U.S. vote counting unaffected by cyberattacks, officials say
No digital intrusions are known to have affected the counting of the midterm vote
WASHINGTON — No instances of digital interference are known to have affected the counting of the midterm vote after a tense Election Day in which officials were closely monitoring domestic and foreign threats.
A few state and local governments appeared to be hit by a relatively rudimentary form of cyberattack that periodically made public websites unreachable. But U.S. and local officials said Wednesday that none breached vote-counting infrastructure.
“We have seen no evidence that any voting system deleted or lost votes, changed votes, or was any way compromised in any race in the country,” Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Agency, said in a statement.
CISA and other federal agencies had warned that safeguarding U.S. elections has become more complex than ever, with the most serious threats from domestic sources. Foreign adversaries such as Russia, China, and Iran have tried to meddle in individual campaigns and amplify false or misleading narratives on social media.
Many members of an increasingly fractious American public have latched onto unproven conspiracies about voter fraud. And there are constant fears that state-sponsored intruders or criminals might try to interfere with voter rolls or steal data for ransom. Also of concern are increasing physical and online threats to election workers.
Votes are still being counted throughout the country and winners have not been projected in some key races that will decide control of the House and Senate.
“It's important to remember that this thorough and deliberative process can take days or weeks, depending on state laws; these rigorous procedures are why the American people can have confidence in the security and integrity of the election,” Easterly said in a statement.
The website of Mississippi's secretary of state was down for part of Tuesday and there were other reports of sites becoming unreachable throughout the country, including in Champaign County, Illinois, and parts of Arkansas.
Mississippi was apparently hit with a “distributed denial of service,” in which a website is made unreachable by a flood of inauthentic traffic. Federal and state officials said they could not say who was responsible for the Mississippi attack or other denial of service incidents, though a pro-Russia group had called on the social media platform Telegram for its followers to target the site.
“While attribution is inherently difficult, we’ve not seen any evidence to suggest that these are part of a widespread coordinated campaign,” said one official at CISA, the cybersecurity arm of Department of Homeland Security, in a briefing Tuesday. The official spoke on condition of anonymity under rules set by the agency.
Analyst Alexander Leslie of the cybersecurity firm Recorded Future called the attacks “negligible, a minor nuisance at most.”
The pro-Russia group that claimed responsibility for degrading Mississippi's site also tried to organize an attack against democrats.org, run by the Democratic National Committee. There is no evidence the DNC's site was affected, Leslie said.
Killnet, a far larger pro-Russia hacktivist group with 100,000 online followers that knocked down some state government and airport websites in October, did not organize any online attempts to attack U.S. election infrastructure.
That may be because such digital systems “are tough targets to hit. CISA has pretty high cybersecurity standards,” Leslie said. “If they claim a bunch of attacks that do absolutely nothing, it doesn't look good for Killnet.”
Republican state Sen. Scott DeLano of Mississippi is a legislative adviser for the state Department of Information Technology Services. He told The Associated Press on Wednesday that Mississippi government websites typically face “hundreds, if not thousands” of attempted intrusions daily — nothing unusual in today's online world.
The site's inaccessibility meant, for example, that residents could not use the site’s information about the location of voting precincts. DeLano said the secretary of state keeps a separate database for statewide voter registration information and that was not affected by the attack. Same-day election results are not posted on the Mississippi secretary of state’s site, so those also were not affected.
In a statement, Secretary of State Michael Watson, a Republican, credited technology staff who “worked diligently to ensure that Mississippi’s election was secure, and through their hard work, we can confidently say our election system was not compromised.”
“We will continue to work ... to ensure, as cyber attacks strengthen in frequency and intellect, we are prepared and have the necessary resources to combat any and all attacks,” Watson said.