Tennessee

Knox County IT director Dick Moran and county IT staff were ready for Election Day and the higher amounts of traffic that would undoubtedly come to the county election commission website with former WWE wrestler, Glenn Jacobs, on the Republican ballot. At 7:50 p.m. Moran instructed the website be checked to make sure the early voting results could be posted when the polls closed 10 minutes later. Everything checked out. Everything was working. Sign Up: Get breaking news headlines in your inbox. Seven minutes after his request, Knox County’s election commission website was attacked and the results, although not impacted by the attack, wouldn’t be displayed until nearly 9 p.m., sowing more chaos into an already energetic and unpredictable night. All of the disruption, it has been determined since, was an effort to distract the county while another, simultaneous attack was happening behind the scenes accessing county information, according to Moran and Deputy IT Director David Ball.

An intentional cyberattack and suspicious activity by foreign computers preceded the crash of a website that was reporting results in a Tennessee county’s primary elections, a cyber-security firm said Friday. The Knox County elections website suffered the attack, and “a suspiciously large number of foreign countries” accessed the site on May 1, according to the report by Sword & Shield Enterprise Security. The firm hired by the county said those actions were among the likely causes of the crash, which also included a large increase in errors and in overall traffic. Officials have said no voting data was affected, but the site was down for an hour after the polls closed – causing confusion among voters – before technicians fixed the problem.

A surge of traffic from 65 foreign countries – including Albania, Taiwan, Ukraine and New Zealand – helped crash the Knox County Election Commission website in a “direct attack,” according to a security firm’s report made public Friday. Such an attack – which struck the night of the May 1 primary as voters, candidates and reporters watched for results – could only have been deliberate, aimed at a specific weak point on the web server, investigators for Sword & Shield Enterprise Security found. Sword & Shield recommended further testing to determine whether such an assault could crash the server again. Knox County Information and Technology Department staffers performed the tests this week and believe they’ve plugged the hole, Deputy IT Director David Ball said. “We essentially re-enacted the attack and believe we have fixed it,” he said.

Download the Sword & Shield Report on the Knox County Cyberattack

After a distributed denial-of-service attack knocked some servers offline during a local election in Tennessee this week, Knox County is working with an outside security contractor to investigate the cause. The attack took the Knox County Election Commission site displaying results of the county mayoral primary offline during Tuesday night voting. The county resorted to distributing printed results during the outage. “Tonight, Our web servers suffered a successful denial of service attack,” Knox County wrote on Twitter on Tuesday night. “Election results were not affected, as our election machines are never connected to the Internet.” The day after the incident, Knox County Mayor Tim Burchett reassured voters that the attack did not compromise the vote. Election systems that can go online are far less secure than systems that are not able to connect to the internet.

Officials in Knox County, Tennessee, are trying to gather more information about a cyberattack that crashed a government website that displayed election results to the public during its primary election for local offices on Tuesday. Dick Moran, the county’s top IT official, believes Knox County was the target of a denial-of-service attack in which actors with both domestic and foreign IP addresses deliberately flooded the county’s servers with traffic to try and crash them. The county website displaying election results went down for about an hour as polls closed on Tuesday. The crash meant that people who went to check election results between 8 and 9 p.m. on election night received an error message, according to the Knoxville News Sentinel. While the website was down, election officials printed out hard copies of the election results and gave them to reporters, WBIR, a local NBC affiliate, reported. Knox County Mayor Tim Burchett (R) said on Wednesday that the crash didn’t impact “vote tallies or the integrity of the election,” but that the county had hired a security firm to investigate the cause of the crash.

Officials are investigating a cyberattack that crashed the website displaying Knox County election results Tuesday night. Additionally, Knox County Mayor Tim Burchett on Wednesday said he has called for a cyber-security contractor to look into the server crash that shut down the county’s website just as polls closed on election night, according to a news release. … Sword & Shield Enterprise Security, a Knox County-based IT security firm, will conduct a root-cause analysis to determine the exact nature of the County server’s shut down, beginning today, the release said. IT Director Richard “Dick” Moran wrote that a preliminary review “noted that extremely heavy and abnormal network traffic was originating from numerous IP addresses associated with numerous geographic locations, both internal and external to this country. Based on my experience, this was highly suggestive of a (denial of service) attack.