2022 US midterm elections attack analysis

In the weeks leading up to the US elections, there was a significant increase in traffic to websites of state and local governments protected by Cloudflare's Athenian Project, as well as political campaigns and state parties using Cloudflare for Campaigns. SQL injection (SQLi) and HTTP anomaly attacks were the most common types mitigated by Cloudflare's Web Application Firewall (WAF). The majority of these attacks originated from IP addresses in the United States, although it is possible that attackers are using compromised systems within the country to launch their attacks. Despite the increase in overall traffic and attacks, WAF-mitigated traffic remained consistent throughout October and into November.