A Texas company selling software that cities and states use to display results on election night was hit by ransomware last week. It was the latest of nearly a thousand such attacks over the past year against cities and the contractors who run their voting systems, reports the New York Times. Many attacks are conducted by Russian criminal groups, some with shady ties to President Vladimir Putin’s intelligence services. The attack on Tyler Technologies, which continued Friday night with efforts by outsiders to log into its clients’ systems around the U.S., was rattling less than 40 days before the election. While Tyler does not tally votes, it is used by election officials to aggregate and report them in at least 20 places, making it the kind of soft target that the Department of Homeland Security, the FBI and U.S. Cyber Command worry could be struck by anyone trying to sow chaos and uncertainty on election night.
It appeared to be an ordinary ransomware attack, in which data is made inaccessible unless the victim pays a ransom, usually in harder-to-trace cryptocurrencies. Some Tyler clients saw outsiders trying to gain access to their systems, raising fears that the attackers might be out for something more than just a quick profit. That has been the fear haunting federal officials for a year now: that ransomware groups will try to freeze voter registration data, election poll books or the computer systems of the secretaries of the state who certify election results. Federal investigators do not have a clear picture of whether the ransomware attacks are purely criminal acts, seeking a quick payday, or Trojan horses for nefarious Russian interference. In the first two weeks of September, another seven American government entities have been hit with ransomware and their data stolen.