Secretary of State Connie Lawson believes that Indiana's election process is safe from foreign intrusions. (HPI Photo by Mark Curry)
Secretary of State Connie Lawson believes that Indiana's election process is safe from foreign intrusions. (HPI Photo by Mark Curry)

INDIANAPOLIS – Twice this summer Indiana counties have faced cybersecurity assaults, with LaPorte County actually paying $132,000 in ransom to sophisticated hackers. LaPorte County Commissioner Vidya Kora said the payment was made with the virtual currency Bitcoin after FBI experts weren’t able to unlock the county’s data. 

In Vigo County, a ransomware attack targeted a software vulnerability in 129 of the county’s 489 computers, according to Government Technology. By the end of the month, 95% of the county computers were running again.

GT reported: “The county’s information technology personnel are now sending analytical information to the FBI to help it discover patterns in the ransomware attack, said Jeremy Snowden, director of the county’s information technology department. ‘[The FBI] are putting together information in the back end to see if it relates to similar attacks of this nature,’ Snowden said, adding it is standard protocol to contact the FBI and others, including the Indiana Secretary of State’s office, after such an attack.”

But it begs the question, what if randsomware hit counties during an election? It is Russian President Putin’s dream to disrupt and discredit a U.S. election. Targeting a handful of counties in several critical states could do that.

Howey Politics Indiana asked Secretary of State Connie Lawson’s office about this potential vulnerability, particularly after 22 Texas municipalities were hacked for ransom this past week. Sophisticated hackers are targeting counties and cities, many operating on tight, shoestring budgets.

“Cybersecurity is something our office takes very seriously, and we are continuing to equip counties with updated security techniques and train staff in the latest cyber trends,” said Ian Hauer, spokesman for Sec. Lawson. “The good news is that our election systems are not connected to the Internet or a county-wide network on Election Day, and therefore cannot be hacked remotely. Poll workers monitor machines closely, and e-pollbooks, which contain voter information, are working from a mirror system and are not connected to the Statewide Voter Registration System.”

Hauer said that in the event of a power outage or similar delay, “The e-pollbooks can restart and reset securely, usually in a matter of minutes. Electronic voting machines have their own failsafe, a paper record within the machine that can be audited in the event of an outage.”

Hauer added, “Finally, Indiana has introduced risk-limiting audits to the voting process, which allows the non-partisan Voting System and Technical Oversight Program to verify the results of an election and check for any anomalies. We continue to work with our partners at every level of government to ensure the integrity of Hoosier elections.”

On Monday, Reuters reported that the U.S. government plans to launch a program in roughly one month that narrowly focuses on protecting voter registration databases and systems ahead of the 2020 presidential election. These systems, which are widely used to validate the eligibility of voters before they cast ballots, were compromised in 2016 by Russian hackers seeking to collect information. Intelligence officials are concerned that foreign hackers in 2020 not only will target the databases but attempt to manipulate, disrupt or destroy the data, according to current and former U.S. officials.

“We assess these systems as high risk,” said a senior U.S. official, because they are one of the few pieces of election technology regularly connected to the internet, according to Reuters. The Cybersecurity Infrastructure Security Agency, or CISA, a division of the Homeland Security Department, fears the databases could be targeted by ransomware, a type of virus that has crippled city computer networks across the United States, including recently in Texas, Baltimore and Atlanta.

“Recent history has shown that state and county governments and those who support them are targets for ransomware attacks,” Christopher Krebs, CISA’s director, told Reuters. “That is why we are working alongside election officials and their private sector partners to help protect their databases and respond to possible ransomware attacks.”

“Our thought is we don’t want the states to have to be in that situation,” said a Homeland Security official. “We’re focused on preventing it from happening.”

That attack, dubbed “NotPetya,” went on to damage global corporations, including FedEx and Maersk, which had offices in Ukraine where the malware first spread. The threat is concerning because of its potential impact on voting results, experts say.

“A pre-election undetected attack could tamper with voter lists, creating huge confusion and delays, disenfranchisement, and at large enough scale could compromise the validity of the election,” John Sebes, chief technology officer of the ESET Institute, an election technology policy think tank, told Reuters.