A sign directs voters to a polling location at the Old Wilson Schoolhouse on August 16, 2022 in Wilson, Wyoming, ahead of the primary election ahead of the November 8 midterms – Copyright AFP ISAAC LAWRENCE
During the run-up to the US elections, several Mississippi state websites were hit disconnected. Several sites were affected on the eve of the midterm elections. This ‘distributed denial of service’ (DDoS) attack was the most significant interruption of the day but failed to interfere with the voting or counting process.
In a DDoS attack, the attacker enlists the help of (many) thousands of Internet users, each generating a small number of requests that, when added together, overload the target.
It was later revealed that a pro-Russian hacking group claimed responsibility for the attack. The origin of the attack is concerning because there is speculation that if Donald Trump were to seek the Republican nomination for president for the third time, the level of Russian-backed activity would increase with Russian activities aimed at securing a new term for Trump in the White House. This would be reflect the situation that occurred in 2016.
Looking at this example of state sponsored interference to Digital magazine is Daniel Selig, Security Automation Architect on the street.
Selig begins by considering the security issues surrounding the election: “Midterm security has been on the minds of state governments for weeks, with at least 14 states activating the national guard to combat cyberattacks on Election Day. . While many elections were held without incident, Mississippi state websites experienced a Distributed Denial of Service (DDoS) attack for which a pro-Russian hacking group took credit. Following the massive amount of Russian interference during the 2016 election, there has been a lot of concern about foreign influence in the US election.”
Looking at the attack vector more generally, Selig finds: “DDoS attacks are often used during elections to cause large-scale disruptions or prevent people from voting. Since voting is the cornerstone of our democracy, it is essential that government organizations take appropriate steps to ensure that votes remain confidential and integrity, and that electoral infrastructure remains intact.”
General concerns are at the forefront of some US government announcements, as Selig notes: “Just last week, CISA and the FBI released a public service announcement (PSA) on combating electoral DDoS attacks. To further reduce electoral insecurity risks, government organizations should implement a comprehensive platform that centralizes detection, response, and investigation protocols into a single effort and helps security teams automate certain tasks.”
Further: “Low-code security automation enables organizations to use streamlined detection and implement proper and effective incident response. Implementing these security controls can ensure top-tier protection and keep essential services like voting up and running.”