Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

FBI, CISA Say DDoS Attacks Won’t Prevent Voting

While they might hinder access to information, distributed denial-of-service (DDoS) attacks against election infrastructure won’t prevent voting, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) said in an alert issued this week.

While they might hinder access to information, distributed denial-of-service (DDoS) attacks against election infrastructure won’t prevent voting, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) said in an alert issued this week.

DDoS attacks would either slow down election-related public-facing websites or render them inaccessible, thus preventing voters from staying updated with voting information or from accessing voting results.

Such attacks are meant to disrupt activities for a period of time through flooding Internet-accessible servers with requests and preventing legitimate users from connecting to online resources, such as online accounts or websites.

“The public should be aware that if foreign actors or cyber criminals were able to successfully conduct DDoS attacks against election infrastructure, the underlying data and internal systems would remain uncompromised, and anyone eligible to vote would still be able to cast a ballot,” the FBI and CISA note.

Furthermore, the two agencies warn that threat actors might falsely claim that they successfully compromised voting systems through DDoS attacks and that they were able to prevent voters from casting their ballots or that they managed to modify already-cast votes.

Such disinformation attempts, the two agencies say, would undermine the public’s trust in the country’s democratic institutions and seek to discredit the electoral process. Two other similar alerts issued over the past couple of weeks warn of disinformation regarding the security of voting systems and the validity of election results.

“The FBI and CISA have no reporting to suggest a DDoS attack has ever prevented a registered voter from casting a ballot, or compromised the integrity of any ballots cast,” the alert reads.

The agencies also note that they’ve worked closely with election officials to identify additional channels through which they could keep voters informed, including traditional media, verified social media accounts, and other resources.

Advertisement. Scroll to continue reading.

“Election officials have multiple safeguards and plans in place to limit the impact and recover from a DDoS incident with minimal disruption to the voting process,” the agencies say.

Citizens are advised to get informed on vote procedures and polling places ahead of election day, to make sure that information comes from trustworthy sources only, and to only rely on state and local government election officials when it comes to details on how to vote, on polling locations, and on final election results.

Related: FBI, CISA Warn of Disinformation Campaigns Regarding Hacked Voting Systems

Related: FBI, CISA Warn of Disinformation Campaigns Targeting 2020 Election Results

Related: Security of Post-Election Vote Count Top Worry: US Official

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...