Chenango County in south-central New York state recently suffered a cyber-attack that affected some of the county’s computer systems. It is believed that more than 200 computers were compromised with the threat actors, who then asked for a $450 ransom per device. This comes at a critical time as the 2020 general election is just under a week from taking place. This attack left many voters wondering if their absentee ballot was received. The county board of elections has stated voting has not been affected but out of precaution they urged voters to contact them if they sent an absentee ballot by email on or after October 15th. The county’s information technology director Herman Ericksen said the ransom will not be paid and all computers are being cleared and necessary software is being reinstalled. Local law enforcement as well as the Department of Homeland Security are assisting the county in their efforts to discover how the malware made its way into their system and there is some speculation that the attack originated in Hong Kong.
Situations like these highlight the importance of having a defense-in-depth strategy in place that can greatly reduce the effect of attacks. Pairing anti-virus software with endpoint detection and response sensors can alert of intrusions and allow for analysts to better understand attacker behaviors. With these precautions in place, attacks can be stopped before they are started or stopped early enough that no significant damage is done. The Binary Defense Security Operations Task Force offers 24/7 monitoring of security systems by skilled analysts, who can respond to threats in the early stages of attacks and cut off the remote access of attackers before they have a chance to spread and do more damage.