During the midterm elections, national news was seemingly quiet about election interference from foreign powers, but that doesn’t mean there were no incidents. Election interference, especially the cyber variety, doesn’t always come on the day of the election. Whether counties or localities suffered DDoS attacks, wi-fi outages, or other cybersecurity attacks, it can all be chalked up to election interference. Here are a few of the incidents that GroupSense analysts were tracking during last Tuesday's election monitoring.
In what federal officials call the most significant disturbance of the day, several Mississippi state websites were down in a DDoS attack during the midterm election. The Office of the Secretary of State released a statement on social media on Tuesday night that read as follows, “An abnormally large increase in traffic volume due to [distributed denial-of-service] activity caused the public-facing side of our websites to be periodically inaccessible this afternoon.” After the statement, officials wanted to reassure the public that their election systems were still safe, which CISA confirmed. Hours before Missippi released the statement, CISA confirmed the attack. A pro-Russian hacking group took credit for the attack on Telegram.
In Suffolk County, NY, election officials noticed a slowdown in wi-fi speeds on election day. Officials were hyper-aware of any issues after the county suffered a ransomware attack just two weeks before election day. In a tight gubernatorial race, race results were highly anticipated by the public. In the evening, officials stopped the transmission of the votes through the wi-fi connection. Instead, they had workers manually transport memory cards with voting information by car to get to the servers. The process took about two hours, but officials were relieved to find out that the wi-fi outages were not the result of another attack, but rather a result of increased cybersecurity measures and software that was overtaxing the system.
In Champaign County, IL, DDoS attacks plagued official systems for weeks before the election. Though the county clerk announced that the attacks did not endanger election results or obtain any election data, the network lag did slow the voting process for many.
The unprecedented push of mis- and disinformation campaigns before the 2016 race left election officials at a loss. Offices were overwhelmed and underprepared for election interference at a state-sponsored level. Since then, $880 million in federal funds have been released to protect election integrity. Increased funding, a shift to paper ballots, and innovation in election technology will continue to protect the vote. Despite persistent conspiracies that US elections are being tampered with, research shows that our elections are more secure than ever before. Consistent monitoring and high-quality threat intelligence are critical to keeping our elections secure. For more information on how GroupSense can help secure your local elections with our Election Threat Protection service, visit our election cybersecurity page.