Yes, you’ve read it right! Experts say that the results of 2018 US Midterm Polls could be manipulated by state actors from Russia and that’s possible if the voter registration sites of different states are flooded with fake web traffic.
The world has already witnessed this scenario in 2011 when South Korean election’s digital infrastructure was targeted with distributed denial of service attacks designed to reduce turnout by blocking citizens from learning where to vote in the elections.
The Knox County Election Commission website witnessed a distributed denial of service attack in 2018 just before the election results were about to be announced.
Micheal McNerney, the Product Manager at Netscout was the man who predicted the possibility of US Midterm Polls being targeted with DDoS attacks. He feels that the purpose of the attack will be to prevent accurate and timely results from being shared with the public, planting confusion and raising doubts on the integrity of the election procedure.
McNerney, who works for the Massachusetts based company offering Application and Network Performance Management products said that the best example to portray a scenario will be to imagine the hijack of Californian state polls which has 53 Congressional districts and could prevent the US populace from knowing who will control the Congress.
According to Micheal, more than 2.8 million DDoS attacks were found during the 1st half of 2018. The discovery was made in a study made by Netscout’s global threat intelligence professionals from Arbor’s Security Engineering and Response Team.
So, is there a way to isolate the election infrastructure from these attacks?
Fortunately yes, says McNerney. He thinks that election officials should focus on 3 categories- The security of the systems; the resiliency of the systems when exposed to attacks or outages and the incident response.
If proactive measures can be put in place along with the implementation of basic cyber hygiene most of such attacks could be avoided. Here Cyber Hygiene means protecting the system with strong passwords, mandating multi-factor authentication and implementing encryption policies along with restriction of internet access to only authorized systems when needed most.