Part of the problem is that the full scope of ransomware attacks is not always exposed.
It was three years after the 2016 election that the Department of Homeland Security, the F.B.I. and even Florida state officials learned that Palm Beach County – which played a pivotal role in deciding the 2000 election – had seized its polling stations with ransomware just weeks before the election.
In the past 18 months, cyber criminals – mostly based in Russia and Eastern Europe – have hit the American public sector with more ransomware attacks than any other recorded period, according to Emsisoft, who is tracking the attacks. A record of 966 ransomware attacks hit the American public sector last year – two-thirds of them were against state or local governments.
These include a Texas county that voted for Hillary Clinton in 2016, as well as counties that helped determine the 2016 election in Ohio, Pennsylvania, Florida and Georgia, and other cities and counties that are most likely to have a role in the decision About to play tight Senate races will be in South Carolina, Kentucky, Colorado and Maine in November.
The F.B.I. concluded in November that ransomware "is likely to compromise the availability of data on interconnected voting servers," according to an analysis by the bureau this summer. The agency cited two recent examples: a ransomware attack in Oregon that locked county computers and crippled backup data, and another in Louisiana in which cybercriminals hacked the Secretary of State and performed three months in the week of the Louisiana state election the detonation of their ransomware waited for governor and legislative seats last November.
The Louisiana elections were unscathed as officials had the foresight to separate electoral rolls from internal networks. Still, some analysts feared that the November 3rd attack was a dry run.
Sometimes victims pay – like a small Florida town did. Sometimes they refuse, as Atlanta did – even though it ended up spending more than the ransom note to rebuild its systems.
The latest victim, Tyler Technologies, was vague about the details of his attack. Citing an ongoing investigation, the company declined to respond to the ransom demands and say whether it paid or whether it offers details of the attackers. While the company claimed that none of its products "support voting or voting systems", Socrata dashboard software is used by some election officials to aggregate and share election results.