Election Security Concerns Following Tyler Tech Ransomware Attack

Tyler Technologies, Inc. was recently hit by a ransomware attack. You might be thinking So what? Ransomware attacks happen all the time. While, yes this is true, ransomware attacks are unfortunately growing to be more and more common, and every ransomware attack is an issue of high concern to both the impacted company and clients, this situation is a bit different -- the hit to this company, particularly at this time of year, is a major problem. Tyler Technologies, Inc. is one of the largest solution and software providers to the United States Government, a major piece of which is election software, among other things such as emergency management systems and tax software.

With COVID-19 still rearing its ugly head, mail-in voting and online voter registration are more common this election season than any voting year in the past. This, coupled with the regular security threats posed to the technology utilized in voting booths means that cybercriminals will be trying to hack the election in 2020, finding their own ways to dismantle the political world. This ransomware attack has exposed this company as being vulnerable to malicious actors and likely has opened the floodgates for more copycat hackers.

The attack itself hit the business on a Wednesday in mid-September of 2020. In a statement to KrebsOnSecurity, Tyler Technologies' CIO Matt Bieiri stated that evidence of an online intruder was found by the business where it appears that the said attacker had gained access to the company’s phone and IT system and additionally shut down points of access to external systems and began investigating. Following this attack, the Department of Homeland Security and the FBI stated that this would increase the likelihood of foreign attackers who would spread misinformation about the election. According to an article out of Fox News, representatives from the agencies stated, “State and local officials typically require several days to weeks to certify elections’ final results in order to ensure every legally cast vote is accurately counted.” These representatives expressed concerns regarding potential incomplete results come election night 2020.

While representatives from Tyler Technologies claim that no client data was accessed or harmed in this attack, suspicious logins have been reported following this ransomware attack. Professional customers from the company additionally reported that they noticed previously unseen remote access tools (RATs) to their companies’ networks and servers. This further concerns many individuals who were already weary around the 2020 election. Specialists across both party lines have hinted that, if you feel safe enough doing so given the current climate, voting in person can help you to avoid the technological threats potentially posed to the election through vulnerabilities in election software.

Image from Tyler Technologies, Inc.