Ransomware attack hits Moraine company’s national operations

A Moraine company’s national operations — one that contracts with localities to post election results — was hit by a ransomware attack last week, an attack that struck less than 40 days before the Nov. 3 general election.

“Tyler Technologies is in the process of responding to a security incident involving unauthorized access to our internal phone and information technology systems by an unknown third party,” the Plano, Texas-based company says in a message on its corporate web site. “We are treating this matter with the highest priority and working with independent IT experts to conduct a thorough investigation and response.”

Early on Wednesday last week, the company became aware that an “unauthorized intruder” had disrupted access to its internal systems, Tyler said.

But Tyler said any product it has that is used in the presentation of election data was not impacted in the attack.

“Upon discovery and out of an abundance of caution, we shut down points of access to external systems and immediately began investigating and remediating the problem,” the business said. “That same morning, we engaged outside IT security and forensics experts to conduct a detailed review and help us securely restore affected equipment. We have implemented targeted monitoring to supplement the monitoring systems we already had in place, and we have notified law enforcement.”

Tyler said also it has confirmed that the malicious software the intruder used was ransomware. “Because this is an active investigation, we will not provide any additional specifics relating to our incident response or our investigation at this time.”

Tyler said further that “all information available to us continues to indicate that this incident was directed at Tyler’s internal corporate environment and not the separate environment where we host client systems.”

In early 2019, publicly traded Tyler announced an expansion at its Moraine operation, adding 200 new employees, with an additional 45,000 square feet of space, bringing the total square footage used in the building off Dryden Road to 85,000.

The local growth was focused on Tyler’s Appraisal & Tax Division, which is based in Moraine.

Questions were sent to a representative of the company.

Jan Kelly, director of the Montgomery County Board of Elections, said her board does not rely on Tyler Technologies for elections services.

The New York Times, in a story over the weekend, noted that Russian operators are behind many ransomware attacks.

“With only 37 days before the election, federal investigators still do not have a clear picture of whether the ransomware attacks clobbering American networks are purely criminal acts, seeking a quick payday, or Trojan horses for more nefarious Russian interference," the Times said.

Tyler provides software and services to governments for tracking land records, human resources actions, tax and invoice collections and more.

Local governments also use Tyler platforms to post election information online, but the company has said data for that software is hosted on Amazon Web Services, not on the network that was attacked.

“Tyler’s Socrata product is a SaaS data platform that is hosted offsite on AWS (Amazon Web Services), not on Tyler’s internal network that was impacted,” Tyler said on its web site Monday. “We have never had a report that a bad actor has used our Socrata platform to display incorrect or misleading election results, polling locations, campaign finance information, or other civic data.”

About the Author