Update: Tuesday, November 8th, 2016 7:00pm EST
Polls are starting to close and every indication points to no election day disruption due to DDoS attacks on DNS providers.
We did observe that some of the states saw increased traffic that potentially impacted end users.
Nevada Elections tweeted about the issue.
Update: Tuesday, November 8th, 2016 3:30pm EST
Late afternoon shows no widespread issues impacting battleground state electoral sites. Some slow downs in individual state sites are occurring but this looks like the result of performance degradation due to increased load, see below what state election officials needed to prepare for before the election.
Update: Tuesday, November 8th, 2016 12:00pm EST
No signs of DNS based DDoS cyberattacks or cyber-interruptions with battleground state election websites. Our team will continue to monitor things as the day progresses.
Update: Tuesday, November 8th, 2016 9:30am EST
Having a deeper look at the candidate’s websites over the past 48 hours. Both candidates sites have made last minute changes that we can see by the changes in response times and amount of data and objects being delivered. As with all things web performance related, changing content can impact end user experience.
Hillary Clinton (https://www.hillaryclinton.com)
Donald Trump (https://www.donaldjtrump.com)
Update: Tuesday, November 8th, 2016 9am EST
Here is a dashboard we are using to track battleground state and candidate websites over the past 48 hours. Interesting activity on both candidate sites as they make last minute content changes on the eve of the election. Will update some detail on that shortly.
Update: Tuesday, November 8th, 2016 8am EST
Morning of election day, here is the performance of the key battleground state election sites for the past 36 hours. Some state election sites are providing more consistent performance than others. We will update this throughout the day.
Update: Monday, November 7th, 2016 10pm EST
As we watch the state level electoral sites here are some of the ways we use Synthetic Monitoring (proactive software robots) to provide validation that the websites are not being impacted by a malicious actor. In some types of attacks a malicious party could try to redirect end users from a legitimate site to a false site. In situations like this there are a number of techniques which can be used to proactively validate that a site is responding the way that it is supposed to.
The most direct way to do this is to apply a validation rule. Below is an example where a string (series of characters) has to be seen every time that site is loaded. In addition to make sure that the validation string is correct, you can ad a locator rule which means that the string is only valid if it is found on a certain part of the page.
Another way to validate the page is being delivered as it is expected, is to proactively monitor Key Delivery Indicators like the number of bytes, objects, connections and hosts. Often when a malicious actor takes over a site they change the expected content seen by end users. This can be seen in changes in the number of bytes, objects, hosts, etc… being delivered. For example every time I load this page, 1MB of data is transferred, if we don’t see that amount of data something is amiss and alert us to that.
There is a caveat here, highly dynamic sites will have constant changes in these values. In those situations you will want to rely on validation strings over this approach.
Update: Monday, November 8th, 2016 1pm EST
We are 24 hours away from the end to the 2016 Election Cycle, and as a historic campaign comes to a close all eyes turn toward the “battleground” states. With fears of cyber attack being discussed in the media I decided to place some synthetic monitoring on the main election pages for each of the battleground states. These pages are used by state voters to locate their designated polling place and obtain instructions on voting procedures. The monitoring is done by software robots from locations all across the United States.
Cyber attack
The idea is to look for indicators that a cyber attack like the Friday Oct 21st DDoS attack was underway. That cyber attack focused on attacking DNS (Domain Name Service) providers. DNS can be simply described as an internet phone book, mapping site names to IP addresses. Attacking DNS providers is like burning all the phone books for the phone company or deleting all your contacts in your address book, the internet still functions but trying to get to site becomes difficult or impossible.
Below you can see the DNS performance of each battleground state for the past 24 hours. This is one of the ways I will be monitoring for potential cyber-disruption during election day.
Digital Preparedness
In addition to monitoring for cyber-disruptions I will also be looking at digital preparedness for each battleground state election site. In this analysis we will be looking at how fast the state election sites can respond to a request from and end user. The specific metric we look at is W3C Request time. This is a marker which indicates when the first byte/packet of data for a request is seen by the end user’s browser. You can think of this as application/server think time, we want to know if the websites servers and applications slow down when under heavy load.
Below is a view of that W3C Request/First Byte Time of each battleground state website.
There are industry-proven strategies for ensuring digital preparedness that state websites should look to when developing applications to serve their voters. The applications supporting these websites can be very complex and understanding this complexity is the key to ensuring digital preparedness. Below is an example of the dependencies seen in an application supporting a website. You can see that even relatively simple site can have substantial complexity which needs to be managed to ensure satisfactory end user experience.
If a state’s election website is not digitally prepared and the site slows down or fails under extreme loads on election day, voters will be unable to know where to go to vote.
State Digital Performance Results
The final aspect I will look at is the digital performance results for each battleground state site. I will measure how long it takes a page to be “interactive”, the point where a voter could start looking for where their polling site is.
While DNS and W3C/Request all impact end user (voter) experience there are other indicators to look at. I will watch indicators like…
- Byte count (Page Weight), this is how much data gets transferred when a page is loaded.
- Object and Connections, this is how complex a page is
- Hosts, this is the number of third parties being used like social media, trackers, ads, etc…
Below you can see that some of the state elections sites are very simple pages where other are more complex.
Things to look for
Digital Transformation is not limited to the retail and financial industry. Every aspect of our lives are being touched by Digital Transformation. Voters from across the US will be accessing their local state sites to find out where and when to vote. This is just the beginning of how important digital transformation will be to the election process.
I will be looking at other indicators of how effective each battleground state’s election site are, and how they have embraced digital transformation. Check back here for updates over the next 36 hours.