3/28/2012

Cyber attack on NDP leadership vote involved more than 10,000 computers


OTTAWA — A massive cyber attack involving more than 10,000 computers was behind the online voting chaos during Saturday’s NDP leadership vote, it was revealed today.
According to Scytl Canada, the company contracted by the party to conduct the vote, a deliberate large scale “distributed denial of service” (DDoS) attempted to deny NDP members access to the online balloting system.
“We deeply regret the inconvenience to NDP voters caused by this malicious, massive, orchestrated attempt to thwart democracy,” Susan Crutchlow, General Manager of Scytl said.
A forensic investigation is ongoing to locate the source of the attack, but the company said it has identified more than 10,000 “malevolent” IP addresses behind the “hundreds of thousands of false voting requests to the system.”
“The required organization and the demonstrated orchestration of the attack indicates that this was a deliberate effort to disrupt or negate the election by a knowledgeable person or group,” the company added.
The NDP first blamed the severe delays in the online voting on Saturday on a high volume of ballots, but later admitted it had become victim of a well orchestrated cyber attack.
While the attack temporarily slowed down the voting process, Scytl claimed its security system wasn’t penetrated. An onsite independent audit by Price Waterhouse Coopers confirmed that no ballots cast by credentialed NDP members were added, subtracted or changed.
The deadline to vote between first and second ballots was extended twice after the online system experienced slowdowns and crashes. The problems were repeated between the second and third ballots.
The end result of the technical glitches: a process that was supposed to see the second-ballot vote finished shortly after 12 ET instead saw the third-ballot voting not closed until almost 6 ET.
Party spokesman Brad Lavigne said on Saturday that the system had been hampered by an apparent cyber attack, but he said the votes had not been compromised and that the attack had only served to delay the process. NDP staff said all candidates had been aware of the voting problems and all had pledged to accept the result.

Voting for the fourth ballot was later extended by yet another hour, after complaints that members could not access the online system. Final results were not announced until after 9 ET. Party staff said the website that bit hit by a second denial-of-service attack, but it did not yet know who was behind them.
Crutchlow added that the voting system managed to repel the attack and the NDP responded appropriately: “When we diagnosed the problem and explained what we needed to do to respond, they were calm and cooperative and extended the voting time to ensure the integrity of the process, even in the face of media criticism and groundless speculation.”
65,108 members voted in the first ballot, an unexpectedly low number that meant fewer than 10,000 votes were cast once the convention opened on Friday. The total number of votes dropped further from the first to second ballot.
Thomas Mulcair eventually took 57% of the vote on the fourth and final ballot. Long-time organizer Brian Topp, a senior advisor to Mr. Layton, had 42% support.
(news.nationalpost.com)

0 comments:

Post a Comment

Grace A Comment!