 |
| Tim Chapman / Miami Herald |
About 2,000 rejected absentee ballots at Miami-Dade Elections Department, mostly for lack of signatures or review of signatures from the last election.
An attempt to illegally obtain absentee ballots in Florida last year is the first known case in the U.S. of a cyberattack against an online election system, according to computer scientists and lawyers working to safeguard voting security.
The case involved more than 2,500 “phantom requests” for absentee ballots, apparently sent to the Miami-Dade County elections website using a computer program, according to a grand jury report on problems in the Aug. 14 primary election. It is not clear whether the bogus requests were an attempt to influence a specific race, test the system or simply interfere with the voting. Because of the enormous number of requests – and the fact that most were sent from a small number of computer IP addresses in Ireland, England, India and other overseas locations – software used by the county flagged them and elections workers rejected them.
Computer experts say the case exposes the danger of putting states’ voting systems online – whether that’s allowing voters to register or actually vote.
“It’s the first documented attack I know of on an online U.S. election-related system that’s not (involving) a mock election,” said David Jefferson, a computer scientist at Lawrence Livermore National Laboratory who is on the board of directors of the Verified Voting Foundation and the California Voter Foundation.
Other experts contacted by NBC News agreed that the attempt to obtain the ballots is the first known case of a cyberattack on voting, though they noted that there are so many local elections systems in use that it's possible that a similar attempt has gone unnoticed.
There have been allegations of election system hacking before in the U.S., but investigations of irregularities have found only software glitches, voting machine failures, voter error or inconclusive evidence. Where there has been evidence of a computer security breach -- such as a 2006 incident in Sarasota, Fla., in which a computer worm that had been around for years raised havoc with the county elections voter database -- it was unclear whether the worm's appearance was timed to interfere with the election.
In any case, experts say they’ve been warning about this sort of attack for years.
“This has been in the cards, it’s been foreseeable,” said law Professor Candice Hoke, founding director of the Center for Election Integrity at Cleveland State University.
The primary election in Miami-Dade County in August 2012 involved state and local races along with U.S. Senate and congressional contests (see a sample ballot here). The Miami Herald, which first reported the irregularities, said the fraudulent requests for ballots targeted Democratic voters in the 26th Congressional District and Republicans in Florida House districts 103 and 112. None of the races’ outcomes could have been altered by that number of phantom ballots, the Herald said.
Overseas “anonymizers” -- proxy servers that make Internet activity untraceable -- kept the originating computers’ location secret and prevented law enforcement from figuring out who was responsible, according to the grand jury report, issued in December. The state attorney’s office closed the case in January without identifying a suspect.
No hay comentarios:
Publicar un comentario