{
	"id": "48f7a1e8-840a-42ce-81b7-f2afba797634",
	"created_at": "2026-04-06T00:11:19.847322Z",
	"updated_at": "2026-04-10T03:20:03.372092Z",
	"deleted_at": null,
	"sha1_hash": "2d2ac1b9cb2f5a2d574b253fcdda519b3f4d0b33",
	"title": "Report: Ransomware disables Georgia county election database | AP News",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 37875,
	"plain_text": "Report: Ransomware disables Georgia county election database |\r\nAP News\r\nBy By  FRANK BAJAK\r\nPublished: 2020-10-23 · Archived: 2026-04-05 22:25:59 UTC\r\nPublished 8:20 PM UTC, October 23, 2020\r\nA ransomware attack that hobbled a Georgia county government in early October reportedly disabled a database\r\nused to verify voter signatures in the authentication of absentee ballots.\r\nIt is the first reported case of a ransomware attack affecting an election-related system in the 2020 cycle. Federal\r\nofficials and cybersecurity experts are especially concerned that ransomware attacks — even ones that don’t\r\nintentionally target election infrastructure — could disrupt voting and damage confidence in the integrity of the\r\nNov. 3 election.\r\nThe Oct. 7 attack on Hall County, in the northern part of the state, hit critical systems and interrupted phone\r\nservices, the county said in a statement posted on its website. County spokeswoman Katie Crumley did not return\r\nmultiple requests for comment from The Associated Press.\r\nBut according to a report in the Gainesville Times, the attack also disabled the county’s voter signature database.\r\nCrumley was also quoted in an online CNN story saying that the attack affected both the signature database and a\r\nvoting precinct map.\r\nRansomware scrambles affected computer networks with encryption that can only be unlocked with keys provided\r\nonce the victim has paid up. Deloitte analyst Srini Subramanian said ransoms local governments pay in such cases\r\naverage about $400,000.\r\nAn update Thursday evening on the county website said “the voting process for citizens has not been impacted by\r\nthe attack.” However, a county official quoted by the Times said signature verification was slowed because\r\nemployees had to manually pull hard copies of voter registration cards in many cases. The official was quoted as\r\nsaying that most voter signatures could still be verified using a state database unaffected by the attack. The county\r\nhas 129,000 registered voters.\r\nIn most states, signatures are used to validate absentee ballots sent by mail. Written on the envelopes that sheath\r\nthe ballots, they are matched by election workers against signatures on file with state and local election\r\nauthorities.\r\nFederal officials recently announced that Russian hackers have infiltrated dozens of state and local government\r\nnetworks and could be poised to launch disruptive attacks.\r\nAn international ransomware syndicate known as Doppelpaymer appears to be involved in the Hall County attack.\r\nIt posted documents purportedly stolen from Hall County on a dark web site as proof of responsibility.\r\nhttps://apnews.com/article/virus-outbreak-elections-georgia-voting-2020-voting-c191f128b36d1c0334c9d0b173daa18c\r\nPage 1 of 2\n\nCrumley, the county spokeswoman, did not respond to an email asking how much ransom that attackers had\r\ndemanded and whether the county had paid a ransom.\r\nBrett Callow, a threat analyst at Emsisoft cybersecurity firm, said the attack could augur other similar actions\r\nexploiting the proximity of Election Day.\r\n“The real question is how many local government networks are already compromised? Threat actors frequently\r\ndelay deploying ransomware on compromised networks until what they consider to be the most opportune\r\nmoment — and that may well be in the days immediately prior to the election,” he said. “What better time to\r\nextort money from a government by holding its systems hostage than when those systems are most needed?”\r\nA worsening ransomware plague is afflicting U.S. cities, counties and school districts, exacerbated by the COVID-19 pandemic.\r\nAt least 82 government bodies in the U.S. have been hit by ransomware so far this year. Eighteen of those\r\nincidents have occurred since the beginning of September, according to Emsisoft.\r\nSource: https://apnews.com/article/virus-outbreak-elections-georgia-voting-2020-voting-c191f128b36d1c0334c9d0b173daa18c\r\nhttps://apnews.com/article/virus-outbreak-elections-georgia-voting-2020-voting-c191f128b36d1c0334c9d0b173daa18c\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"references": [
		"https://apnews.com/article/virus-outbreak-elections-georgia-voting-2020-voting-c191f128b36d1c0334c9d0b173daa18c"
	],
	"report_names": [
		"virus-outbreak-elections-georgia-voting-2020-voting-c191f128b36d1c0334c9d0b173daa18c"
	],
	"threat_actors": [],
	"ts_created_at": 1775434279,
	"ts_updated_at": 1775791203,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/2d2ac1b9cb2f5a2d574b253fcdda519b3f4d0b33.pdf",
		"text": "https://archive.orkl.eu/2d2ac1b9cb2f5a2d574b253fcdda519b3f4d0b33.txt",
		"img": "https://archive.orkl.eu/2d2ac1b9cb2f5a2d574b253fcdda519b3f4d0b33.jpg"
	}
}