Ransomware disables Georgia county election database and personal thoughts on election hacking. GO VOTE!

I’ve recently been asked multiple times about election hacking. I’m also speaking today on this topic (register at https://pearson.zoom.us/webinar/register/WN_87nWjmEKStGJMKYuRmNM1g). Join me.

I first want to express my thoughts on election hacking. I’m including the article below from APnews to show there is technical election hacking occurring including rasomware attacks and voting booth hacking but that’s not the real problem. The real problem with election hacking is about attacking YOU (if you live in the USA and 18+ of age)… not the US election process. All of it. It’s designed to have you lose faith in the election process and not vote. It’s not about technical hacking at all.

Election hacking that has a real impact is similar to social engineering. It is the bots and other external sources spreading fake data and specifically trying to get people angry, lose confidence in democracy, and not vote. Human emotions trigger faster than logical thought. The intent for many of these external parties is to cause the emotion thought to react before you logically think about what is occurring.

To reduce the risk of falling into an emotional trap, STOP AND THINK about why things are being said. Question the purpose why the person is speaking and question how creditable the source is. Look at this twitter feedback about today’s event shown in this next image (I’m using this example since it has nothing to do with politics). Look at the name, look at the message, and notice how the account was created last month. It’s not election-related but my point is social media is full of pointless distractions that provide no value outside of trying to trigger an emotional reaction. The election-related social media is full of this type of pointless distraction chatter.

I’ll summarize my fight against election hacking with these best practices

  • Know you are a target (US citizens 18 or older). Keep that in mind as you read about the election
  • Stop and let anything that impacts your emotion settle for a minute so you can logically think through what is being said. Remember your emotions fire first!
  • Don’t add to the noise! If you are unsure about something, DO NOT POST ABOUT IT on social media. Confirm the truth about what you say or you are just adding to the problem. My sister in law believes DC has riots due to social media and keeps posting about it (sorry to pick on you). Meanwhile, it was nice weather this weekend with everybody out doing fall yard work.
  • Sometimes things will go wrong with the voting system but keep in mind there are millions of people voting so it won’t be perfect. Don’t let the media over exaggerate when something occurs. Remember, if something is caught, that’s a good thing! It shows the system security works.
  • Go out and vote. Show the world you believe in democracy (for those in the USA).

With all of that being said, I get asked about “technical” hacking. DEFCON has a village dedicated to the topic of hacking voting booths each year. I highly encourage checking that out. Regarding this election, yes some hacking stuff is occurring. Here is an article from APnews showing a ransomware attack on voting. Regarding the bit picture for election secuirty, I personally won’t worry about this verse the hack against you, the USA voter but here is that article. The original post can be found HERE.


A ransomware attack that hobbled a Georgia county government in early October reportedly disabled a database used to verify voter signatures in the authentication of absentee ballots.

It is the first reported case of a ransomware attack affecting an election-related system in the 2020 cycle. Federal officials and cybersecurity experts are especially concerned that ransomware attacks — even ones that don’t intentionally target election infrastructure — could disrupt voting and damage confidence in the integrity of the Nov. 3 election.

The Oct. 7 attack on Hall County, in the northern part of the state, hit critical systems and interrupted phone services, the county said in a statement posted on its website. County spokeswoman Katie Crumley did not return multiple requests for comment from The Associated Press.

But according to a report in the Gainesville Times, the attack also disabled the county’s voter signature database. Crumley was also quoted in an online CNN story saying that the attack affected both the signature database and a voting precinct map.

Ransomware scrambles affected computer networks with encryption that can only be unlocked with keys provided once the victim has paid up. Deloitte analyst Srini Subramanian said ransoms local governments pay in such cases average about $400,000.

An update Thursday evening on the county website said “the voting process for citizens has not been impacted by the attack.” However, a county official quoted by the Times said signature verification was slowed because employees had to manually pull hard copies of voter registration cards in many cases. The official was quoted as saying that most voter signatures could still be verified using a state database unaffected by the attack. The county has 129,000 registered voters.

In most states, signatures are used to validate absentee ballots sent by mail. Written on the envelopes that sheath the ballots, they are matched by election workers against signatures on file with state and local election authorities.

Federal officials recently announced that Russian hackers have infiltrated dozens of state and local government networks and could be poised to launch disruptive attacks.

A ransomware attack that hobbled a Georgia county government in early October reportedly disabled a database used to verify voter signatures in the authentication of absentee ballots.

It is the first reported case of a ransomware attack affecting an election-related system in the 2020 cycle. Federal officials and cybersecurity experts are especially concerned that ransomware attacks — even ones that don’t intentionally target election infrastructure — could disrupt voting and damage confidence in the integrity of the Nov. 3 election.ADVERTISEMENT

The Oct. 7 attack on Hall County, in the northern part of the state, hit critical systems and interrupted phone services, the county said in a statement posted on its website. County spokeswoman Katie Crumley did not return multiple requests for comment from The Associated Press.

But according to a report in the Gainesville Times, the attack also disabled the county’s voter signature database. Crumley was also quoted in an online CNN story saying that the attack affected both the signature database and a voting precinct map.

Ransomware scrambles affected computer networks with encryption that can only be unlocked with keys provided once the victim has paid up. Deloitte analyst Srini Subramanian said ransoms local governments pay in such cases average about $400,000.

An update Thursday evening on the county website said “the voting process for citizens has not been impacted by the attack.” However, a county official quoted by the Times said signature verification was slowed because employees had to manually pull hard copies of voter registration cards in many cases. The official was quoted as saying that most voter signatures could still be verified using a state database unaffected by the attack. The county has 129,000 registered voters.

In most states, signatures are used to validate absentee ballots sent by mail. Written on the envelopes that sheath the ballots, they are matched by election workers against signatures on file with state and local election authorities.

Federal officials recently announced that Russian hackers have infiltrated dozens of state and local government networks and could be poised to launch disruptive attacks.ADVERTISEMENT

An international ransomware syndicate known as Doppelpaymer appears to be involved in the Hall County attack. It posted documents purportedly stolen from Hall County on a dark web site as proof of responsibility.

Crumley, the county spokeswoman, did not respond to an email asking how much ransom that attackers had demanded and whether the county had paid a ransom.

Brett Callow, a threat analyst at Emsisoft cybersecurity firm, said the attack could augur other similar actions exploiting the proximity of Election Day.

“The real question is how many local government networks are already compromised? Threat actors frequently delay deploying ransomware on compromised networks until what they consider to be the most opportune moment — and that may well be in the days immediately prior to the election,” he said. “What better time to extort money from a government by holding its systems hostage than when those systems are most needed?”

A worsening ransomware plague is afflicting U.S. cities, counties and school districts, exacerbated by the COVID-19 pandemic.

At least 82 government bodies in the U.S. have been hit by ransomware so far this year. Eighteen of those incidents have occurred since the beginning of September, according to Emsisoft.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.