Security researchers in Tennessee are investigating an incident described as potentially the first election-related cyberattack of 2018.
The website for the Knox County Election Commission went offline just as voting officials planned to publish the results of local primary races Tuesday evening, and the county’s IT director said that a preliminary review suggests that the outage was likely caused by a denial-of-service attack, a type of attack that disrupts access to targeted sites by overloading their computer servers with illegitimate internet traffic.
“There was an abnormal amount of traffic that occurred right around the time that the polls closed last night that far exceeded anything that we’ve ever experienced in any election before,” Knox County IT Director Dick Moran told WBIR on Wednesday.
A preliminary review “noted that extremely heavy and abnormal network traffic was originating from numerous IP addresses associated with numerous geographic locations, both internal and external to this county,” Mr. Moran’s office concluded. “Based on my experience, this was highly suggestive of a (denial of service) attack,” he wrote in a report for Knox County.
The crash ultimately knocked the election website offline for about an hour, preventing the commission from promptly announcing the results of Tuesday’s primary races for the Knox County mayor’s and sheriff’s offices.
Unable to publish election results, county officials instead resorted to providing hard copies to journalists at commission headquarters who subsequently relayed them to the public, WBIR reported. At the Knox County GOP election party, meanwhile, monitors meant to display the race’s results were blank except for the words “Service Unavailable,” USA Today reported.
“Although the crash did not affect the vote tallies or the integrity of the election, this is not something that should happen,” said Knox County Mayor Tim Burchett.
Indeed, Mr. Moran added that the attack didn’t alter the actual election, but made “life painful for other people.”
“There are bad people who do bad things. Why do they do that?” Mr. Moran asked WBIR.
Knox County has contracted a local security firm, Sword & Shield, to investigate the incident.
If positively identified as cyberattack from abroad, the outage would constitute the “first publicly revealed election-related cyberattack this campaign season,” Politico reported Thursday.
Foreign hackers targeted voting systems in at least 21 states during the 2016 U.S. general election, according to the U.S. Department of Homeland Security, and senior Trump administration officials have repeatedly warned that the November 2018 midterms could similarly come under attack. Testifying last week, however, the DHS assistant secretary for cybersecurity and communications, Jeanette Manfra, said that federal authorities have failed so far to find any evidence of foreign hackers attacking election systems this year.
“We have no information at this time that the outage was caused by a malicious actor,” DHS spokesman Scott McConnell told The Washington Times with respect to the Knox County outage. “As is standard practice with any of our public or private critical infrastructure partners, we have offered our technical assistance and support to the county. We defer to the county to discuss any further details.”
Over 400,000 people reside in Knox, making it the third-most populous county in Tennessee.
Please read our comment policy before commenting.