INFRA
INFRA
INFRA
Tennessee DDoS attack may have been motivated by retaliation or protest
Russians? Chinese? Gun-averse liberals who hate Dixieland? All of those and other factors could be responsible for one of the weirdest cyberattacks of recent times after an election in Knox County, the main seat of government for Knoxville, Tennessee, was targeted by a distributed denial-of-service attack.
The DDoS attacked occurred last Tuesday evening, knocking county servers offline in a seeming attempt to delay the publication of the election results. Described by Cyber Security Hub as the DDoS “incident of the week,” the attack itself did not affect voting nor compromise the tallying of the results, only their publication. The county had to resort to printing the result in paper for distribution instead.
Tim Burchett, the mayor of Knox County, which has a population of 432,000, said he had called in a cybersecurity contractor to investigate the attack. He added that “this is not something that should happen” and that “I want to know what happened, and I think an independent review will help to determine that so we can move forward and work to prevent similar issues in the future.”
It may be easy to have some fun with such an oddly targeted attack, but one security researcher believes it’s worth examining. Rob Tate, security researcher at WhiteHat Security Inc., who analyzed the attack, told SiliconANGLE that “DDoS [has] evolved from people having fun to more targeted acts of retaliation or protest. The attack method may not aim to steal data but is often used to raise awareness and protest—essentially saying, ‘We brought down your site; nobody can get to you because we don’t like you.’ It’s a platform for activism.”
Noting that it’s not just municipal systems that are open to DDoS attacks, Tate said that websites usually aren’t equipped to handle such a massive volume of traffic and will simply “fall over and die” when this many requests are made simultaneously.
“It’s a difficult and sometimes expensive attack to prevent and one that attackers will continue to use because of its simplicity and ease,” Tate added. “Prevention is challenging because attacks are unique and hard to fingerprint. Building a robust monitoring system and red team in case of attack are key. Once an attack is underway, they typically have very similar-looking signatures. Capturing packets and identifying the unique fingerprint are also essential.”
Photo: knoxcounty/Flickr
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
