Ransomware Attacks During the 2020 Election Cycle (Secretary of State, Records Management)
It is a clone of this request.
| Multi Request | Ransomware Attacks During the 2020 Election Cycle |
| Submitted | July 31, 2020 |
MuckRock users can file, duplicate, track, and share public records requests like this one. Learn more.
Communications
From: Allan Liska
To Whom It May Concern:
Pursuant to the Vermont Public Records Act, I hereby request the following records:
Guidance, including guidance to state and local elections officials and Secretary of State IT staff, avoiding, detecting or mitigating ransomware attacks on elections systems during the 2020 election cycle, on best practices for state and local elections officials accessing or storing sensitive information, including voter databases, and evaluations about the threat of ransomware disrupting the elections.
The requested documents will be made available to the general public, and this request is not being made for commercial purposes.
In the event that there are fees, I would be grateful if you would inform me of the total charges in advance of fulfilling my request. I would prefer the request filled electronically, by e-mail attachment if available or CD-ROM if not.
Thank you in advance for your anticipated cooperation in this matter. I look forward to receiving your response to this request within 3 business days, as the statute requires.
Sincerely,
Allan Liska
From: Muckrock Staff
To Whom It May Concern:
I wanted to follow up on the following Vermont Public Records Act request, copied below, and originally submitted on July 31, 2020. Please let me know when I can expect to receive a response.
Thanks for your help, and let me know if further clarification is needed.
From: Muckrock Staff
To Whom It May Concern:
I wanted to follow up on the following Vermont Public Records Act request, copied below, and originally submitted on July 31, 2020. Please let me know when I can expect to receive a response.
Thanks for your help, and let me know if further clarification is needed.
From: Muckrock Staff
To Whom It May Concern:
I wanted to follow up on the following Vermont Public Records Act request, copied below, and originally submitted on July 31, 2020. Please let me know when I can expect to receive a response.
Thanks for your help, and let me know if further clarification is needed.
From: Muckrock Staff
To Whom It May Concern:
I wanted to follow up on the following Vermont Public Records Act request, copied below, and originally submitted on July 31, 2020. Please let me know when I can expect to receive a response.
Thanks for your help, and let me know if further clarification is needed.
From: Muckrock Staff
To Whom It May Concern:
I wanted to follow up on the following Vermont Public Records Act request, copied below, and originally submitted on July 31, 2020. Please let me know when I can expect to receive a response.
Thanks for your help, and let me know if further clarification is needed.
From: Muckrock Staff
To Whom It May Concern:
I wanted to follow up on the following Vermont Public Records Act request, copied below, and originally submitted on July 31, 2020. Please let me know when I can expect to receive a response.
Thanks for your help, and let me know if further clarification is needed.
From: Secretary of State, Records Management
Hello Allan,
I apologize once again for the lateness of this response. While this is certainly no excuse under the law, we have been trying to manage an election like no other we’ve faced before with our very small elections team and that has required all hands on deck for many months now. With that finally behind us, I have searched our emails for correspondence related to guidance on ransomware and elections and only came up with two emails specific to ransomware guidance we’ve issued. Those are attached.
I can assure you we’ve spent a lot of time and energy over the last two years talking about cybersecurity and fortifying our defenses. Part of that has been a focus on phishing and ransomware. Vermont is a town-based state when it comes to running elections, so we have 246 towns with town clerks who are in charge of elections with the Secretary of State’s Office as the overseer of the process. We’ve engaged in “secure the human” training with those town clerks, which included trainings on phishing and ransomware. As you can see in the email from Secretary Quinn, of the VT Agency of Digital Services (separate from the SOS office) has also pushed out information about ransomware and has also pushed out online trainings to municipal officials. This was an initiative started in response to the serious ransomware issues we saw across the country over the last few years.
Not included in this response are the many cyber alerts and advisories we receive from the Election Infrastructure Information Sharing and Analysis Center (EI-ISAC) marked “For Official Use Only.” We use these to help inform our cyber defenses and strategy.
If you have any other questions, feel free to contact me. You may appeal this determination to the head of the agency, Secretary of State Jim Condos, pursuant to 1 V.S.A. §318.
Sincerely,
Chris
Christopher D. Winters
Deputy Secretary of State
From: Allan Liska
Chris,
Thank you so much, this is great and I appreciate the response. I know things were crazy ahead of the election, so I understand the delay. Please consider this matter closed.
allan