FBI, CISA Warn of DDoS Attacks Targeting November ElectionSuch Attacks Could Disrupt Access to Voting Information
The FBI and the U.S. Cybersecurity and Infrastructure Security Agency are warning that hackers may attempt to conduct distributed denial-of-service attacks on U.S. election infrastructure in November, but such attacks would have a limited impact.
See Also: Ransomware Recovery in the 'New Normal'
The alert issued by the FBI and CISA Wednesday states that DDoS attacks might slow down the process of accessing public websites related to the election and obstruct the process of accessing voting information or results. But such attacks would not prevent voters from casting a ballot.
Disinformation and Doubt
"Where DDoS could come into play would be reducing the ability to communicate about election results, which could create additional fear, uncertainty and doubt around the stability and validity of the election," says Barrett Lyon, CEO of security firm Netography.
But a well-coordinated DDoS attack could create chaos even if it has no direct impact on the election results, he says.
"If it was well-coordinated, in conjunction with disinformation, it would be a dangerous event," Lyon says. "DDoS could also cause a patchwork of information outages that could be used as an excuse to further invalidate an election. Disinformation pumped into the internet while at the same time we have legitimate information sources cut off due to DDoS would have an impact across millions of voters."
The two agencies say they have put in place protective measures to help mitigate any disruptions caused by DDoS attacks.
"The FBI and CISA have worked closely with election officials across the country to identify alternative channels to disseminate information to voters, such as verified social media accounts, traditional media, and other backup resources," according to the alert.
In February, the FBI warned that attackers were repeatedly attempting to disrupt a state's voter registration and information website with DDoS attacks. The attackers bombarded the site with malicious traffic in intervals in an attempt to overwhelm the DNS server and shut down the website (see: FBI Reportedly Says DDoS Attack Targeted Voter Registration).
In July, the FBI warned of an increase in DDoS attacks using amplification techniques that are targeting U.S. organizations (see: FBI Alert Warns of Increase in Disruptive DDoS Attacks).
And in September, CISA warned of rising DDoS attacks against financial and government organizations worldwide. Security firms also tracked these incidents in various sectors (see: CISA Warns of Increased DDoS Attacks).
Largest DDoS Attack
The largest DDoS attack ever recorded struck Amazon Web Services in February. The company's infrastructure was hit with a 2.3 TB per second - or 20.6 million requests per second - assault, Amazon noted in a report about the incident.
Networking firm A10 Networks has warned that the use of botnets to deliver DDoS attacks remains a threat to many organizations.
A10 Networks notes that seven countries account for most of the world's botnets: the U.S., China, South Korea, Russia, Italy, Germany and India. The most common attack vectors that threat actors used to launch large-scale DDoS attacks are the Simple Network Management Protocol and Simple Service Discovery Protocol.