U.S. The city and county governments have been hacked by a major software supplier, the company said in an email to government customers.
Planes, which provide software and network services to dozens of counties and cities across the country, Texas-based Tyler Technologies became aware of the “security incident” to its information technology systems on Wednesday, Chief Information Officer Matt Beary said in an email. Consumer Review by NBC News.
In an update on its website on Thursday, the company said it was infected with an anonymous strain of ransomware.
The company says it is in the process of responding to any security incident involving unauthorized invol access to our internal phone and information technology systems by an unknown third party, the site says.
The company focuses on providing administrative and tax services to the counties. While it does not work directly in election software, its products can be used to post information about results and polling place locations, the company said.
And while there is no evidence that the attack has spread to the counties working with Tyler, it provides a fresh warning that election interference could occur unexpectedly.
Counties typically share all of their services, including electoral systems, on the same network, meaning that even a ransomware infection can inac access that information.
The Cybersecurity and Infrastructure Security Agency, which advises counties and other government agencies involved in the election, declined to comment. But in an unrelated joint statement with the FBI on Thursday, the agencies said “cyber actors continue their efforts against voter registration or voter registration information, managing non-voting election processes, or reporting unauthorized election nights.”
“These efforts may make these systems temporarily inaccessible to election officials, which may slow them down, but not to vote or report results,” the warning said.
Employees at Tyler Technologies did not respond to requests for comment. “The company has excluded security consulting and proposed law enforcement,” Biari wrote in his email.
County and local governments have repeatedly been victims of rinsomware in recent years. Federal officials have repeatedly warned that short-staffed counties are particularly easy targets and could wreak havoc during elections.
Although hackers have little ability to change votes, hardening electronic ballot books offline and forcing counties to use paper backups can drastically increase the time it takes to vote.
Some counties that use Tyler Technologies’ software said they have seen evidence that they were affected by the rinsomware. For many clients, attacking a business that runs software software is a common way to spread ransomware.
In June, a file template named “.tylertech911-f1e1a2ac” was uploaded to VirusTotal, a repository used by cybersecurity researchers to share information about malicious software. The naming convention suggests that hackers were using a relatively new strain of ransomware called RansomXX to target Tyler Technologies, said Brett Chloe, an analyst at cybersecurity company Amisoft.
“While this does not prove that Tyler was a victim of tech ransomware, it is certainly a strong indicator.”
Such companies are “usually able to remotely access their customers’ networks,” said Cal Cal Lloyd. When someone is infected with ransomware, “they can bind and encrypt data on those networks.”
“There have been many examples of such compromises in the last 12 months,” he said.
