Some US state websites were briefly knocked offline Tuesday after distributed denial-of-service (DDoS) attacks hit them during the midterm elections. Officials stress, though, that such incidents would not affect vote totals.
DDoS attacks flood websites with inauthentic internet traffic, and the increased flow usually leads to pages becoming temporarily unresponsive.
According to the US Department of Homeland Security officials, precisely this happened in Mississippi and other US states – but the actual votes would not be affected.
A senior official at the Cybersecurity and Infrastructure Agency (CISA) also said there was no “specific or credible” danger for the election infrastructure to be disrupted. A DDoS attack hits websites – not voters’ ability to cast a ballot or have it counted.
In Mississippi, officials confirmed the "abnormally large increase in traffic volume" due to the DDoS activity, which led to some of its websites being "periodically inaccessible" Tuesday afternoon.
"We want to be clear and reassure Mississippians our election system is secure and has not been compromised," the Mississippi Secretary of State's Office said in a statement.
DDoS attacks have also been reported in Illinois, while in Arizona, local officials were working on fixing malfunctioning electronic voting machines that the former US president Donald Trump and his followers falsely claimed were proof of election fraud.
The CISA official said during the briefing that the agency had not seen any evidence of cybercriminal activity in Arizona.
A Russian hacker group claimed on Telegram that it was targeting the Mississippi Secretary of State's website to "hit the section that is directly related to the elections."
The hacker group also claimed that it would "attack American Democrats as a gift to the Republicans for the elections," with its first target being the Democratic National Committee (DNC). The DNC website was down at some point on Tuesday, but it’s not clear what exactly caused the outage.
Election security has been a key issue in the US ever since officials found Russia interfered in the 2016 presidential election with a campaign of hacking and propaganda intended to hurt Hillary Clinton's chances of winning against Trump.
A Russian hacker group Killnet already claimed responsibility for a cyberattack back in October, when several state websites in Kentucky, Mississippi, and Colorado were downed.
Killnet boasts of being a powerful group and targets entities in countries opposing Russia’s invasion of Ukraine – it has hit Lithuania, Estonia, Norway, Japan, and Italy.
Some researchers – for instance, a threat intelligence technology and services provider EclecticIQ’s Threat Research Team, – say that Killnet supporters are actually novice users with zero or limited experience, and that DDoS attacks they launch only have a short-term impact.
However, others recently told Cybernews it was inaccurate to call Killnet “script kiddies” since the group was known as a criminal collective before the war in Ukraine broke out. Besides, these criminals can swiftly adopt far more destructive cyber weapons.
The apparent cyberattacks in the US came one day after Yevgeny Prigozhin, a wealthy Russian businessman and top confidante of Vladimir Putin, claimed that the Kremlin intentionally had meddled in US elections in an attempt to subvert American democracy.
“We interfered, we interfere, and we will interfere. Carefully, precisely, surgically, and in our own way, as we know how. During our pinpoint operations, we will remove both kidneys and the liver at once,” Prigozhin said.