The source of the cyber attack that disrupted voting at the NDP’s leadership convention in March remains a mystery, and further investigation to find out who was responsible has been dropped. The NDP was the victim of what’s known as a distributed denial of service attack when thousands of members were trying to vote online throughout the day on March 24. These kinds of attacks result in websites crashing or slowing down because the server is flooded with bogus requests for access. Legitimate voters couldn’t access the NDP’s website to vote and organizers ended up extending the time allotted for each voting round, delaying the final result until hours after it was expected. Thomas Mulcair was finally declared the winner at about 9 p.m. Scytl Canada, the company contracted to run the voting, quickly detected what was going on soon after voting began that day and reacted accordingly. They were able to keep the voting going by increasing the system’s capacity and by blocking some of the bogus IP addresses. Scytl, an international company based in Spain, conducted a forensic analysis after the convention but came up dry when trying to pinpoint exactly who was behind the co-ordinated campaign. “They weren’t able to locate the ultimate source of where this was all programmed,” said Chantal Vallerand, acting director of the NDP.
Scytl was able to determine that approximately 10,000 IP addresses were used in the attack and that each computer launched up to 1,000 requests per minute to the voting server. An IP address is a number assigned to an internet connection. An estimated 10 million bogus requests hit the server in addition to the legitimate requests from people trying to vote and jammed the system.
The attacks came from computers mostly across Canada, but some were from outside the country. The ones from outside Canada were literally spread around globe: China, New Zealand, Australia, United States, the Caribbean, India, and parts of Africa and Europe.