As DDoS attacks are the easiest, cheapest, most destructive, and anonymous cyberattacks to be launched, they are often used in certain political, and privacy-centered environments. During the U.S. elections, political campaigns experienced an average of 4,949 cyber threats daily, and larger campaigns even more. U.S. government election-related sites see 122,475 threats every day.
Side Effects of DDoS Attacks on Elections
Here are some examples of instances that resulted in huge monetary and other DDoS-related damages.
Down on Election Day
North Macedonia’s State Electoral Commission, SEC, suffered an alleged DDoS attack for over three hours during the parliamentary elections in July 2020. The attack delayed the SEC’s announcement of the official results of the tightly contested vote on its website. It had to improvise by releasing partial results through YouTube clips instead. Coinciding with this attack, the famous online media house TIME.mk was also targeted by a heavy DDoS attack that took the website down for two hours.
The damaging effects of an attack can also be seen in the 2018 DDoS attacks against the campaign website of Bryan Caforio for the U.S. House of Representatives in California, who ultimately lost. The cyberattacks caused the campaign website to be down for about 21 hours during the campaign, with one of the attacks taking place during a live political debate. According to the FBI, due to the cybersecurity incident, the campaign reportedly spent between $27,000 and $30,000 to restore systems and saw a reduction in campaign donations, according to the FBI.
DDoS Distraction is Dangerous
During a local primary election in 2018 in Tennessee, hackers launched a volumetric DDoS attack on the Knox County election website that made the screens go blank at this crucial time. Even as an expensive I.T. security firm started dissecting the attack to find its source, another attack had already been launched. This attack penetrated a Knox Country server to look at personal data stored in it.
All the disruption, it has been determined since, was an effort to distract the Knox County I.T. team while another simultaneous attack was happening behind the scenes accessing sensitive Knox County residents’ information.
Offline Can Spell Disaster
The U.K. Labour Party’s digital platform went offline ahead of the elections. Overwhelming traffic brought the platform crashing down. Though it was said that the attack was not successful in terms of a data breach, it did manage to send the systems offline a few weeks ahead of the elections.
During the 2016 U.S. elections, some U.S. states changed their existing systems. Colorado got rid of barcodes, California secured its online electronic voting machines, and Ohio excluded wireless capabilities in its apparatus. Michigan, however, is said to have spent $82 million on voting machines with wireless modems. Cybersecurity experts maintain that connecting election systems to the internet, even briefly, exposes these machines to malicious attackers who may be intent on derailing or discrediting an election. It is not just voting machines that are vulnerable but any piece of the election apparatus, including wireless-enabled printers, digital check-in tablets, tabulators, and even the registration database.
Seeing the growing trend in attacks this year, the government has allocated $10 million to eliminate the modems before the upcoming elections. However, 11 states, including Rhode Island, Wisconsin, Georgia, and Florida, were permitting the use of wireless-enabled voting equipment despite all the warnings, as it allows them to quickly provide results to the public and more easily accommodate disabled voters.
What Should Governments Do?
The threat of DDoS attacks on public services is real and daunting. Securing mega networks from DDoS attacks is a highly complex process because of the enormity of infrastructure and incoming traffic. For example, differentiating between organic traffic and a DDoS attack during an election campaign can take time and more time to mitigate the attack. In the interim period, government agencies are left firefighting even as outages occur. The adverse effects of DDoS attacks, as can be seen in the instances above, can result in lost elections.
Government agencies have mitigation solutions installed and are confident that the mitigation solution will ensure protection from attacks. However, mitigation solutions begin working after an attack has been launched. They do not `prevent’ attacks. For government agencies to ensure end-to-end complete DDoS security and close all DDoS vulnerabilities, there is the need for another layer to be added to the current mitigation solution – a layer of confidence that gives them the intelligence to mitigate attacks before they strike. This would help them to ensure a seamless online presence, secure data, and launch successful large-scale campaigns.
Government agencies, to ensure enduring reliability and security, need to be able to:
- Detect & block malicious traffic penetration 24/7.
- Eliminate vulnerabilities that could be exploited in the underlying network for DDoS attacks.
- Ensure existing DDoS mitigation is effective & reconfigure defense policies, as required, in line with any network changes.
- Validate DDoS Mitigation is detecting and mitigating Layer 3, 4, and 7 and new sneakier DDoS attacks 24/7, in real-time.
RADAR™, MazeBolt’s new patented technology solution, is part of the MazeBolt security platform. RADAR™ simulates DDoS attacks continuously and non-disruptively. Delivering advanced intelligence through straightforward reports on how to remediate the DDoS vulnerabilities found. With RADAR™, organizations achieve, maintain, and verify the continuous closing of their DDoS vulnerability gaps. They are reducing and maintaining the vulnerability level of a damaging DDoS attack from an average of 48% to under 2% ongoing.
To learn more, visit: https://mazebolt.com/ddos-radar/
Israel-based MazeBolt is an innovation leader in cybersecurity with over two decades of experience in pioneering DDoS protection solutions. The company’s new flagship product, RADAR™, is a patented technology. It offers DDoS protection through automated live production simulations with zero downtime. Working in conjunction with any mitigation solution installed. Its unique capabilities have ensured business continuity and full DDoS security posture for enterprises worldwide, including Fortune 1000 & NASDAQ-listed companies.