Cyber Incident Victim: Mississippi State Government
Date:
Nov 2022
Location:
United States of America
Summary
Several Mississippi state election websites experienced periodic inaccessibility due to a distributed denial-of-service attack during midterm elections, though officials confirmed voting and ballot counting systems remained secure and uncompromised. A pro-Russian hacking group claimed responsibility, but state and federal cybersecurity agencies did not attribute the attack, noting insufficient evidence while dismissing unrelated technical issues in Illinois as resolved without impact. The disruption affected public-facing election information portals but did not interfere with core electoral processes or result reporting.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On November 8, 2022, during Mississippi’s midterm elections, multiple state election websites experienced periodic outages due to a distributed denial-of-service (DDoS) attack. The Mississippi Secretary of State’s office confirmed the disruption stemmed from an abnormally large surge in traffic targeting public-facing election information portals, rendering them intermittently inaccessible to voters. While the attack hindered access to election-related websites, officials emphasized it did not compromise voting systems, ballot tabulation, or result reporting processes. The Cybersecurity and Infrastructure Security Agency (CISA) engaged with state officials and technology vendors for several hours to implement mitigations, restoring functionality by the evening. A senior CISA official described the incident as the most significant digital disruption observed on Election Day but clarified that voting infrastructure remained unaffected. Concurrently, technical issues unrelated to malicious activity disrupted ballot scanners in some precincts, which officials attributed to routine malfunctions resolved without impacting vote integrity.
A pro-Russian hacking group claimed responsibility for the DDoS attack via a Telegram post, though Mississippi authorities stated they lacked sufficient evidence to attribute the incident to any specific actor. CISA officials acknowledged the claim but cautioned against premature attribution, noting no indications of a widespread coordinated campaign targeting election infrastructure. The agency confirmed tracking a "handful" of similar low-impact incidents nationwide but observed no DDoS attacks targeting election night result reporting portals. Separately, Champaign County, Illinois, reported an attack on its voter registration database, though CISA clarified this resulted from a vendor technical issue resolved without affecting voting. Mississippi officials reiterated that election systems remained secure despite the website disruptions and anticipated unofficial vote counts would proceed normally, with certification timelines adhering to state legal requirements. CISA warned that similar disruptions might occur during the post-election period but reaffirmed no evidence suggested systemic threats to election integrity.