US eyes ransomware threat to voter databases prior to 2020 election

The U.S. government is ramping up its efforts to protect voter registration databases from ransomware attacks in the run-up to the 2020 presidential election.

The plan was first reported by Reuters, which notes that the Cybersecurity Infrastructure Agency (CISA), part of the Department of Homeland Security, is contacting state election officials to bolster protections against ransomware.

“Recent history has shown that state and county governments and those who support them are targets for ransomware attacks,” said CISA Director Chris Krebs, in a statement provided to Fox News. “Voter registration databases could be an attractive target for these attacks.”

RANSOMWARE ATTACK CRIPPLES AT LEAST 20 LOCAL TEXAS AGENCIES

“A successful ransomware attack at a critical point before an election could limit access to information and has the potential to undermine public confidence in the election itself,” Krebs added. “That is why we are working alongside election officials and their private-sector partners to help protect their databases and respond to possible ransomware attacks.”

In a ransomware attack, hackers typically encrypt a computer network’s data to hold it “hostage,” providing a digital decryption key to unlock it for a price. The FBI has described ransomware as the fastest growing malware threat.

Krebs said that The Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC), which provides election-focused cybersecurity, will work with CISA to harden voter registration databases against the threat of ransomware.  “In raising awareness of the risks of and responses to these attacks, providing targeted cybersecurity services to protect voter registration databases, and implementing a coordinated vulnerability disclosure program in partnership with the EI-ISAC, election officials and the security researcher community, we can stay one step ahead and ensure the 2020 elections are secure and resilient,” he said in the statement.

CITY OF ATLANTA HIT BY RANSOMWARE ATTACK

Fox News has reached out to the FBI with a request for comment on this story.

A number of U.S. cities, including Atlanta and Baltimore, have been targeted in high-profile ransomware attacks. Earlier this month, the Texas Department of Information Resources announced that at least 20 local government agencies across the state had fallen victim to hackers using ransomware.

Attacks have taken place across the U.S. Hackers, for example, targeted the port of San Diego in an attack that disrupted the agency’s IT systems. An Alaskan borough also had to dust off its typewriters following a major ransomware attack.

In 2017, a major ransomware attack forced the shutdown of a host of IT systems at Mecklenburg County, N.C.

Also in 2017, a hacker targeted Sacramento Regional Transit, deleting 30 million files in a ransomware attack. Officials worked to restore the data from backup files.

In 2016, a Los Angeles hospital paid a ransom of nearly $17,000 in bitcoins to hackers who infiltrated and disabled its computer network.

In 2017 a huge ransomware attack, dubbed ‘NotPetya’ hit organizations across Europe, sparking mass disruption, particularly in Ukraine. The U.S. and the U.K. blamed Russia for the attack, an allegation which Russia denied. NotPetya came hot on the heels of the WannaCry ransomware that wreaked havoc across the globe.

ALASKAN BOROUGH DUSTS OFF TYPEWRITERS AFTER RANSOMWARE ATTACK

The CISA, the Multi-State Information Sharing and Analysis Center (MS-ISAC), the National Governors Association (NGA), and the National Association of State Chief Information Officers (NASCIO) recently urged all levels of government to take immediate action to protect against ransomware attacks. Organizations were urged to immediately back up their systems and perform backups on a daily basis, reinforce basic cybersecurity education and awareness and revisit and refine cyber incident response plans.

In a document posted on its website on July 14, 2016, the FBI described the scale of the ransomware menace. “Ransomware is the fastest growing malware threat, targeting users of all types – from the home user to the corporate network,” it said. The FBI estimates that, on average, more than 4,000 ransomware attacks occurred daily since Jan. 1, 2016, a 300 percent increase on the prior year.

Fox News’ Jake Gibson, Samuel Chamberlain, Melissa Leon, Barnini Chakraborty and the Associated Press contributed to this article.

Follow James Rogers on Twitter @jamesjrogers