Georgia election officials recently took swift action to prevent an attempt to overload the state's absentee voter portal, potentially causing a crash, as reported by the secretary of state's office. The attack was specifically targeted at the section of the website used by voters to request absentee ballots. While users may have experienced a brief slowdown, the site remained operational, and no data was compromised.
The origin of the attack remains unclear, and there have been no reports of similar incidents in other states. The Georgia secretary of state's office promptly informed federal authorities about the attack, although agencies such as the FBI, the federal Cybersecurity and Infrastructure Security Agency, and the Office of the Director of National Intelligence declined to comment on the matter.
The secretary of state's office's detection tools raised an alert about a processing slowdown on October 14, just before the commencement of early in-person voting. Internet security firm Cloudflare quickly identified the incident as a denial-of-service attack, a tactic that involves overwhelming a site with data to disrupt its operations.
During the peak of the attack, approximately 420,000 IP addresses were simultaneously attempting to access the site. To counter this, the office implemented a verification tool to confirm users' identities, leading to a significant drop in traffic. Within 30 minutes of the initial alert, the situation returned to normal.
Cloudflare informed Georgia officials that many of the IP addresses involved had been linked to previous denial-of-service attacks. Despite the intensity of the incident, officials noted that their systems effectively responded to the threat, and the situation was managed without causing panic.
