Various types of ransomware, including DoppelPaymer, REvil/Sodinokibi, and NetWalker steal data as a forerunner to encryption. If the targeted entity doesn’t pay the ransom, major systems can be disabled or the stolen data may be published on a leak site or auctioned off to the highest bidder.
The escalation of attacks has encompassed a myriad of targets. Cybersecurity firm Emsisoft tracked malicious ransomware assaults on at least 128 federal and state entities who were impacted by ransomware during the first two quarters of 2020.
“We’re seeing state and local entities targeted with ransomware on a near-daily basis,” said Geoff Hale, a top election security official with Homeland Security’s Cybersecurity and Infrastructure Security Agency.
The worry is that a similar hack could affect voting systems, directly or indirectly, by infecting wider government networks that include electoral databases.
States act to prevent attacks
“From the standpoint of confidence in the system, I think it is much easier to disrupt a network and prevent it from operating than it is to change votes,” Adam Hickey, a Justice Department deputy assistant attorney general, said in an interview.
