Georgia officials say they thwarted an attempt to crash a state election website
The Georgia secretary of state's office said it acted quickly earlier this month to thwart an attempt to flood the state’s absentee voter portal in an apparent attempt to crash the site
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Georgia election officials acted quickly earlier this month to thwart an attempt to flood the state's absentee voter portal in an apparent attempt to crash the site, the secretary of state's office said.
The attack was limited to that part of the state's website, which voters use to request an absentee ballot. Users may have experienced a brief slowdown, but the site never crashed and no data was compromised, said Gabriel Sterling, a top official at the agency.
He said it was not clear where the attack originated. There has been no public indication that similar systems in any other state were subject to the same kind of attack.
The Georgia secretary of state’s office alerted federal authorities about the attack. The FBI, the federal Cybersecurity and Infrastructure Security Agency and the Office of the Director of National Intelligence all declined to comment Thursday.
Detection tools that the secretary of state's office has in place generated an alert about a processing slowdown shortly after 5 p.m. on Oct. 14, the day before early in-person voting was to start. Sterling said internet security firm Cloudflare sent an indication within minutes that it was a denial-of-service attack, which involves flooding a site with data in order to overwhelm it and knock it offline.
The secretary of state's office could see that, at the peak, at least 420,000 IP addresses were trying to access the site at the same time, Sterling said. The office put in place a verification tool requiring users to prove that they're human and then the traffic “just sort of fell through the floor,” Sterling said. Within 30 minutes of the first alert, he said everything was back to normal.
Cloudflare told Georgia officials that many of the IP addresses had been used in previous denial-of-service attacks.
“In general, our systems worked," Sterling said. "We just executed. There was not panic at all.”