The campaign website of a Democratic congressional candidate in California was taken down by cyberattacks several times during the primary election season, according to cybersecurity experts.
Rolling Stone reported on Thursday that cybersecurity experts who reviewed forensic server data and emails concluded that the website for Bryan Caforio, who finished third in the June primary, was hit with distributed denial of service (DDoS) attacks while he was campaigning.
The attacks, which amount to artificially heavy website traffic that forces hosting companies to shut down or slow website services, were not advanced enough to access any data on the campaign site, but they succeeded in blocking access to bryancaforio.com four times before the primary, including during a crucial debate and in the week before the election.
Caforio’s campaign didn’t blame his loss on the attacks, but noted that he failed to advance to a runoff against Rep. Steve Knight (R-Calif.) by coming up 1,497 votes short in his loss against fellow Democrat Katie Hill.
Caforio’s campaign tried several tactics to deter malicious actors, including upgrading the website’s hosting service and adding specific DDoS protections, which in the end failed to deter the attacks.
“As I saw firsthand, dealing with cyberattacks is the new normal when running for office, forcing candidates to spend time fending off those attacks when they should be out talking to voters,” Caforio told the magazine.
A spokeswoman for the Department of Homeland Security (DHS) told Rolling Stone that it offered to help Caforio’s campaign investigate the four attacks but received no response.
A DHS spokesperson did not immediately respond to a request for comment from The Hill.
An aide to the Democratic Congressional Campaign Committee, the campaign arm for House Democrats, told Rolling Stone that it takes attacks such as the ones Caforio faced “very seriously.”
“While we don’t have control over the operations of individual campaigns, we continue to work with and encourage candidates and their staffs to utilize the resources we have offered and adopt best security practices,” the aide said.
Source: https://thehill.com/policy/cybersecurity/407608-california-democrat-hit-with-ddos-attacks-during-failed-primary-bid