A surge of traffic from 65 foreign countries – including Albania, Taiwan, Ukraine and New Zealand – helped crash the Knox County Election Commission website in a “direct attack,” according to a security firm’s report made public Friday. Such an attack – which struck the night of the May 1 primary as voters, candidates and reporters watched for results – could only have been deliberate, aimed at a specific weak point on the web server, investigators for Sword & Shield Enterprise Security found. Sword & Shield recommended further testing to determine whether such an assault could crash the server again. Knox County Information and Technology Department staffers performed the tests this week and believe they’ve plugged the hole, Deputy IT Director David Ball said. “We essentially re-enacted the attack and believe we have fixed it,” he said.
The cyberattack had no effect on vote tallies but caused long, frustrating delays for the results of the election, including the sheriff’s race and a race for Knox County mayor decided by a handful of votes. The website crashed about 8 p.m. and remained down for about an hour.
Screens in the Knox County Republican Party’s suite at the downtown Crowne Plaza hotel, for example, showed nothing but the message, “Service Unavailable.”