A recent surge in ransomware attacks has raised concerns over the safety of the upcoming United States presidential election.

 An unprecedented 966 instances of cybercriminal activity plagued the United States public sector over the past year alone, with two-thirds of these cases directed toward state and local government systems. 

Criminal groups in Russia and Eastern Europe are the most prevalent perpetrators of the attacks, with some having connections to the intelligence services under Russian president, Vladimir Putin. President Putin and the Russian government interfered in the 2016 United States presidential election. 

Russian hackers attempted a similar trick in the 2014 Ukrainian presidential election, manipulating how the election results were reported to the media to erroneously claim that a far-right candidate had won.

The digital attacks by the Russian government targeted voter registration databases, staff emails within the Clinton campaign, the Democratic National Committee, and Republican opponents of Donald Trump. According to a report by the U.S. Senate Select Committee on Intelligence, these attacks focused primarily on disturbing “U.S. election infrastructure at the state and local level,” with no evidence suggesting that actual votes nor voting machines were tampered with. 

The latest targeted attack came against Tyler Technologies on Wednesday, Sept. 23. According to a public statement made by Tyler, the company detected a ransomware breach of its “internal phone and information technology systems by an unknown third party.” 

Tyler Technologies notes that its systems do not tie directly into the election process. However, the company is a major supplier of digital systems across the public sector, and its data collection software, Socrata, is used by some polling locations to calculate election results. 

In a critical step toward combating international cybercrime, Microsoft announced on Monday, Oct. 12, that it had officially obtained a court order that heightened its leverage in countering the criminal activity of Trickbot, an influential botnet. 

Trickbot is a decentralized, Russian-based system of computers that has infected over a million devices internationally since its creation in 2016. This system has historically avoided political interference, instead preferring to spread ransomware or hijack bank accounts. 

However, the operators of Trickbot have recently begun renting the program out for other cybercriminals to use. As a result, the public sector has seen an increase in Trickbot attacks. Local and state governments have been targeted by ransomware.

In Microsoft’s public statement this Monday, corporate vice president Tom Burt acknowledges the threat ransomware poses to the upcoming presidential election, saying, “Adversaries can use ransomware to infect a computer system used to maintain voter rolls or report on election-night results, seizing those systems at a prescribed hour optimized to sow chaos and distrust.”  

By taking a stance against Trickbot and offering software to help protect organizations from ransomware threats, Microsoft pledges an active role in defending the U.S. presidential election from cybercriminal interference. 

President Donald Trump has already made a point of delegitimizing the results of the upcoming election. He has flagged mail-in ballots as an unreliable method of voting despite reliable evidence to the contrary, accusing Democrats of wide scale voter fraud despite many of his claims being grossly exaggerated or basely untrue.

Brett Callow, a specialist on ransomware cybersecurity, noted that obstructing the activity of Trickbot at this time could block election-related attacks and protect the activation of its viruses. 

As is the nature of cybercriminal activity, however, new code is constantly in development to outmaneuver the security measures put in place. Ransomware remains an active threat to United States politics. The F.B.I. cautions U.S. citizens to be wary of “disinformation that includes reports of voter suppression, cyberattacks targeting election infrastructure, voter or ballot fraud, and other problems intended to convince the public of the elections’ illegitimacy.”