Tennessee officials have confirmed a cyber forensics investigation into the shutdown of a county website that briefly disrupted the broadcast of election-night results in primary races for local government offices.
The Knox County website suffered a server crash as polls closed on Monday night, a statement from Knox County Mayor Tim Burchett confirmed. The website was offline for about an hour before officials eventually got around to restoring it.
As a result, Mayor Tim Burchett has called on Sword & Shield Enterprise Security, a local IT security firm cybersecurity contractor, to investigate the server crash and conduct a root cause analysis to determine the precise reason behind the crash.
“Although the crash did not affect the vote tallies or the integrity of the election, this is not something that should happen,” Mayor Burchett said. “I want to know what happened, and I think an independent review will help to determine that so we can move forward and work to prevent similar issues in the future.”
Still, a preliminary review by the county’s own information technology department discovered “extremely heavy and abnormal network traffic” originating from numerous internet protocol addresses that were “associated with numerous geographic locations” both within and beyond the United States.
The entire incident, according to the county’s information technology director Dick Morgan, was “highly suggestive” of a DDoS, or distributed denial of service attack.
Image credit: LIFARS archive.