As Election Day approaches, tension is rising. Schools are canceling classes. Investors are waiting cautiously. Law enforcement is on alert for violence at polling locations. And when what seemed like half the internet shut down last week, fear of a large-scale cyberattack joined that list.
Sam Altman, president of the start-up accelerator Y Combinator, was one of many to ask the question: Is the U.S. about to be on the receiving end of a major attack timed for the election?
“That attack on Dyn felt to me like a warm-up to something or a practice run,” Altman told Mashable. “Like someone going after something very specific.”
What is the chance that the internet in the US works without interruption on election day?
Sam Altman (@sama) October 25, 2016
Following the attack, concerns about a massive effort to disrupt the internet on Election Day started to percolate in the tech community. The attack came in an election season in which cybersecurity has been an underlying concern thanks to hacking attributed to Russia.
The Dyn attack, though different from the hacks that ended up making public massive amounts of Democratic National Committee and Hillary Clinton campaign emails, only added to the broader fears. The FBI has warned state election boards to be on alert though they may be powerless to do much about significant attacks.
Cybersecurity experts that spoke with Mashable, however, were not particularly worried about large-scale attacks directed at the internet itself. They could not, however, rule anything out.
Rock the vote
Most components of US Election Day infrastructure don’t rely on the internet, so an attack wouldn’t directly impact actual votes. But if the internet were down, people wouldn’t be able to look up polling place locations or other voting information. A widespread cyberattack could cause fear about exactly what’s going on on Election Day and even sway some voters to stay home.
According to Dan Wallach, a computer science professor at Rice University who studies the security of electronic voting systems, voting machines are never connected to the internet. Voter registration databases will mostly be printed out by Election Day, but counties that allow voting in more than one polling place and use electronic voter registration information could be affected.
Media reports of election results, of course, could be knocked out of commission by a DDoS attack. And last-minute get out the vote efforts would definitely be disrupted by a cyberattack.
“That kind of attack would dramatically disrupt get out the vote efforts,” Joseph Lorenzo Hall, chief technologist for the Center for Democracy and Technology, told Mashable.
Expect the worst
There are cyberattacks every day. They just usually aren’t as effective as the one that took out access to several major websites and services last Friday.
Widespread problems with websites including Spotify, Netflix and Twitter, were the result of a DDoS or “distributed denial of service” attack against the domain name system host Dyn.
Unidentified hackers used 100,000 devices to overwhelm Dyn’s DNS systems. By overwhelming Dyn with traffic from what were likely poorly protected devices like connected TVs and DVRs, hackers were able to prevent people from accessing any website that relied on Dyn’s DNS services.
DDoS attacks are relatively simple and only require massive scale, not complex skill. Since the attacks don’t need to target only one website and can instead take down huge swaths of the internet, they’re pretty scary on a day as big as Nov. 8.
“We see new levels of attacks, new zero days, new strains every day,” Dale Drew, chief security officer for the internet service provider Level 3 Communications, told Mashable. “We have been trained to expect the worst case scenario every time we see an attack.”
Learning from the past
Last week’s cyberattack primarily affected the East Coast. Another attack could be geographically based, or cover a wider range. That doesn’t mean it won’t be as effective the next time around.
Companies like Dyn face cyberattacks every day. Most are fended off, or don’t affect as many clients and people as last week’s. In the aftermath of this attack, clients who use one DNS provider have already added a second or ramped up their security in other ways, Hall said.
If anything, the chances of a similar attack on Election Day are lower, Hall said.
“No one seriously going to use that to disrupt or attack elections would have done something so blatant and so public,” Hall said.
No one has claimed responsibility for the recent cyberattack, but security experts know that it came from a bot net using the base code Mirai. The hackers behind the bot net were likely displaying the net’s power to anyone interested in its services for hire, Hall said. He thought it unlikely the same group would try another attack so soon afterward.
Still, people are worried. Ahead of one of the most tense days in American history, cybersecurity experts advised clients of DNS providers to widen their security options.
Dyn is preparing for future attacks whether or not they fall on Election Day.
“As you may imagine, we cannot predict future DDoS attacks,” Dyn spokesman Adam Coughlin told Mashable. “We have learned a great deal from the recent attack and very quickly put protective measures in place during the attack, and we are extending and scaling those measures aggressively.Additionally, Dyn has been active in discussions with internet infrastructure providers to share learnings and mitigation methods for future attacks.”
And people at home whose devices might have been part of the attack without their knowledge should check exactly what they have plugged in before they head out to the polls.