Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsAnother Cyberattack--(It's Coffee County, Georgia Again)
Full Press Release from CoalitionForGoodGovernance.org
[best to read release at the link since there are many embedded links within the release which are not included in DU post]
https://myemail-api.constantcontact.com/A-New-Cyberattack-Hits-GA-County--Coffee-County--Again--.html?soid=1109272168263&aid=vemHYXPzmjQ
Another Cyberattack--(It's Coffee County, Again)
Join CGG Demands for Better Security
April 29, 2024
A serious cyberattack on Coffee County was detected this month. The news broke over the weekend with Cyberscoop and CNN reports on Friday night that malicious actors attacked Coffee Countys countywide information system. No one can yet realistically assess the damage and risks, although officials have issued their usual overly-optimistic all is well assurances.
Several days ago, we heard rumblings from CGG members in Coffee about malfunctioning websites and sketchy answers from the Election Office about the operation of the voter registration system. We poked into inoperable Coffee County websites. We filed public records requests with Coffee County, only to get misleading responses from the county attorney that records storage was indefinitely down for maintenance.
We alerted reporters, and enough pressure was exerted to extract a few facts from Coffee County and Secretary Raffenspergers office that a cyberattack had occurred, and the Department of Homeland Security and its Cybersecurity Infrastructure and Security Agency (CISA) had notified Coffee officials on April 15. It apparently took days before the county officials would acknowledge the breach to Georgia state officials, leaving the state without the basis to contain, mitigate, or remediate damage and escalating risk in the meantime.
How could that be? Ask the State Election Board, which has declined to make mandatory cyber incident reporting requirements over the last year, although CGG has formally requested such Election Code rules since April 2023.
Given the complex nature of Georgias voting system and election infrastructure, once attacked, there is no realistic way for experts to timely assess the potential damage or whether malware has been deployed. The longer malicious attacks are concealed, the more the risk of election subversion escalates. It is imperative to have commonsense mandatory security incident reporting and mitigation requirements. Almost every business or organization of any size has mandatory security incident procedures for reporting and response. Yet, even today, the massive voting system breaches in Coffee County in 2021 could be repeated with no reporting requirements, detection or accountability.
Over the weekend we submitted yet another request for immediate rule-making. You may read it here. We urge you to write the election board here, and ask them to adopt mandatory rules for reporting and mitigating security incidents. Simply ask them to promptly adopt rules to require security incidents be timely reported and mitigated. They need to hear from voters and political leaders.
CGG undertakes unique and difficult work to protect elections from subversions. No other non-profit takes on the important non-partisan battles we do to expose and address fundamental election operation problems. Please help us continue our work to fight the risks of election subversion.
Thank you for your interest and support.
Coalition for Good Governance is a nonpartisan, nonprofit organization focused on election security, integrity, transparency and voter privacy.
Marilyn Marks
Marilyn@uscgg.org
Executive Director
Coalition for Good Governance
704 292 9802
Join CGG Demands for Better Security
April 29, 2024
A serious cyberattack on Coffee County was detected this month. The news broke over the weekend with Cyberscoop and CNN reports on Friday night that malicious actors attacked Coffee Countys countywide information system. No one can yet realistically assess the damage and risks, although officials have issued their usual overly-optimistic all is well assurances.
Several days ago, we heard rumblings from CGG members in Coffee about malfunctioning websites and sketchy answers from the Election Office about the operation of the voter registration system. We poked into inoperable Coffee County websites. We filed public records requests with Coffee County, only to get misleading responses from the county attorney that records storage was indefinitely down for maintenance.
We alerted reporters, and enough pressure was exerted to extract a few facts from Coffee County and Secretary Raffenspergers office that a cyberattack had occurred, and the Department of Homeland Security and its Cybersecurity Infrastructure and Security Agency (CISA) had notified Coffee officials on April 15. It apparently took days before the county officials would acknowledge the breach to Georgia state officials, leaving the state without the basis to contain, mitigate, or remediate damage and escalating risk in the meantime.
How could that be? Ask the State Election Board, which has declined to make mandatory cyber incident reporting requirements over the last year, although CGG has formally requested such Election Code rules since April 2023.
Given the complex nature of Georgias voting system and election infrastructure, once attacked, there is no realistic way for experts to timely assess the potential damage or whether malware has been deployed. The longer malicious attacks are concealed, the more the risk of election subversion escalates. It is imperative to have commonsense mandatory security incident reporting and mitigation requirements. Almost every business or organization of any size has mandatory security incident procedures for reporting and response. Yet, even today, the massive voting system breaches in Coffee County in 2021 could be repeated with no reporting requirements, detection or accountability.
Over the weekend we submitted yet another request for immediate rule-making. You may read it here. We urge you to write the election board here, and ask them to adopt mandatory rules for reporting and mitigating security incidents. Simply ask them to promptly adopt rules to require security incidents be timely reported and mitigated. They need to hear from voters and political leaders.
CGG undertakes unique and difficult work to protect elections from subversions. No other non-profit takes on the important non-partisan battles we do to expose and address fundamental election operation problems. Please help us continue our work to fight the risks of election subversion.
Thank you for your interest and support.
Coalition for Good Governance is a nonpartisan, nonprofit organization focused on election security, integrity, transparency and voter privacy.
Marilyn Marks
Marilyn@uscgg.org
Executive Director
Coalition for Good Governance
704 292 9802
InfoView thread info, including edit history
TrashPut this thread in your Trash Can (My DU » Trash Can)
BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks)
3 replies, 359 views
ShareGet links to this post and/or share on social media
AlertAlert this post for a rule violation
PowersThere are no powers you can use on this post
EditCannot edit other people's posts
ReplyReply to this post
EditCannot edit other people's posts
Rec (1)
ReplyReply to this post
3 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
Another Cyberattack--(It's Coffee County, Georgia Again) (Original Post)
diva77
Apr 29
OP
Tetrachloride
(7,914 posts)1. every iota of technical information isn't there, judging from the quote
in general, someone messed up, especially if the budget is on the cheap side
diva77
(7,686 posts)2. are you dismissing the possibility of a cyberattack?
Tetrachloride
(7,914 posts)3. i am saying the cyberattack was enabled because of low
budget or low administrative backing, unless it was Denial of Service due to hammering of the target website
i havent heard of denial of service in a while in our DU headlines
i presume most corporate cyber attacks are a cyber hostage thing or a password hack