A Mexican campaign site was hit with a distributed-denial-of-service (DDoS) attack during the final presidential debate, which comes mere weeks before the 1 July election, fomenting concerns of election security.
The affected site, run by the National Action Party (PAN), targets front-runner Andrés Manuel López Obrador, but his party reportedly denies any involvement with the outage. The majority of traffic that caused the outage supposedly came from Russia and China, which may or may not correlate with the origin of the attack.
There are currently no clear signs of foreign hacking in Mexican campaigns, and cyber-experts have not yet identified who was behind the attack. One possibility, Reuters reported, is that “it could have been done by hackers for hire working on behalf of somebody looking to prevent people from accessing the PAN website.”
Tensions and nerves are high as Mexico prepares for its election, particularly after evidence of Russia’s meddling in the 2016 US presidential election. National elections are not the only targets of attack, though. Just this month, news broke of an attack on the Knox County, Tennessee, election commission website, elevating concerns of election security. Originally, the Knox County attack was reported as a DDoS, but new evidence suggests that the DDoS was only a smokescreen for a larger attack.
Knox News reported on the larger attack and spoke with deputy IT director David Ball, who said, “It was not an attempt to actually change any data or put anything onto our servers; it was an attempt to take things off of our servers, to read what was there … they were looking to get things, not give things.”
“DDoS is preventable through runtime application self-protection (RASP) or web application firewall (WAF) technology,” said Jeannie Warner, security manager at WhiteHat Security. “I believe all critical services and applications fronting PII [personal identifiable information] or transactional information should have some sort of application protection beyond what a next-generation firewall (NGFW) or intrusion prevention system (IPS) can offer."
“Additionally, because the DDoS absolutely can distract from a secondary attack, especially as an attempt to ‘cover the tracks’ of something invasive, it’s critical that all states and countries start prioritizing the hardening of anything having to do with the voting system,” Warner said.