Cyberattack on Coffee County Disconnects Voter Registration System as Ransomware Suspected

Georgia’s Coffee County experienced a cyberattack this month that prompted officials to disconnect from the state’s voter registration system as a precautionary measure, according to three sources familiar with the matter who spoke to CNN. The incident is believed to be a ransomware attack in which hackers lock computer systems and demand payment, they said.
The Federal Cybersecurity and Infrastructure Security Agency (CISA) notified Coffee County of the cyberattack on April 15th, while federal and county officials attempt to identify those responsible for the breach. The voter registration system known as GARViS is a relatively new technology designed by state authorities to ensure accurate registration information for Georgia’s four million voters.
Although there are no indications that GARViS was compromised, Coffee County remained disconnected from this platform during multiple days while county officials utilized backup laptops and cellular networks isolated from the affected system due to being cut off via emergency protocol as part of measures to limit access between affected computers systems within their network.
Coffee County is home to around 43,000 people in southeastern Georgia and was a focal point for efforts by supporters of former President Donald Trump to overturn the results of the 2020 election. In January last year, pro-Trump operatives breached Coffee County’s elections office as part of an attempt to uncover data that would support false claims regarding the stolen nature of this presidential vote tally.
CISA referred queries Friday evening back to Coffee County officials who did not immediately respond when contacted by CNN for comment on the matter. Ransomware attacks have become increasingly common in recent years, affecting both state and local governments across America including Georgia’s Fulton County (which is home to Atlanta) where a similar cyber-attack took place last January that left computers downed for weeks with phone lines affected as well as water bill payments delayed. However, this hack did not affect the county’s election process in any way whatsoever.
Federal officials have long been concerned about potential ransomware attacks on state and local governments which could impact voting systems but to date no such instances of direct electoral interference have ever taken place anywhere around the world as far as can be determined by cybersecurity experts monitoring this area for signs of any malicious activity. US Cyber Command, a military hacking unit that operates under federal authority has previously conducted operations against ransomware criminals who could potentially threaten election infrastructure in future events should they become involved with such criminal networks at some point down the line.