County Officials Reveal Details of the Attack
Election officials in Palm Beach County, Florida, revealed this week that its voter registration system was hit by ransomware in the weeks leading up to the 2016 presidential election, according to the The Palm Beach Post.
Details about the incident were kept under wraps for three years and were never revealed to the public or officials with the FBI and Department of Homeland Security, according to the report. County officials believe that the incident did not interfere with vote counts, the newspaper reports.
On Wednesday, Wendy Sartory Link, the recently appointed election supervisor of Palm Beach county, acknowledged that the government voting system sustained a previously undisclosed ransomware attack in mid-September 2016, according to the news report.
The attack only came to light recently after Jeff Darter, the former IT director of the Palm Beach County Elections Office, was fired after he was charged with possession of child pornography, the newspaper reports. Following Darter’s dismissal, Ed Sacerio, the second in command in the department, revealed the attack to Link.
Link told the newspaper Sacerio told her: “One thing I don’t know is about … what happened with the hack we had back (in 2016), to know if that’s still a problem.”
She said she replied: “I’m already reeling from the fact that we just lost our IT director, and now you’re telling me that there was a hack that no one bothered to share?”
Link added that it does not appear the FBI or Homeland Security was notified of the attack despite widespread reports of hacking before the 2016 election, the newspaper reports.
Palm Beach officials didn’t offer details about the ransomware strain that hit the voter registration system. Sacerio said that at the time of the attack, a colleague noticed some files disappeared and certain Microsoft documents were encrypted, according to the newspaper.
Despite the fact that some data may have been exfiltrated, Sacerio told the newspaper that it does not appear that the attack affected voter information or election results.
The issue of election security in Florida came to the forefront in April 2019, when the report produced by Special Counsel Robert Mueller, who investigated Russian interference in the 2016 election, found that “at least one” county in the state had been breached (see: Mueller Reconfirms Russian Election Interference Campaign)
Following the Mueller report, in May 2019, the FBI briefed Florida Governor Ron DeSantis about two counties in the state that were hacked in the run-up to the 2016 election, according to CNN. But DeSantis did not reveal the names of the counties.
In response to The Palm Beach Post’s question on a potential link between the ransomware attack and Russian interference, Link said that she didn’t believe they were connected.
Strengthening Election Security
The revelation in Florida comes as efforts to strengthen election security ahead of the 2020 presidential elections continue.
In November 2019, the Trump administration revealed new protocols for notifying the public of nation-state hacking or other interference during the 2020 presidential election cycle (see: Election Interference Notification Protocols Unveiled)
In January, the FBI announced a new policy to provide more “timely” breach notifications to state and local officials concerning election hacking and foreign interference.
And this week, local cybersecurity officials from Michigan and Texas told a U.S. Senate committee that the federal government should do more to help local governments respond to and recover from ransomware attacks and other cyber incidents.