NDP voting disruption deliberate, hard to track

More than 10,000 computers used in denial of service attack, voting company Scytl says

By Laura Payton, CBC News

Posted: Mar 27, 2012 11:32 AM ET

Last Updated: Mar 27, 2012 4:52 PM ET

A cyber attack that caused long delays in the online voting system used to select Thomas Mulcair as NDP leader on Saturday was a deliberate effort to disrupt balloting, according to the company that created the system. (Evan Mitsui/CBC)

It could be impossible to track whoever tried to sabotage the NDP's leadership vote last weekend, with both New Democrats and the company behind the online voting system pointing Tuesday to what's bound to be a complicated investigation.

The attack on the online voting system used to select Thomas Mulcair as the NDP's leader needed a level of organization that points to a deliberate effort to disrupt the leadership race, Scytl, the company that created the electronic ballots, said in a news release Tuesday.

Scytl has identified more than 10,000 IP addresses, mostly in Canada, and that could help identify the people behind the attack, which slowed down voting and denied party members access to the website used for voting.

The firm is now conducting a forensic investigation, a spokeswoman said.

An NDP spokeswoman wouldn't speculate on what the report might say or whether it would spark a police complaint.

"People who are able to pull off these kinds of things are very good at covering their tracks," Sally Housser said. "Whether there's a police complaint] depends on when we receive more information. We’re not going to speculate until we have further information."

The Scytl release says "the required organization and the demonstrated orchestration of the attack indicates that this was a deliberate effort to disrupt or negate the election by a knowledgeable person or group."

The company attributes the problem to a "deliberate, large-scale Distributed Denial of Service (DDoS)" attack.

A denial of service attack bombards a server with repeated attempts at communication to try to slow it down or crash it altogether. That kind of attack can be co-ordinated by one person using a number of IP addresses with computers that don't belong to the attacker.

'None of this is legal'

It's entirely possible one person may be behind the attack, and that would be very hard to track, cyber security expert David Skillicorn told CBC News.

It's possible for a hacker to get into hundreds of computers and install software, then rent out the use of the computers for such an attack. The cost: as little as $100.

"There's lots of ways in which a computer can be compromised, but I guess the most common one is that somebody gets an email with an attachment and nothing seems to happen, but in fact something did, and a week or a month later that piece of software starts behaving in ways they wouldn't have liked," said Skillicorn, who teaches at Queen’s University.

"None of this is legal to do, but it's relatively easy to go on the internet and find somebody who has a botnet to rent [the collection of machines]" he said.

The best chance to find the perpetrator is if the person brags and is reported, Skillicorn said. "Or just maybe you could track their credit card payment for the botnet service," he added.

Attack slowed vote

The attack over the weekend slowed down the voting process by several hours over two ballots, forcing the convention to run later than the party had hoped and past the prime time for announcing the new leader. It led to a flood of complaints by members who couldn't cast their ballots. About 11,000 NDP members were voting live, as opposed to advance voting.

The company's statement says high-profile political or organizational websites are common targets of denial of service attacks, "often launched as protests by the organization's political or economic opponents."

Scytl has never experienced an attack like this before, company spokeswoman Susan Crutchlow said .

"But this is not uncommon, I mean … this is just a common thing that is happening out in the industry," Crutchlow said.

"Obviously, this has now allowed us to capture additional data to incorporate into the security measures of our system."

Crutchlow wouldn't say how long it will take to prepare the forensic analysis and said it's up to the NDP to comment on whether there will be a police complaint out of it.

The vote wasn't compromised, Scytl says, pointing to an audit by Price Waterhouse Coopers during the convention. The attacker didn't get through the site's security system, and no ballots cast by credentialed NDP members were added, subtracted or changed, the company says.

Stay Connected with CBC News

Big Box Advertisement

Power & Politics Ballot Box question by Rosemary Barton May. 22, 2013 5:39 PM Do you believe the P.M. learned about the Duffy/Wright deal through the media?

Top News Headlines

2nd suspect named in Tim Bosma slaying: The second suspect arrested in the Tim Bosma slaying has been identified as Mark Smich, 25, of Oakville, Ont., Supt. Dan Kinsella of Hamilton police announced Wednesday afternoon. more »

Harper 'not consulted' about Duffy Senate expense repayment: Prime Minister Stephen Harper says that not only did he not know about his chief of staff's "gift" to repay Senator Mike Duffy's expenses before the story broke in the media, he was not consulted and did not sign off on Nigel Wright's decision to write a personal cheque. more »
2 infants confirmed among dead of Oklahoma tornado: Rescue workers raced to complete the search for survivors and the dead in the Oklahoma City suburb where a mammoth tornado destroyed countless homes, cleared lots down to bare red earth and claimed 24 lives, including those of 10 children. more »
'You will see him again in heaven,' Sharlene Bosma tells daughter: Sharlene Bosma told more than 1,000 people at the public memorial service for her slain husband, Tim Bosma, about the love they shared. more »
Mayor Ford stays silent while his brother defends him: Toronto Mayor Rob Ford continues to stonewall the media over allegations that he was recorded on video smoking what appears to be crack cocaine, but his brother Coun. Doug Ford told reporters Wednesday that the story is untrue. more »

Must Watch

Latest Politics News Headlines

Harper 'not consulted' about Duffy Senate expense repayment

Harper 'not consulted' about Duffy Senate expense repayment: Prime Minister Stephen Harper says that not only did he not know about his chief of staff's "gift" to repay Senator Mike Duffy's expenses before the story broke in the media, he was not consulted and did not sign off on Nigel Wright's decision to write a personal cheque. more »

Mike Duffy's primary home not P.E.I., unedited Senate report says: A copy of the original report by an internal Senate committee on Senator Mike Duffy's expense claims, obtained by CBC News, makes it clear the committee believes Duffy's primary residence is in Ottawa, and not in P.E.I. more »
Nanos Number: Few see positives in current political climate: Nik Nanos digs beneath the numbers with CBC New Network's Power & Politics to get to the political, economic and social forces that shape our lives. This week: Few Canadians believe the current political environment will result in positive results. more »
Internet bill would unlock personal details, says watchdog: The Harper government's recent bid to give police more information about Internet users would have unlocked numerous revealing personal details — from web-surfing habits to names of friends, says a new study by the federal privacy watchdog. more »
Wallin refuses to answer questions about repaying expenses: Speaking as an independent Saskatchewan senator for the first time, Pamela Wallin is not answering any questions about whether or not she has repaid expense money. more »

More Headlines »

The National

The House

Questions mount for Harper and chief of staff Nigel Wright in Senate scandal May. 18, 2013 1:15 PM This week on The House, with Senators Wallin and Duffy now out of the Conservative caucus, we get reaction from NDP Ethics critic Charlie Angus. We also hear directly from Senator Patrick Brazeau who says the Conservatives have thrown him under the bus. Plus we speak with B.C. Premier Christy Clark after her stunning victory.