Election Day cyberattack: It's coming, but probably won't matter

Before you go, we thought you'd like these...
Before you go close icon


As Election Day approaches, tension is rising. Schools are canceling classes. Investors are waiting cautiously. Law enforcement is on alert for violence at polling locations. And when what seemed like half the internet shut down last week, fear of a large-scale cyberattack joined that list.

Sam Altman, president of the start-up accelerator Y Combinator, was one of many to ask the question: Is the U.S. about to be on the receiving end of a major attack timed for the election.

"That attack on Dyn felt to me like a warm-up to something or a practice run," Altman told Mashable. "Like someone going after something very specific."

9 PHOTOS
Cybersecurity tips
See Gallery
Cybersecurity tips

KEEP YOUR PASSWORDS STRONG AND VARIED

If your password is easy for you to remember, then it'll be easy for hackers, too. Try using symbols, numbers and capital letters throughout your passcode. Also, experts suggest you use different passwords for different accounts. 

(Shutterstock)

EMPLOY TWO-STEP AUTHENTICATION

Add another layer of security by having another code sent to your phone number before you can sign in.

(Luis francisco Cordero via Getty Images)

BEWARE OF PUBLIC WIFI

If you're traveling, verify with the coffee shop or hotel that the wi-fi name is valid -- many cybercriminals set up networks with similar names to popular spots. You can also set up a private VPN that encrypts all of your data that passes through the network.

(martiapunts)

COVER YOUR TRACKS

Wipe your hard drive clean before giving away, recycling or throwing out your old laptop or computer.

(Jonathan Kitchen via Getty Images)

DON'T LEAVE YOUR DEVICES UNATTENDED

That's just asking for trouble!

(Aping Vision / STS via Getty Images)

BEWARE OF MYSTERIOUS URLS IN EMAILS

Don't ever click on URL from an unidentified or sketchy looking email. 

(Just One Film via Getty Images)

COVER YOUR WEBCAM 

FBI director James Comey suggests placing a piece of tape over your webcam when you're not using it. If that doesn't convince you, note that Mark Zuckerberg is known to do the same.

KEEP YOUR SOFTWARE UP TO DATE

Hackers target vulnerabilities in software, which are often resolved in software updates, so stop hitting the "ignore" or "remind me later" button!

of
SEE ALL
BACK TO SLIDE
SHOW CAPTION +
HIDE CAPTION

Following the attack, concerns about a massive effort to disrupt the internet on election day started to percolate in the tech community. The attack came in an election season in which cybersecurity has been an underlying concern thanks to hacking attributed to Russia.

The Dyn attack, though different from the hacks that ended up making public massive amounts of Democratic National Committee and Hillary Clinton campaign emails, only added to the broader fears. The FBI has warned state election boards to be on alert — though they may be powerless to do much about significant attacks.

Cybersecurity experts that spoke with Mashable, however, were not particularly worried about large-scale attacks directed at the internet itself. They could not, however, rule anything out.

Rock the vote

Most components of US Election Day infrastructure don't rely on the internet, so an attack wouldn't directly impact actual votes. But if the internet were down, people wouldn't be able to look up polling place locations or other voting information. A widespread cyberattack could cause fear about exactly what's going on on Election Day and even sway some voters to stay home.

According to Dan Wallach, a computer science professor at Rice University who studies the security of electronic voting systems, voting machines are never connected to the internet. Voter registration databases will mostly be printed out by Election Day, but counties that allow voting in more than one polling place and use electronic voter registration information could be affected.

Media reports of election results, of course, could be knocked out of commission by a DDoS attack. And last-minute get out the vote efforts would definitely be disrupted by a cyberattack.

"That kind of attack would dramatically disrupt get out the vote efforts," Joseph Lorenzo Hall, chief technologist for the Center for Democracy and Technology, told Mashable.

Expect the worst

There are cyberattacks every day. They just usually aren't as effective as the one that took out access to several major websites and services last Friday.

Widespread problems with websites including Spotify, Netflix and Twitter, was the result of a DDoS or "distributed denial of service" attack against the domain name system host Dyn.

Unidentified hackers used 100,000 devices to overwhelm Dyn's DNS systems. By overwhelming Dyn with traffic from what were likely poorly protected devices like connected TVs and DVRs, hackers were able to prevent people from accessing any website that relied on Dyn's DNS services.

DDoS attacks are relatively simple and only require massive scale, not complex skill. Since the attacks don't need to target only one website and can instead take down huge swaths of the internet, they're pretty scary on a day as big as Nov. 8.

"We see new levels of attacks, new zero days, new strains every day," Dale Drew, chief security officer for the internet service provider Level 3 Communications, told Mashable. "We have been trained to expect the worst case scenario every time we see an attack."

Learning from the past

Last week's cyberattack primarily affected the East Coast. Another attack could be geographically based, or cover a wider range. That doesn't mean it won't be as effective the next time around.

Companies like Dyn face cyberattacks every day. Most are fended off, or don't affect as many clients and people as last week's. In the aftermath of this attack, clients who use one DNS provider have already added a second or ramped up their security in other ways, Hall said.

If anything, the chances of a similar attack on Election Day are lower, Hall said.

"No one seriously going to use that to disrupt or attack elections would have done something so blatant and so public," Hall said.

No one has claimed responsibility for the recent cyberattack, but security experts know that it came from a bot net using the base code Mirai. The hackers behind the bot net were likely displaying the net's power to anyone interested in its services for hire, Hall said. He thought it unlikely the same group would try another attack so soon afterward.

Still, people are worried. Ahead of one of the most tense days in American history, cybersecurity experts advised clients of DNS providers to widen their security options.

Dyn is preparing for future attacks whether or not they fall on Election Day.

"As you may imagine, we cannot predict future DDoS attacks," Dyn spokesman Adam Coughlin told Mashable. "We have learned a great deal from the recent attack and very quickly put protective measures in place during the attack, and we are extending and scaling those measures aggressively. Additionally, Dyn has been active in discussions with internet infrastructure providers to share learnings and mitigation methods for future attacks."

And people at home — whose devices might have been part of the attack without their knowledge — should check exactly what they have plugged in before they head out to the polls.

Read Full Story

Sign up for Breaking News by AOL to get the latest breaking news alerts and updates delivered straight to your inbox.

Subscribe to our other newsletters

Emails may offer personalized content or ads. Learn more. You may unsubscribe any time.

From Our Partners