As DDoS attacks grow in frequency and bandwidth each year, detection and proactivity become crucial to maintaining system functionality on both back-end structures and front-end user interfaces. In the case of political elections, keeping polling up and running can mean the difference between fair democratic processes and skewed election results. In today’s shall we say ‘tempestuous’ international climate, clarity in how we choose our world leaders is paramount. Unfortunately, cyberattacks that impede this goal are only too common.
Naturally, electoral fraud and disruption is a time honored tradition when in need of expressing displeasure with the way things are going. I have no doubt in my mind there was at least one ancient Athenian (disgruntled by poor goat pasturing practices, probably) who decided to throw his colored voting pebble in the face of an unpopular archon candidate instead of placing it civilly into the city-state’s designated wooden election box.
Though, current expression methodologies might be slightly more technologically advanced nowadays.
Using DDoS Attacks To Disrupt Elections
Hacktivism is a common motivation behind DDoS attacks, and remains a real threat to elections around the world. “Our ATLAS system collects anonymous traffic data from, delivering visibility into approximately 1/3rd of all internet traffic.”
Here is a look at DDoS activity collected by ATLAS for October, the month of the election. This eastern European country elected its new Prime Minister Andrej Babiš amid coordinated cyberattacks against several websites used for presentation of results during the counting of votes. As a result, two websites become entirely inaccessible.
DDoS Attacks Against Czechia
The top country sources of DDoS activity against Czechia during this month were the Ukraine, Switzerland, the United States and Sweden. The largest attack during this month was 318 Gbps on the 31st and 1st of November.
The election, held on October 20th and 21st of 2017, was not the only one the Czech Republic’s government suffered. Earlier in 2017, another cyberattack was discovered to be targeting the Foreign Ministry staff in what some postulated was an attempt to leverage confidential information to influence the October votes.
One month later, we see even more DDoS activity in November (up to 594 Gbps on the 22nd and 23rd) since the new Prime Minister took office:
Motivation behind these attacks might have had something to do with Babis’ controversial reputation and his facing fraud charges. But let’s be honest- who in office these days isn’t considered ‘controversial’ by at least some small percentage of their country? It comes with the territory of leading a nation, and even the most well-liked prime ministers, presidents, and royal families all receive scrutiny. The point is: DDoS appears to be the tool to prevent access to the Internet during critical voting times and attempt to sway or change election outcomes. Either we go back to the ancient method of voting/throwing stones, or we better protect ourselves against DDoS.