
146 E. Main Street
Caledonia, MI 49316
Lake and Kinsey Street
Caledonia, MI 49316
290 South Street
Caledonia, MI 49316
1018 3rd Avenue
Lake Odessa, MI 48849
9260 Eaton Hwy
Lake Odessa, MI 48849
Store Line  616-891-4150 
Office Line 616-891-8108
Phone: 616-891-8108Phone: 616-891-1033Phone: 616-374-8061
Phone: 616-374-7329

 
Printable Page Headline News   Return to Menu - Page 1 2 3 5 6 7 8 13
 
 
Ransomware Feared as Election Saboteur 08/02 10:24

   Federal authorities say one of the gravest threats to the November election 
is a well-timed ransomware attack that could paralyze voting operations. The 
threat isn't just from foreign governments, but any fortune-seeking criminal.

   WASHINGTON (AP) -- Federal authorities say one of the gravest threats to the 
November election is a well-timed ransomware attack that could paralyze voting 
operations. The threat isn't just from foreign governments, but any 
fortune-seeking criminal.

   Ransomware attacks targeting state and local governments have been on the 
rise, with cyber criminals seeking quick money by seizing data and holding it 
hostage until they get paid. The fear is that such attacks could affect voting 
systems directly or even indirectly, by infecting broader government networks 
that include electoral databases.

   Even if a ransomware attack fails to disrupt elections, it could nonetheless 
rattle confidence in the vote.

   On the spectrum of threats from the fantastical to the more probable, 
experts and officials say ransomware is a particularly realistic possibility 
because the attacks are already so pervasive and lucrative. The FBI and 
Department of Homeland Security have issued advisories to local governments, 
including recommendations for preventing attacks.

   "From the standpoint of confidence in the system, I think it is much easier 
to disrupt a network and prevent it from operating than it is to change votes," 
Adam Hickey, a Justice Department deputy assistant attorney general, said in an 
interview.

   The scenario is relatively simple: Plant malware on multiple networks that 
affect voter registration databases and activate it just before an election. Or 
target vote-reporting and tabulation systems.

   "With the 2020 election, election infrastructure has a target on its back," 
Colorado Secretary of State Jena Griswold said. "We know that election 
infrastructure was attempted to be undermined in 2016, and we know the 
techniques are shifting."

   The number of attacks has escalated in recent years, with targets including 
Texas' transportation agency and city computers in New Orleans. A December 
report by cybersecurity firm Emsisoft tracked attacks against at least 966 
entities that interrupted 911 services, rendered medical records inaccessible 
and hindered police background checks.

   "We're seeing state and local entities targeted with ransomware on a near 
daily basis," said Geoff Hale, a top election security official with Homeland 
Security's Cybersecurity and Election Infrastructure Agency.

   Steps taken to improve security of voter registration systems after the 2016 
election could help governments fend off election-related ransomware attacks. 
They've also acted to ensure they can recover quickly in the event of an attack.

   Colorado, for example, stores redundant versions of its voter registration 
data at two separate secure locations so officials can easily shift operations. 
Backups are regular so the system can be quickly rebuilt if needed.

   Even so, ransomware is an added concern for local election officials already 
confronting staffing and budget constraints while preparing for a shift from 
in-person voting to absentee balloting because of the pandemic.

   In West Virginia, state officials are more concerned about the cyberthreat 
confronting its 55 county election offices than a direct attack on the 
statewide voter registration system. One click from a county employee falling 
victim to a spearphishing attack could grant a hacker access to the county 
network and eventually to election systems.

   "I'm more worried that those people who are working extra hours and working 
more days, the temporary staff that may be brought in to help process the 
paperwork, that all this may create a certain malaise or fatigue when they are 
using tools like email," said David Tackett, chief information officer for the 
secretary of state.

   In states that rely heavily on in-person voting and use electronic systems 
to check in voters, a well-timed attack particularly during early voting could 
prevent officials from immediately verifying a voter's eligibility, making 
paper backups critical.

   For states conducting elections entirely by mail, including Colorado, an 
attack near Election Day may have little effect on voting because ballots are 
sent early to all voters, with few votes cast in-person. But it could disrupt 
vote-tallying, forcing officials to process ballots by hand.

   In many states, local officials will face an influx of new ballot requests. 
That means they'll need constant access to voter data as they handle these 
requests. An attack could cause major disruptions.

   Hickey said he was unaware of ransomware attacks directly targeting election 
infrastructure. But local election offices are often connected to larger county 
networks and not properly insulated or protected.

   A criminal targeting a county or state "may not even know what parts of the 
network they got into," Hickey said. But as the malware creeps along and 
spreads, "what gets bricked is the entire network --- and that includes but is 
not limited to election infrastructure."

   Even if election infrastructure isn't directly targeted, there would likely 
be immediate assumptions it was, said Ron Bushar of the FireEye cybersecurity 
company.

   A February advisory issued by the FBI and obtained by The Associated Press 
recommends local governments separate election-related systems from county and 
state systems to ensure they aren't affected in an unrelated attack.

   That's how Louisiana's election network survived multiple ransomware 
attacks: one occurred six days before the November election through an IT 
services company shared by the seven impacted counties. The second hit the 
state network a day after voting.

   At a January meeting of state officials, Louisiana's secretary of state 
highlighted the attacks as a blueprint for how an adversary like Russia could 
throw November into disarray.

   Jason Ingalls, whose security firm responded to the Louisiana attacks, said 
in an interview: "You put me in charge of a platoon of Russian hackers and give 
me a couple of years to stage this and I could pull this off."

 
Caledonia Farmers Elevator | Copyright 2020
Copyright DTN. All rights reserved. Disclaimer.
Powered By DTN