Behind The Ransomware Attack On Palm Beach County Elections In 2016
AUDIE CORNISH, HOST:
We know Russia interfered in the 2016 presidential election, but now we're just learning that hackers separately attacked the elections office in one of Florida's biggest counties that same year. It was a ransomware attack, and it underscores just how many cyber threats local officials are dealing with as the 2020 elections get underway.
For All Tech Considered, NPR's Miles Parks joins us here in the studio. Hey there.
MILES PARKS, BYLINE: Hi there.
CORNISH: Tell us about this particular ransomware attack.
PARKS: This occurred in Palm Beach County in south Florida just north of Miami, and this ransomware attack took over part of the elections office in Palm Beach County in September of 2016 just weeks before the presidential election. The attacker was able to lock up some files.
Details are still a little hazy at this point. The election supervisor who is relaying these details - I talked to her just last week. She was not in place at the time of the attack, so she's basically getting all of this information secondhand. What she says is that some files were locked up. It does not seem that payment was made to this attacker. And since then, the government has come in, cleaned up the system, says that everything's clean at this point. But we know that they were able to break into this election system leading up to that election.
CORNISH: Why are we just hearing about this now?
PARKS: Well, there are no federal rules for disclosure of attacks like this, and cybersecurity experts say these ransomware attacks are probably happening more frequently than we think. The public not knowing about it - not as surprising. What's really shocking is law enforcement, the FBI, the Department of Homeland Security and state officials in Florida did not know about it until just this past November. Now Palm Beach County says they're working with the federal government to make sure everything is secure in 2020 and that they're confident things will be done, but it's clear that best practices were not followed here.
CORNISH: We sometimes hear about ransomware when it comes to cities. Can you talk about how big a problem it is in government networks more broadly?
PARKS: It's a big problem. I talked to Daniel Castro, who's the vice president of the Information Technology and Innovation Foundation, and he said that in the first half of 2019, two-thirds of ransomware attacks targeted state or local governments. There's a couple reasons that this is happening more frequently now than it was just a couple of years ago. First of all, governments are notorious for having not the most up-to-date IT systems and then secondly, the rise of cryptocurrency, Castro says.
DANIEL CASTRO: You can make payments on bitcoin. They're basically anonymous. And so the criminals that do this are able to demand their ransom payments in bitcoin and run off untraceable.
PARKS: To be clear, it seems that in Palm Beach County, that payment wasn't made, but we know that some governments are making these payments - tens of thousands of dollars in some cases - and that's lucrative for cybercriminals.
CORNISH: How worried should voters be?
PARKS: They should be pretty worried about this attack. Until governments have made it clear that they are not going to pay these ransoms ever, these local governments are going to continue to be targeted. The Department of Homeland Security says it's working with local government officials to train them on how to back up their files to make it so they don't need to be paying these, but until governments have made it clear that they're never going to be paying these ransoms, these attacks are going to continue.
CORNISH: That's NPR's Miles Parks. Thanks for your reporting.
PARKS: Thank you.
(SOUNDBITE OF EL PERRO DEL MAR SONG, "DARK NIGHT") Transcript provided by NPR, Copyright NPR.