Stories

Go deeper: The election hacking that’s taken place in 2018

Sign that says vote in all caps in blue on white paper taped to red wood door.
Photo: Bill Clark/CQ Roll Call

There have been four distinct instances of either hacking or suspected hacking in campaigns or election reporting processes so far this year — including two reported distributed denial-of-service (DDoS) hacks, one other suspected hack in the U.S., and even one in Mexico.

The big picture: Intelligence officials have warned that they believe Russia have the capability to go further on election interference. This is also a lesson in how campaigns are still playing catchup on cybersecurity.

Details:

  • Two municipal-level Democratic campaigns’ web sites were force to shut down when hacks flooded them with too much traffic earlier this year in DDoS attacks, CyberScoop’s Chris Bing reported.
  • An election reporting web site for a mayoral election in Knox County, Tennessee, was shut down in a similar way this year, although it’s unclear if it was due to a DDoS attack.
  • An opposition party in Mexico, the National Action Party, said it was hit by an attack during the final televised debate between presidential candidates this month, per Reuters.

Why it matters: A lot of conversation about election hacking is devoted to whether vote capture machines can be hacked and whether voter registration databases are exposed to the internet — but shutting down election night reporting web sites can cause chaos in elections even if it doesn't necessarily impact vote tallies.

  • And targeting those web sites can be a relatively easy haul compared to other hacking endeavors, especially as states and local jurisdictions are strapped for cash to the points where they may be unable to secure their sites properly.

Between the lines: It’s possible these incidents are unrelated with different actors, and the Department of Homeland Security can’t comment on whether it has received reports of these attacks in the U.S. because those conversations, if they happen, are confidential.

  • Homeland Security Secretary Kirstjen Nielsen said this Saturday "there are no indications that Russia is targeting the 2018 U.S. midterms at a scale or scope to match their activities in 2016." The possibility that Russia targets our elections this year still remains a threat and Nielsen said there is consistent malicious cyber activity against U.S. election infrastructure.

Go deeper: Where our election systems are vulnerable

Correction: This story originally misstated the name of the author of the CyberScoop article on municipal-election-related DDoS attacks.