Warner Calls Cyberattack a Warning for Election Cybersecurity
CLARKSBURG — A recent ransomware attack on government computer systems in Harrison County did not affect voter registration systems or other counties, and the West Virginia Secretary of State’s Office is preparing counties for other cyber-attacks leading to the 2020 election
Secretary of State Mac Warner was joined by his staff and county clerks from the region Wednesday at the secretary’s North Central Business Hub in Clarksburg.
On June 13, county databases were victims of a ransomware attack, whereby computer services are locked out until a ransom is paid. Offices affected included the prosecuting attorney, the county assessor and the clerk’s office.
Ransomware attacks can often happen when someone clicks a phishing link, which allows bad actors access to the computer system.
“Everyone is susceptible to this individually, in businesses, in government, and so on,” Warner said. “It’s important to know what we’re doing in West Virginia to stay ahead of this trend and what we’re doing to train folks.”
Harrison County Clerk Susan Thomas said the cyber-attack only affected the office’s online access to vital records, estate and probate documents, and tax records. The records are still available for view at the clerk’s office, though re-creating the online database could take years. The FBI and the U.S. Attorney’s Office for the Northern District of West Virginia are investigating the attack.
Thomas said the ransomware attacked only affected non-election-related county systems. The county’s voter registration system remains intact and the ransomware attack did not extend beyond Harrison County.
“The elections are safe,” Thomas said. “The attack that happened to us had nothing to do with that side of it. It did not affect the voter registration system. Your vote has always been safe as far as that goes, but it’s the registration that could possibly be hacked into. (The Secretary of State’s Office) has taken every effort to ensure that is safe.”
Warner said more than 100 ransomware attacks have been reported this year throughout the U.S. and many more are unreported.
“The question for government officials is do you pay that ransom and reward those people to continue that or not,” Warner said. “If you don’t pay that ransom, then you’re having to build from ground up, and that can cost millions of dollars.”
Thomas credits her office’s training in election cybersecurity for making sure county election systems were unharmed. When the attack was first detected, the first place Thomas ran was to the voter registration system to ensure it was not affected.
Over the last few years, Warner has made it part of the office’s mission to help county clerks understand the risks inherent with cyber-attacks in light of Russia’s involvement in interfering with U.S. elections in 2016.
According to a report by the secretary of state’s office, the voter registration systems in 21 states were targeted by Russia leading up to the 2016 elections, but all 50 states had their systems scanned. West Virginia was not specifically targeted.
Just prior to Donald Trump taking office, President Barack Obama’s Department of Homeland Security listed election security as critical infrastructure, giving the agency more of a role in helping states protect their elections systems.
Warner, who took office in 2017, worked with the National Association of Secretary of States, the Election Assistance Commission, and DHS to create a pathway for security clearances for secretaries of state to receive real-time updates on election threats. A West Virginia National Guard member with security clearance is also embedded in the secretary of state’s office to monitor election databases.
Last year, the secretary of state’s office received a $6.5 million grant that counties applied for portions of to upgrade election systems, implement cybersecurity systems, and replace old electronic voting machines.
No electronic voting machine is connected to the internet, requiring a potential hacker to have to hack into one of several machines at one of the 1,700 precincts across the state. Counties also use machines with voter-verified paper trails along with machine audits.
“We are prepared for 2020,” said Deputy Secretary and Chief of Staff Chuck Flannery. “We are ready to share information, we’re ready to tackle the issues, to put the barriers up on voter registration databases.”
Working with the Defending Digital Democracy project at Harvard University’s Belfer Center for Science and International Affairs, Warner and the office’s IT division helped create game plans for cyber-attacks on voter registration systems and other various forms of election interference. Last summer, the office held a tabletop exercise with county election officials to simulate problems that can occur leading up to an election and on Election Day.
“You basically run worst-case-scenario exercise in a compressed time frame so that when you actually go through that even in real-time, your muscle memory is trained to better respond to whatever those threats are,” said Chief Information Officer Dave Tackett. “We took the Belfer model and I think we were one of the first states to do a statewide table top exercise for our counties.”
Even though the Harrison County ransomware attack did not affect county election databases, Thomas hopes the attack puts all counties on alert to stay vigilant against any potential election system attack.
“The biggest thing I want to say is just be careful,” Thomas said. “Watch what you’re doing when you see something on that computer screen. We have to be aware of what we’re looking at and what we’re clicking on.”