Hacker Releases GA Election Files in Ransomware Attack
A computer hacker who took over networks maintained by Hall County, Ga., escalated demands by publicly releasing election-related files after a ransom wasn’t paid, heightening concerns about the security of voting from cyberattacks, the Wall Street Journal reports. A website maintained by the hacker lists Hall County along with other hacked entities as those whose “time to pay is over.” The Hall County files are labeled as “example files,” which typically are nonsensitive and used to encourage payment before a bigger rollout of often more-compromising information. The release of some of Hall County files came Tuesday, one week before the presidential election, in which election security has been a major focus. Polls show the race has tightened in Georgia, which was last won by a Democrat in 1992, and Democratic nominee Joe Biden made a campaign appearance there Tuesday.
The newspaper’s review of the hacked county files found named individuals with provisional ballots flagged for their signatures not matching; voter names and registration numbers; and an election-equipment inventory. The files appear on the website of the DoppelPaymer ransomware group, a significant operator of such attacks, said Brett Callow of cybersecurity firm Emsisoft. Ransomware is deployed by hackers to lock computer networks until the demanded sum is paid. The FBI and the Cybersecurity and Infrastructure Security Agency warned last week about Russian-state-sponsored hackers targeting U.S. state, local and other government and aviation networks. Separately, the the FBI and two other federal agencies warned Wednesday that they had “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.” The alert said malicious groups are targeting the sector with attacks that produce “data theft and disruption of healthcare services,” the Associated Press reports.