[Records Exposed: Undisclosed | Industry: Government Service Providers | Type Of Attack: Ransomware/Perception Hack]
As election day draws near, a decidedly unnerving trend is emerging. Ransomware attacks, specifically those targeted toward government entities, are increasing at an alarming rate. The first two weeks of September brought with it seven new successful U.S. government ransomware attacks.
On September 24, Tyler Technology released a statement announcing them as the latest victim of this ransomware spree. At the time of the announcement, Tyler assured its users that, “All indications are that the impact of this incident is limited to our internal corporate network and phone systems, and that there has been no impact on software we host for our clients.”
However, as the investigation continues, Tyler clients are reporting suspicious activity such as unauthorized login attempts and unauthorized software installments related to Tyler Technology service offerings. Although Tyler remains tight-lipped on the magnitude of the breach, further evidence of its significance lies in Tyler’s updated statement reading, in part, “Because we have received reports of several suspicious logins to client systems, we believe precautionary password resets should be implemented. If clients haven't already done so, we strongly recommend that you reset passwords on your remote network access for Tyler staff and the credentials that Tyler personnel would use to access your applications, if applicable.”
While Tyler Technology is not a government agency, it is a management solution that services local governments. Over 20 government locations in the United States leverage Tyler Technology software to aggregate and report election votes that get aired on election night. That makes Tyler Technology the perfect target for a perception hack. The landscape is unfortunately rife for sowing confusion and chaos across America.
Further evidence that this may be the ultimate means to a lucrative end lies in the hacker group who committed the Tyler Technology ransomware hack. BleepingComputer reported that the malware the hack utilizes is RansomExx, contributed to—not proven to be—Russian hackers.
While hindsight is bound to be 20/20, there are lessons the American public can learn from similar attempts to create chaos in the past. Six years ago, Ukraine’s presidential election almost ended in a successful perception hack. That is, in 2014, less than an hour before the polls closed, Ukraine officials discovered and removed malware that would have inaccurately displayed a far-right candidate the winner of the election on the nightly news. (Interestingly, the image still aired in Russia.)
As Americans struggle with sussing out fact from fiction, Russia may be taking full advantage. As previously reported, the Russian government is known for sponsoring and encouraging freelance hackers in their ransomware endeavors. The win/win for the government is intel; for the hackers, it’s money and protection. The increase in ransomware attacks are perhaps tied to Russian’s election meddling attempts. Unfortunately ransomware and other malicious breaches often sit for months within a system, undetected until the hacker decides to strike.
In fact, the F.B.I. warned of this last week, reminding citizens that the days following the election there may be widespread “disinformation that includes reports of voter suppression, cyberattacks targeting election infrastructure, voter or ballot fraud, and other problems intended to convince the public of the elections’ illegitimacy.” Also concerning is the location of recent ransomware targets: key battleground areas including counties in Ohio, Pennsylvania, Florida, and Georgia.
Read More: Incident Of The Week