US election day faces specter of cyberattacks

Hackers might use DDoS attacks and high-profile leaks to influence Tuesday's election

By Michael Kan
Nov. 8, 2016

Don't be surprised if hackers make their presence felt on U.S. Election Day. Distributed denial-of-service attacks and high-profile leaks are among the tactics they might use if they try to influence Tuesday's vote.

Cybersecurity experts stress it would be incredibly difficult to hack the U.S. election. The system itself is distributed across the country over thousands of voting jurisdictions, making it hard to tamper with on a wide scale.    

But hackers could still attempt to sow chaos on Election Day in other ways. The tools and infrastructure to do so are already in place.

Last month, the U.S. experienced a massive DDoS attack from a malware called Mirai that is freely available on the internet. That attack -- which flooded internet connections with too much traffic -- disrupted access to many popular sites, especially for users on the East Coast.

Hackers could very well try to launch another DDoS attack on Election Day, said Travis Smith a security researcher at Tripwire. This might involve targeting services such as maps or government sites that can tell voters their polling locations.

"A worst-case scenario is the attack that targets a certain county that leans Republican or Democrat and lowers voter turnout," he said.

However, even if the attack occurred, voters could still find ways to cast their ballots. Election jurisdictions, for instance, are known to mail voters the physical address to the polling location before hand, Smith said.  

Voters can also search for their polling location on Google, a site built to withstand large-scale DDoS attacks.  

Still, polling location websites aren't the only possible target. For instance, carpooling sites that help voters reach their polling destination could also be attacked, said Robert Hamilton, a director of product marketing with security firm Imperva.

"The number one reason voters cite not going to the polls is they couldn't get a ride," he added.

Many of these carpooling sites are run by small business and could be easily taken down by a DDoS attack, Hamilton said. Imperva, however, is offering free DDoS mitigation services to any carpooling and polling place websites during election day.

"You just need to give us a call. It only takes half an hour to set up," he said.

Hackers wanting to influence this year's election have already succeeded to some extent. The U.S. government is concerned that Russia has been allegedly trying to sway voter sentiment by hacking political targets and then leaking sensitive information online.

Both WikiLeaks and a hacker named Guccifer 2.0 have been the source of some of those leaks, which have potentially damaged Democrat Hillary Clinton's election chances.

Security experts are wondering if another high-profile leak -- whether true or false --might drop on Election Day right as many voters cast their ballots. 

1  2  Next Page