Florida county election office hit by ransomware before 2016 presidential election
In long belated news, it was reported today that a Florida county's election office had its computer systems infected and encrypted by ransomware just weeks before the 2016 US presidential elections.
News of the ransomware attack was reported today by the Palm Beach Post after an interview with Wendy Sartory Link, the current election supervisor of the Palm Beach County election office.
Link said the ransomware infection took place in September 2016 during the term of the previous election supervisor.
Link told reporters she only recently found out about the security breach, as the incident was never made public at the time, despite the fact that most ransomware infections are considered serious security breaches.
The Palm Beach County official said she found out about the incident while interviewing candidates for the position of IT director for the election office after the previous director was fired following his arrest for child pornography possession.
One of the candidates was the second-in-command in the IT department at the time of the ransomware attack in 2016.
Link said she found out about the ransomware incident when the candidate mentioned during the interview that he was not sure "what happened with the hack we had back (in 2016)" and if it was still a security hole for the office.
The Palm Beach County election supervisor told reporters that the incident doesn't appear to have been reported to either the FBI or DHS.
She told Palm Beach Post reporters that her office just recently completed a 10-day overview of the office's IT systems.
Link was named on the job in January 2019 after Florida Governor Ron DeSantis suspended the previous election supervisor, citing broken laws and "a recount embarrassment," according to CBS12.
In early 2019, Gov. DeSantis said that two Florida counties were hacked by Russian hackers during the 2016 election, according to CNN, but never revealed the county names.
Link couldn't officially confirm that her county wasn't one of these two counties, but said that this appears to be a separate incident.
The Palm Beach County election office did not respond to a request for comment seeking additional details.
Today's report muddles the waters even more about what really happened in Florida in regards to the alleged Russian hacks reported by Gov. DeSantis.
Voting in the Palm Beach County went on as planned during the 2016 presidential election cycle.
A ransomware attack impacting an election's office ability to handle the upcoming 2020 US presidential elections is a major concern for US officials.
In August 2019, Reuters reported that DHS officials were planning to launch a program to bolster the security of voter registration databases, expressing explicit fears that a ransomware attack could compromise and encrypt one of these databases and hinder or cast doubt over the electoral process.
In 2019, several Florida state and government networks were hit by ransomware, suggesting that state-wide, officials still have a lot of work to secure systems against third-party security intrusions and malware infections.
Florida-based state and government networks infected in 2019 include:
- The government network for the city of Stuart
- The government network for Lake City
- The government network for Riviera Beach
- The government network for the city of Pensacola
- The government network of Palm Springs
- The network of the St. Lucie County Sheriff's Office in Fort Pierce
- ...and several school districts