An intentional cyberattack and suspicious activity by foreign computers preceded the crash of a website that was reporting results in a Tennessee county’s primary elections, a cyber-security firm said Friday. The Knox County elections website suffered the attack, and “a suspiciously large number of foreign countries” accessed the site on May 1, according to the report by Sword & Shield Enterprise Security. The firm hired by the county said those actions were among the likely causes of the crash, which also included a large increase in errors and in overall traffic. Officials have said no voting data was affected, but the site was down for an hour after the polls closed – causing confusion among voters – before technicians fixed the problem.
… Dan Wallach, a computer science professor at Rice University, notes that the internet is a “messy place” with a lot of background traffic. “It is often quite difficult to understand what is an attack, and what is just random traffic,” Wallach said.
However, if it is a specific attack, then it would be difficult to find its origin because attackers are very good at hiding their location, Wallach said.
“What attackers will do is they’ll break into other computers and then launch their attacks from there,” he said.