back to top
Politics

No, A DDoS Attack Could Not Swing The Election

Hackers can take away your Twitter, but they can't take your vote.

Posted on

WASHINGTON — A massive cyber-attack hit the internet Friday at the same time as talk of a rigged election is swirling, so it's natural that some people would worry such an attack on election day could cause chaos.

But you don't have to worry, hackers will not be able to prevent legions of Americans from voting.

A Distributed Denial of Service, or DDoS attack, involves flooding a website's servers to make it unavailable to users. The DDoS attack Friday managed to cause major disruptions to sites like Twitter, Reddit and Spotify.

This sparked the New York Times to warn that a DDoS attack could affect voters in the 31 states that allow internet voting.

Well, no.

Most of the 31 states allow "internet voting" only in the technical sense. They are not casting day-of votes online, but rather emailing or faxing in their ballots in advance. With one exception, this right extends almost exclusively to uniformed service officers overseas, according to the National Conference of State Legislatures. It's not just online voting: It's extremely hard to hack an election in general. Officials and experts have said talk of the election being hacked or rigged is “hyperbolic.”

Alaska is the only state that allows all voters the option to vote through an online portal. Arizona and North Dakota have online portals for service members overseas. Missouri also has an online portal, but only for voters in a "hostile fire area."

In theory, scammers could flood the servers of a State voting portal and block legitimate citizens from voting on election day. There's just one problem with that plan — people overseas typically don't cast their vote on Election Day.

Absentee voters have a window of weeks before the election to cast their ballot. A DDoS attack would have to last for days or weeks to stymie a significant number of voters. It would also give state officials a significant amount of time to adapt and find a solution. There is no evidence such an attack has happened.

“I’m pretty confident things are going to be just fine," said John Arnold, State Elections Director for North Dakota, one of the states that maintains an online portal.

So far, 1,072 people have requested to receive and file their ballot electronically in North Dakota and 635 people have voted. Ballots have to be filed before election day. Both the state and the Department of Homeland Security regularly scan the system to make sure it is functioning properly. There have been no compromises so far, according to Arnold.

Alabama already went through an online voting trial during the primaries, though they are not allowing it for this election. Authorities there say their system did face attacks that slowed down their website but caused no serious issues.

"At this time our team is not concerned that these attacks are indicative that an attack is imminent on our election systems, most importantly because DDoS attacks, while annoying, do not involve systems being compromised," said John Bennett, a spokesperson for Alabama Secretary of State John Merrill.

Paul McLeod is a politics reporter for BuzzFeed News and is based in Washington, DC.

Contact Paul McLeod at paul.mcleod@buzzfeed.com.

Nathaniel Meyersohn is a political reporting intern and is based in New York.

Contact Nathaniel Meyersohn at nathaniel.meyersohn@buzzfeed.com.

Got a confidential tip? Submit it here.