Authorities in Florida have declared that a voting fraud incident in elections last year, centred around absentee ballots, was due in part to a cyber attack. This is the first known example of a cyber attack against an online election system.
Whilst there is the potential for voting machines to be hacked this case is something else completely – what happened is that over 2,500 absentee ballots were requested in a short period of time. Fortunately, administrators discovered the attack when the registration system reported that there was an anomaly in the traffic patterns, namely that the requests were sent from a small number of IP addresses which were located in England, Ireland and India.
If the attack had succeeded then the number of bogus votes would have been sufficient to influence the result of the local election.
“Computer experts say the case exposes the danger of putting states’ voting systems online – whether that’s allowing voters to register or actually vote.”
Following the discovery of the cyber attack there have been calls for the state to increase the security protections surrounding voter registrations as well as a requirement for absentee voters to use a secure site via the use of a username and password (I’m not sure this would deter someone who was determined to influence the voting though!)
Whilst this is the first confirmed incident with the number of elections at local level there is, of course, the chance that such a cyber attack has actually been executed before and been successful both in terms of its aims and in going undetected. Florida’s experience may just decrease the chances of it happening again but we’ll see….