When the website that displayed the election results for Knox County, Tennessee, crashed during the hotly contested Republican mayoral primary in 2018, officials assumed the worst.
It had only been a year and a half since the 2016 election, when Russia had launched cyberattacks on several states’ election systems. The county hired a local cybersecurity firm that appeared to confirm that a distributed denial of service, or DDoS, attack had meant to flood the website with fake traffic. The FBI opened an investigation.
Two years later, officials have sheepishly pointed toward a different theory: Nobody hacked Knox County. Instead, the problems were due to the high profile of one of the county's candidates: Glenn Jacobs, better known as the superstar professional wrestler Kane. Wrestling fans around the world were rooting for him and checking the results.
The Knox County incident highlighted a phenomenon that’s far more common than confirmed DDoS attacks against election websites: state or local government sites seeing only major traffic during an election and being unprepared to handle an extra surge if things go viral.
Two federal officials familiar with the matter, speaking on the condition of anonymity because they aren't authorized to address the matter publicly, said there was no indication Knox County was hit with a malicious denial of service attack that night.
Zack Webb, who at the time was a system administrator for the county and is now its chief information officer, noted how unusual that election was, though the report from the incident doesn’t mention the candidates or non-Tennesseans’ potential interest in the race.
“We had a global celebrity running on a local ballot,” Webb said in a phone call. “Pretty unprecedented. But it wasn't treated any different than any of the previous 20 elections we ran.”
More recent website failures have also been connected to viral moments and celebrity efforts to encourage voting.
Florida’s voter registration site went down Oct. 6, the state's final day to register, after being overwhelmed with traffic. The state has declined to speculate why, though its DDoS protection service, Cloudflare, has said it saw no malicious activity around that time.
But the website received a boost from the popstar Ariana Grande, who has more than 77 million Twitter followers, after she encouraged Floridians to register during the final hours of eligibility.
Several states have blamed outages on well-intentioned voter registration efforts from tech companies. Google and Facebook’s links on National Voter Registration Day, Sept. 22, drove so many potential Illinois voters that the state’s board of elections website gave many of them error messages, a spokesperson for the board, Matt Dietrich, said in an email.
“At that point in September, the site had processed about 160,000 registrations. When Facebook and Google started their push, we were seeing up to 1.8 million hits per hour,” he said.
“It was still functioning very slowly for some users, but the vast majority of users were getting error messages throughout the day.”
That’s happened since U.S. tech companies began a real push to encourage users to vote in 2016, said Edgardo Cortés, Virginia’s former commissioner of elections.
“It's a real concern. It's not a new one,” Cortés said in a phone call.
Those efforts led to Virginia’s registration site crashing on the final day of availability in 2016, he said, which led voters to sue the state because they were unable to register.
“It was the first time the social media companies did a push to remind people about the voter registration deadline and their ability to apply online,” Cortés said. “They drove an insane amount of traffic to the site.”
Similar dynamics can happen on election night, he said.
“Election night reporting sites deal with a lot of the same things,” Cortés said. “Three hundred and sixty three days of the year, it's not used at all, nobody's going there, then all of a sudden the polls close and you have millions and millions of views on the site. You go from no traffic to just an immense amount. If you don't have the right tools in place, from the administrative perspective it can feel like a DDoS attack but it's really not.”
Such problems have led to Facebook this year giving states a heads up several days before they begin directing traffic their way, Facebook spokesperson Kevin McAlister said.
Tarah Wheeler, a cybersecurity fellow at Harvard’s Belfer Center for Science and International Affairs, said the solution is to address the cybersecurity abilities and money shortages confronting many state and local government websites.
“The real problem is that local election boards are underfunded, understaffed and lack basic technical skills,” Wheeler said in a text message. “They're often the last to receive attention and support when it's time to make big tech upgrades, and as a result, they, like other legacy organizations, have to make do with what they have.”
"Asking people, whether famous or not, to cease participating in electoral politics to preserve crumbling local elections’ internet infrastructure is bad for democracy and doesn't help fix the real problem,” she said.