Tennessee

Knox County IT director Dick Moran and county IT staff were ready for Election Day and the higher amounts of traffic that would undoubtedly come to the county election commission website with former WWE wrestler, Glenn Jacobs, on the Republican ballot. At 7:50 p.m. Moran instructed the website be checked to make sure the early voting results could be posted when the polls closed 10 minutes later. Everything checked out. Everything was working. Sign Up: Get breaking news headlines in your inbox. Seven minutes after his request, Knox County’s election commission website was attacked and the results, although not impacted by the attack, wouldn’t be displayed until nearly 9 p.m., sowing more chaos into an already energetic and unpredictable night. All of the disruption, it has been determined since, was an effort to distract the county while another, simultaneous attack was happening behind the scenes accessing county information, according to Moran and Deputy IT Director David Ball.

An intentional cyberattack and suspicious activity by foreign computers preceded the crash of a website that was reporting results in a Tennessee county’s primary elections, a cyber-security firm said Friday. The Knox County elections website suffered the attack, and “a suspiciously large number of foreign countries” accessed the site on May 1, according to the report by Sword & Shield Enterprise Security. The firm hired by the county said those actions were among the likely causes of the crash, which also included a large increase in errors and in overall traffic. Officials have said no voting data was affected, but the site was down for an hour after the polls closed – causing confusion among voters – before technicians fixed the problem.

A surge of traffic from 65 foreign countries – including Albania, Taiwan, Ukraine and New Zealand – helped crash the Knox County Election Commission website in a “direct attack,” according to a security firm’s report made public Friday. Such an attack – which struck the night of the May 1 primary as voters, candidates and reporters watched for results – could only have been deliberate, aimed at a specific weak point on the web server, investigators for Sword & Shield Enterprise Security found. Sword & Shield recommended further testing to determine whether such an assault could crash the server again. Knox County Information and Technology Department staffers performed the tests this week and believe they’ve plugged the hole, Deputy IT Director David Ball said. “We essentially re-enacted the attack and believe we have fixed it,” he said.

Download the Sword & Shield Report on the Knox County Cyberattack

After a distributed denial-of-service attack knocked some servers offline during a local election in Tennessee this week, Knox County is working with an outside security contractor to investigate the cause. The attack took the Knox County Election Commission site displaying results of the county mayoral primary offline during Tuesday night voting. The county resorted to distributing printed results during the outage. “Tonight, Our web servers suffered a successful denial of service attack,” Knox County wrote on Twitter on Tuesday night. “Election results were not affected, as our election machines are never connected to the Internet.” The day after the incident, Knox County Mayor Tim Burchett reassured voters that the attack did not compromise the vote. Election systems that can go online are far less secure than systems that are not able to connect to the internet.