While they might hinder access to information, distributed denial-of-service (DDoS) attacks against election infrastructure won’t prevent voting, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) said in an alert issued this week.
DDoS attacks would either slow down election-related public-facing websites or render them inaccessible, thus preventing voters from staying updated with voting information or from accessing voting results.
Such attacks are meant to disrupt activities for a period of time through flooding Internet-accessible servers with requests and preventing legitimate users from connecting to online resources, such as online accounts or websites.
“The public should be aware that if foreign actors or cyber criminals were able to successfully conduct DDoS attacks against election infrastructure, the underlying data and internal systems would remain uncompromised, and anyone eligible to vote would still be able to cast a ballot,” the FBI and CISA note.
Furthermore, the two agencies warn that threat actors might falsely claim that they successfully compromised voting systems through DDoS attacks and that they were able to prevent voters from casting their ballots or that they managed to modify already-cast votes.
Such disinformation attempts, the two agencies say, would undermine the public’s trust in the country’s democratic institutions and seek to discredit the electoral process. Two other similar alerts issued over the past couple of weeks warn of disinformation regarding the security of voting systems and the validity of election results.
“The FBI and CISA have no reporting to suggest a DDoS attack has ever prevented a registered voter from casting a ballot, or compromised the integrity of any ballots cast,” the alert reads.
The agencies also note that they’ve worked closely with election officials to identify additional channels through which they could keep voters informed, including traditional media, verified social media accounts, and other resources.
“Election officials have multiple safeguards and plans in place to limit the impact and recover from a DDoS incident with minimal disruption to the voting process,” the agencies say.
Citizens are advised to get informed on vote procedures and polling places ahead of election day, to make sure that information comes from trustworthy sources only, and to only rely on state and local government election officials when it comes to details on how to vote, on polling locations, and on final election results.