Business Continuity Management / Disaster Recovery , DDoS Protection , Governance & Risk Management

FBI, CISA Warn of DDoS Attacks Targeting November Election

Such Attacks Could Disrupt Access to Voting Information
FBI, CISA Warn of DDoS Attacks Targeting November Election

The FBI and the U.S. Cybersecurity and Infrastructure Security Agency are warning that hackers may attempt to conduct distributed denial-of-service attacks on U.S. election infrastructure in November, but such attacks would have a limited impact.

See Also: Gartner Guide for Digital Forensics and Incident Response

The alert issued by the FBI and CISA Wednesday states that DDoS attacks might slow down the process of accessing public websites related to the election and obstruct the process of accessing voting information or results. But such attacks would not prevent voters from casting a ballot.

Disinformation and Doubt

"Where DDoS could come into play would be reducing the ability to communicate about election results, which could create additional fear, uncertainty and doubt around the stability and validity of the election," says Barrett Lyon, CEO of security firm Netography.

But a well-coordinated DDoS attack could create chaos even if it has no direct impact on the election results, he says.

"If it was well-coordinated, in conjunction with disinformation, it would be a dangerous event," Lyon says. "DDoS could also cause a patchwork of information outages that could be used as an excuse to further invalidate an election. Disinformation pumped into the internet while at the same time we have legitimate information sources cut off due to DDoS would have an impact across millions of voters."

The two agencies say they have put in place protective measures to help mitigate any disruptions caused by DDoS attacks.

"The FBI and CISA have worked closely with election officials across the country to identify alternative channels to disseminate information to voters, such as verified social media accounts, traditional media, and other backup resources,” according to the alert.

Previous Alerts

In February, the FBI warned that attackers were repeatedly attempting to disrupt a state's voter registration and information website with DDoS attacks. The attackers bombarded the site with malicious traffic in intervals in an attempt to overwhelm the DNS server and shut down the website (see: FBI Reportedly Says DDoS Attack Targeted Voter Registration).

In July, the FBI warned of an increase in DDoS attacks using amplification techniques that are targeting U.S. organizations (see: FBI Alert Warns of Increase in Disruptive DDoS Attacks).

And in September, CISA warned of rising DDoS attacks against financial and government organizations worldwide. Security firms also tracked these incidents in various sectors (see: CISA Warns of Increased DDoS Attacks).

Largest DDoS Attack

The largest DDoS attack ever recorded struck Amazon Web Services in February. The company's infrastructure was hit with a 2.3 TB per second - or 20.6 million requests per second – assault, Amazon noted in a report about the incident.

Networking firm A10 Networks has warned that the use of botnets to deliver DDoS attacks remains a threat to many organizations.

A10 Networks notes that seven countries account for most of the world's botnets: the U.S., China, South Korea, Russia, Italy, Germany and India. The most common attack vectors that threat actors used to launch large-scale DDoS attacks are the Simple Network Management Protocol and Simple Service Discovery Protocol.


About the Author

Chinmay Rautmare

Chinmay Rautmare

Senior Correspondent

Rautmare is senior correspondent on Information Security Media Group's Global News Desk. He previously worked with Reuters News, as a correspondent for the North America Headline News operations and reported on companies in the technology, media and telecom sectors. Before Reuters he put in a stint in broadcast journalism with a business channel, where he helped produced multimedia content and daily market shows. Rautmare is a keen follower of geo-political news and defense technology in his free time.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.