The company that ran the online voting system used to help choose the winner of the weekend’s NDP leadership race is now blaming several hours of delays on a “malicious, massive” attack on its voting system. In a news release, Barcelona-based Scytl said “well over 10,000 malevolent IP addresses” were used in a Distributed Denial of Service attack, which generated hundreds of thousands of false voting requests to the system. “We deeply regret the inconvenience to NDP voters caused by this malicious, massive, orchestrated attempt to thwart democracy,” Susan Crutchlow, general manager of Scytl Canada said in a statement. The attack effectively “jammed up the pipe” into the voting system, delaying voter access, the statement said. “This network of malevolent computers, commonly known as a ‘botnet,’ was located on computers around the world but mainly in Canada.”
The system slowdown was a frustration for delegates at the NDP convention on Saturday in Toronto, who had been told they would be able to cast their ballots online to avoid long lineups at the Toronto convention. However, many members could not access the system at all, or their attempt to vote timed out.
… Denial-of-service attacks are “fairly common” online, digital public affairs strategist Mark Blevis told Power Play. Typical targets include government and e-commerce websites, he said. “It’s relatively easy to do, it’s malicious enough without actually, say, breaking the law by, for example, stealing credit card numbers,” Blevis said