SAN FRANCISCO: Tyler Technologies said the September 23 hacker attack used ransomware, which encrypts company files and requires payment to decrypt them again.
In a note to Reuters, the software provider for counties and municipalities said the hacker only reached internal networks.
Tyler said the attack had no impact on the software it hosts for customers, and the software it sells that displays election results is hosted by Amazon and therefore is not at risk.
“We confirm that the malicious software the intruder used was ransomware. As it is an active investigation, we will not provide any additional details related to our incident response or investigation at this time,” said the company, based in Plano, Texas.
“All indications are that the impact of this incident is limited to our internal corporate network and telephone systems, and that there was no impact on the software we host for our customers. Our hosted environment is separate and segregated from our internal corporate environment.”
The company said on Wednesday that it notified the police and brought in security experts.
The hack has generated great concern among local officials because some of Tyler’s programs are used to display election results, and US intelligence agencies recently warned that foreign governments may try to sow distrust by altering websites that report votes, which is seen as easier than changing the results themselves.
Some customers also said they feared that the hacker could use Tyler’s administrative access to violate local versions of his programs, such as those sent by emergency responders.
While Thursday’s disclosures make these scenarios less likely, they do not rule them out. Some national governments have worked in partnership with ransomware gangs or used malicious programs as cover for espionage or destructive missions.
Tyler, the FBI and the Department of Homeland Security declined to answer questions about the extent of the hack, the risk of related breaches and the suspected identity of the perpetrators. – Reuters