MIAMI -- Less than five weeks before Florida's March presidential primary, the Department of Homeland Security is investigating a previously unreported cyber attack on Palm Beach County's elections office, according to Supervisor of Elections Wendy Sartory Link.
Link, who was appointed last year by the governor to oversee the county's beleaguered elections department, said she contacted the FBI in November after a veteran IT employee told her that the office had been infected by a ransomware virus only a few weeks before the 2016 election. The virus was not publicly disclosed in 2016.
Link said the FBI referred her to DHS, which sent a team of a half-dozen employees to her office late last month to do a "deep dive" into her department's network. She said a report of their findings and recommendations is expected shortly.
"We've had the top experts in the country here and they spent a lot of time with our system. When we get the report, we'll be able to take care of everything we can take care of," Link said in an interview Thursday. "I wanted this done before March if at all possible."
Florida's presidential primary is March 17. Hundreds of thousands of mail ballots have already been sent to voters.
Link says she's "confident" that Palm Beach County's elections are secure given months of work with state and federal cybersecurity experts in efforts unrelated to the 2016 infection. But the revelation that the office had been infected by a virus -- and that no one was told about it for three years -- is raising alarms in a state that was heavily targeted in 2016 by Russian hackers attempting to tamper with U.S. elections.
U.S. Rep. Ted Deutch, D-Fla., tweeted Thursday that he's reached out to the FBI about the reported intrusion. U.S. Rep. Stephanie Murphy, D-Fla., who has filed a bill that would create greater transparency around election-related cyber attacks, said Link's "troubling" story reinforces the need for government to quickly alert the public to hacking attempts.
"It should not have taken the public this long to find out about this intrusion," she said.
Link said she first became aware last fall that the Palm Beach County Supervisor of Elections office had been hit with a ransomware attack. She says she learned of the incident from a top technology employee while interviewing him to see if he was capable of filling in for her former IT director, who'd been fired following a scuffle with investigators looking into whether he'd possessed child pornography.
Link said the employee, Ed Sacerio, mentioned that he was unsure what ever came of a ransomware attack around Sept. 14, 2016, that had alarmed elections office workers and sent them scrambling to unplug computers. According to Link, multiple employees, including fired former IT director Jeff Darter, confirmed that a virus either began encrypting files or changing file names, and that text boxes began popping up demanding cash payments in exchange for the release of files.