Friday, February 14, 2020

Ex-elections chief denies 2016 ransomware attack; current chief doubles down: ‘it happened’. (Palm Beach Post)

Palm Beach County Supervisor of Elections Wendy Sartory Link responds to former Supervisor Susan Bucher’s comments about a 2016 ransomware attack at the office.
Palm Beach County elections chief Wendy Sartory Link doubled down on her revelation that the office had been subject to a ransomware attack in 2016, even though her predecessor said it never happened.
“All I can tell you is what I know, and that is the staff who was here at the time reported that it happened and there were people who worked closely with her who said it happened,” Link said Thursday, in response to Bucher’s comments published by the South Florida Sun Sentinel.
The Palm Beach Post made multiple attempts to contact Bucher but she did not respond.
Bucher called Link’s story “irresponsible” in a text message Wednesday evening to the Sun Sentinel.
“I can swear on a stack of Bibles that our county was never ransomwared. It is irresponsible for the supervisor (Link) to scare our voters. We are behind Palm Beach County’s firewall. And she should know better,” Bucher wrote, according to the Sun Sentinel.
Bucher, a Democrat, was removed from office by Gov. Ron DeSantis after Palm Beach County missed recount deadlines in 2018.
DeSantis, a Republican, appointed Link to the position in January 2019. Link is running this year as a Democrat to retain her seat.
Link told The Post on Wednesday that she only learned of the September 2016 attack after former Information Technologies Director Jeff Darter was fired because of his November arrest on child porn possession charges.
Link said the attack did not appear to be one of two Florida attacks detailed in Special Counsel Robert Mueller’s report on Russian attempts to influence the 2016 presidential election.
While the identity of those two counties has never been officially released, The Washington Post in May identified Washington County in the Florida Panhandle as one. Politico identified the other as a “mid-sized county on the East Coast of the state.”
Back in 2016, Sean Williams personally witnessed the ransomware attack.
“We watched as files were (disappearing) and I was one of the two key people to call to say, ‘There’s something going on.’ So that did happen,” said Williams, who is now Link’s director of elections.
Ed Sacerio, the elections office’s current IT director, told The Post that Darter then yelled at him over the phone to shut down all the servers.
The attack occurred on an office computer within the main headquarters, not the Riviera Beach warehouse where tabulation machines are kept. The virus encrypted some Microsoft Word documents and Excel spreadsheets, but did not impact voter information, Link said.
No ransom was paid, Williams added.
Having learned about the incident three years later, Link reached out to the state, FBI and Department of Homeland Security. None previously had been notified, Link said.
Florida Secretary of State Laurel Lee told The Post in an email that the State Department “was not made aware of the ransomware attack,” adding that “we are grateful for the leadership of Supervisor Link who is fully supportive of Florida’s election security and is committed to open, fair and accurate elections.”
It was not clear when Link notified the state of the ransomware attack.
Lee noted that the State Department conducted an “elections-specific risk assessment” across the state, and has five Cyber Navigators to help election supervisors with issues.
“Through these measures and partnerships, the department is confident that we have now, more than ever, a stronger defense against any potential future threats,” Lee said.

No comments: