DDoS Attacks: Could Hinder Access to Election Information, Would Not Prevent Voting

Summary:
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint advisory warning of Denial of Service (DDoS) attacks on election infrastructure, or adjacent infrastructure that support election operations, as the 2024 U.S. general election approaches closer. “DDoS attacks occur when malicious cyber actors flood a public-facing, internet-accessible server with requests, rendering the targeted server slow or inaccessible. This temporarily prevents legitimate users from accessing online information or resources, such as web pages and online services, and may disrupt business activities for a period of time,” (IC3, 2024). According to the advisory, these low-level attacks could potentially disrupt the availability of some election-related functions, like voter look-up tools or unofficial election night reporting, during the election cycle.

Security Officer Comments:
In the last couple of years, DDoS attacks have been a popular tactic employed by hacktivists and cyber criminals seeking to advance a social, political, or ideological cause. In the event that foreign actors or cyber criminals conduct DDoS attacks against election infrastructure, the FBI and CISA state that the underlying data and internal systems would remain uncompromised, and anyone eligible to vote would still be able to cast a ballot. However, given the nature of these types of attacks, a voter could be prevented from accessing websites containing information about where and how to vote, online election services like voter registration, or unofficial election results.

Suggested Corrections:
The FBI and CISA recommend voters take the following precautions:

  • Seek out information from official sources, such as state and local election officials, about registering to vote, polling locations, voting by mail, and final election results.
  • If the official website for your election office is unavailable contact your state or local election official.
  • Remember that DDoS attacks cannot impact the security or integrity of the actual election systems.


Link(s):
https://www.ic3.gov/Media/Y2024/PSA240731

Contact Us for Threat Assistance Back to Current Threats

Just Starting?



Contact LACyber for More Info



Current Active Cyber Threats