Ransomware is the latest threat to the 2020 election. Here are the facts

Ransomware is a type of malicious software that locks up a victim’s computer and renders it unusable until the victim pays off the attacker, frequently in bitcoin. This type of cyberattack is worsening, and in recent years ransomware attacks have hit targets as varied as Baltimore’s city government, the website of an Illinois public health district and the University of California. This week, Microsoft announced it took down a major hacking network that had been used to spread ransomware, and the company said it could have been used to interfere with the election indirectly by freezing access to voter rolls or websites displaying election results.

There is no evidence that cyberattacks have compromised voting infrastructure in 2020. But the term ransomware understandably has many Americans on edge: It conjures up scary thoughts of widespread computer outages, chaos at critical entities like hospitals or banks, and shadowy hackers with a hidden agenda. Just how badly could ransomware disrupt the election, and how worried should we be?

Experts say that while it’s important to be alert and informed about the risk, it’s vital to keep the threat in perspective. Ransomware’s potential to disrupt the election is plausible, but it is “mainly a hypothetical threat right now,” said Lotem Finkelsteen, a threat analyst at digital security firm Check Point.

At a time of enormous uncertainty, ransomware may seem like an urgent and novel threat to the election. The reality is more complicated. Here’s what you need to know about ransomware going into the 2020 election.

How could ransomware affect the election?

The nightmare scenario is if ransomware suddenly locked down important parts of the voting infrastructure all around the country, said Jason Healey, a cybersecurity expert at Columbia University and a former White House director of cyber infrastructure protection.

“The concern at [the Department of Homeland Security] and the Pentagon will be that ransomware will hit at the county and state level to disable voting registers, vote tallying and reporting, and result reporting,” Healey said. “Election machines themselves should be harder [to compromise], as they’re less connected.”

The shocking Twitter hack this summer started with a tech support scam, New York regulators allege