After a distributed denial-of-service attack knocked some servers offline during a local election in Tennessee this week, Knox County is working with an outside security contractor to investigate the cause. The attack took the Knox County Election Commission site displaying results of the county mayoral primary offline during Tuesday night voting. The county resorted to distributing printed results during the outage. “Tonight, Our web servers suffered a successful denial of service attack,” Knox County wrote on Twitter on Tuesday night. “Election results were not affected, as our election machines are never connected to the Internet.” The day after the incident, Knox County Mayor Tim Burchett reassured voters that the attack did not compromise the vote. Election systems that can go online are far less secure than systems that are not able to connect to the internet.
… In a report from Knox County’s IT Department, Director Dick Moran noted “extremely heavy and abnormal network traffic” consistent with a DDoS attack and observed that the IP addresses involved originated from both domestic and international locations. Moran drew a distinction between a DDoS attack that can knock servers offline and a hack intended to infiltrate systems or servers.
Sword & Shield Enterprise Security, a Knoxville-based security firm, has been contracted to conduct an analysis of the attack and “determine the exact nature” of the server’s time offline.
The county site that was affected by the attack only displayed results to the public, it did not receive or tabulate them. Still, DDoS attacks are sometimes used as a diversionary tactic to create chaos. TechCrunch has reached out to Sword & Shield with additional questions about the sophistication and extent of the attack.