A malicious virus first infected some local government computers in Finney County, Kansas, in late June. Officials there say that malware did not reach any election systems. But Vice President Mike Pence suggested otherwise this week at the National Cybersecurity Summit.
The malware crept in and then spread through Finney County computers over email attachments. Officials shut down their county network and contacted the Kansas Secretary of State’s office. That triggered the summoning of the federal Department of Homeland Security for an investigation that ultimately revealed no attempt to foul up voting.
Finney County officials said the malware didn’t appear to specifically target the county or its election systems. Those voting operations work on a deliberately separate network.
“Voter information has never been stored on our network; that information is stored by the State,” Sara McClure, spokeswoman wrote in an email. “We set up a free-standing network, entirely unattached to ours, in order for our Clerk’s Office to access voter information.”
Pence characterized it differently at the summit.
“Finney County, Kansas, reached out to DHS for help after a malware attack forced them to shut down not just their election network,” said Pence, “but the entire county’s network."
But county, state and Homeland Security officials said the election system wasn’t infected. And it didn’t shut down.
Officials said that while individual computers were infected and the county network was shut down, networks weren’t infected and information wasn’t leaked.
“State and County information and networks had not been impacted and there is no evidence that the issue had spread,” a DHS official wrote in an email. “To date there are no indications that any citizen’s personal information was impacted.”
The country has stepped up election security nationwide, said Joseph Hall, the chief technologist at the nonprofit Center for Democracy and Technology.
“Election officials are doing their best to put up as many barriers as they can in front of all sorts of attackers,” Hall said.
He said Finney County has up-to-date voting machines that leave a paper trail, which makes them a poor target for an attack.
But other governmental systems remain vulnerable. The malware temporarily shut down the Finney County Health Department and crippled other county services.
A Ransomware attack on Atlanta earlier this year shut down city and county departments and caused millions of dollars of damages.
Ben Kuebrich reports for High Plains Public Radio in Garden City and the Kansas News Service, a collaboration of KMUW, Kansas Public Radio, KCUR and HPPR covering health, education and politics. Follow him on @Ben_Kuebrich.