The Most Comprehensive Data Protection Solution
Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.
First and Only Solution to Converge:
- Data Loss Prevention
- Endpoint Detection and Response
- User and Entity Behavior Analytics
A report Monday confirmed that the U.S. government is concerned about foreign hackers spreading ransomware that can manipulate voter databases ahead of next year's election..
Fearing the repercussions of a ransomware attack against the next year's presidential election, U.S. officials are reportedly prepping a program that will better safeguard voter registration databases and systems in the months leading up to next year's election.
The Department of Homeland Security's Cybersecurity Infrastructure Security Agency (CISA) is readying a program to spread awareness on such attacks.
According to Reuters, which broke news on the program Monday afternoon, government officials are concerned that foreign hackers will target voter databases - like Russian hackers successfully did in 2016 - but also that they'll try to "manipulate, disrupt or destroy the data," as well.
While the specifics of the program aren't yet known, it sounds as if it will rely heavily on the participation of state election officials. CISA will ensure officials are aware of ransomware prevention best practices, that includes providing them with education materials, remote computer penetration testing, and vulnerability scans.
“Recent history has shown that state and county governments and those who support them are targets for ransomware attacks. That is why we are working alongside election officials and their private sector partners to help protect their databases and respond to possible ransomware attacks,” Christopher Krebs, CISA’s director told the publication on Monday.
One thing the guidance won't do, per Reuters, is direct victims to either pay or not pay the ransom if they're ultimately hit by the malware.
The FBI has had a checkered history with this regard. Its most recent stance, made more clear in an FBI podcast last week, urged victims not to pay the ransom, stressing it could further encourage criminal activity.
"There was an example where a company paid the ransom, and the bad actors provided a ransomware key, but instead of unlocking that company’s data it, actually erased all that company’s data. These are fairly rare instances, but there is a risk there... " Section Chief Herbert Stapleton, of the FBI's Cyber Division, told Mollie Halpern, the head of the FBI's Office of Public Affairs.
“It really just encourages and facilitates further criminal activity. They basically will continue to attack as long as it’s profitable for them. So, continuing to contribute to that profitability just encourages more ransomware attempts.”
While it remains to be seen what the scope is and how comprehensive CISA's program may be, few could argue it's not necessary. Ransomware attacks are nothing new but they've especially tested the resolve of U.S. cities this year.
This month alone has seen a slew of attacks against municipalities in Texas, 22 in total. There were also attacks that took aim at the networks of the city of Baltimore, Albany, Lake City, Fla., and the Administrative Office of the Georgia Courts over the past several months. These of course followed up a massive ransomware attack in Atlanta last year that rendered municipal operations useless and cost the city upwards of $2.7 million to recover.