Home » FBI: DDoS Attack Potentially Targeted State Voter Registration Site

Cyber Security NewsCyberSecurity Newswire

FBI: DDoS Attack Potentially Targeted State Voter Registration Site

February 5, 2020

The U.S. Federal Bureau of Investigation (FBI) warned of a potential Distributed Denial of Service (DDoS) attack that targeted a state-level voter registration and information site in a Private Industry Notification (PIN).

"The FBI received reporting indicating a state-level voter registration and voter information website received anomalous Domain Name System (DNS) server requests consistent with a Pseudo Random Subdomain (PRSD) attack," according to the FBI PIN seen by BleepingComputer.

"PRSD attacks are a type of DDoS attack used by threat actors to disrupt DNS record lookups by flooding a DNS server with large amounts of DNS queries against non-existing subdomains," says the report. BleepingComputer reports that the FBI says that the state voter registration website was not affected by the DDoS siege due to properly set up rate-limiting on the target's DNS servers.

A high volume of DNS requests consistent with a PRSD DDoS attack hit the DNS server of the voter registration website over a month, with short periods of time where the amount of DNS requests increased tenfold, says the report.

"The requests occurred over the course of at least one month in intervals of approximately two hours, with request frequency- peaking around 200,000 DNS requests during a period of time when less than 15,000 requests were typical for the targeted website," the FBI explains.

The DNS requests had source IP addresses belonging to recursive DNS servers, obfuscating the originating host(s) or attacker, and were largely for non-existent subdomains of the targeted website, says BleepingComputer.

The FBI provided potential targets with a series of precautionary measures to be taken to successfully mitigate DDoS attacks, to include:

Implement an incident response plan, including a DDoS mitigation strategy, and practice this plan prior to an actual incident.
If the incident response plan involves external organizations, ensure the appropriate contacts with the external organizations are established prior to an incident.
Enable automated patches for your operating system, Web browser(s), and software to the extent possible. When necessary, manually apply as soon as possible.
Maintain a timeline of attacks, recording all relevant details.

I want to hear from you. Tell me how we can improve.

BNP Media Owner & Co-CEO, Tagg Henderson

You must login or register in order to post a comment.

In this webinar, we’ll share quantitative, real-world pay and bill rate data from hundreds of security firms across the U.S. to identify common trends. We’ll review how companies price their services based on location, type of post, and the size of the firm.

With the coronavirus pandemic adding to an evolving set of risks to already challenged security operations and budgets, reducing enterprise risk is more complex than ever.

Poll

Emergency Communications

View Results

Poll Archive

Products

Effective Security Management, 7th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

Security Magazine

2020 March

This month in Security magazine: Mike Matranga has been labeled brash, tough, outspoken, emotional and controversial. But when it comes to school security, he doesn’t care what people think of him. He is 100 percent undeterred by anyone who may question his methods when it comes to keeping schools and students safe at Texas City ISD.

View More Create Account

FBI: DDoS Attack Potentially Targeted State Voter Registration Site

Related Articles

Related Products

Report Abusive Comment