TORONTO, March 27, 2012 /CNW/ - Delays in the final rounds of voting in
last Saturday's Federal NDP Leadership Convention were caused by a
deliberate, large-scale Distributed Denial of Service (DDoS) attack
that attempted to deny NDP members access to the online balloting
system. While the attack temporarily slowed down the voting process, at
no time was Scytl's highly sophisticated security system penetrated. An
onsite independent audit by Price Waterhouse Coopers confirmed that no
ballots cast by credentialed NDP members were added, subtracted or
DDoS attacks typically attempt to crash or greatly slow down websites by
saturating servers with bogus external communications requests that
deny legitimate users access. Governments, banks, credit card companies
and high-profile political or organizational websites are common
targets of DDoS attacks, often launched as protests by the
organization's political or economic opponents. A forensic
investigation is now underway to attempt to locate the source(s) of the
attack on the NDP vote.
"We deeply regret the inconvenience to NDP voters caused by this
malicious, massive, orchestrated attempt to thwart democracy," says
Susan Crutchlow, General Manager of Scytl Canada.
"We are proud, however, that our robust system, which is used by many
governments around the world, repelled this attack, did not crash, and
completed its mission of giving all NDP members who wished to vote the
opportunity to do so securely."
Crutchlow praised NDP convention vote organizers for their level-headed
response to the dramatic situation and their confidence that Scytl's
large, on-site technical staff could handle the attack.
"When we diagnosed the problem and explained what we needed to do to
respond, they were calm and cooperative and extended the voting time to
ensure the integrity of the process, even in the face of media
criticism and groundless speculation. They should be congratulated for
their unwavering respect for their members' right to choose their new
A preliminary analysis of the sequence of events follows. More
information will be released as the investigation proceeds.
Scytl Canada was contracted by the New Democratic Party of Canada in an
open, global competition to provide the voting services for both
advanced and election-day balloting. The advanced balloting was
performed via electronic and mail-in ballots using a preferential
voting process. This occurred flawlessly, without incident.
The first round of balloting began at 5:00 p.m. on Friday, March 23 and
was completed on schedule at 09:00 a.m. on Saturday, March 24, 2012.
When the second round of balloting began at 11:00 a.m., there were some
initial voter delay and timeout reports that quickly increased in
On receipt of these reports, Scytl determined that the voting system was
operating normally and the user delays were being caused by a growing
volume of external voter requests. The logs of automated monitors such
as Intrusion Detection Systems (IDS) and firewalls were analyzed and
Scytl quickly recognized that this might be an external attack on the
system. Scytl technicians commenced standard mitigation procedures
including increasing the system throughput, identifying and blocking
malevolent IP sites and other actions.
Within 20 minutes following the evidence of external attacks, Scytl had
an additional team of over twelve high-level personnel involved in
these mitigation activities, which allowed the voting portals to be
kept open albeit in a slower mode. By keeping ahead of the attackers,
Scytl was able to allow the voting process to proceed with an overall
Preliminary Attack Analysis
Scytl has performed a preliminary forensic analysis on the attack and
has concluded the following:
This was an organized and large-scale Distributed Denial of Service
(DDoS) attack launched against the voting system in an orchestrated,
professional, albeit illegal manner.
Well over 10,000 malevolent IP addresses (computers) have been
identified so far, as having generated many hundreds of thousands of
false voting requests to the system. This effectively "jammed up the
pipe" into the voting system, delaying voter access. This network of
malevolent computers, commonly known as a "botnet", was located on
computers around the world but mainly in Canada.
The required organization and the demonstrated orchestration of the
attack indicates that this was a deliberate effort to disrupt or negate
the election by a knowledgeable person or group.
ABOUT SCYTL CANADA
Scytl Canada is a company incorporated in Toronto, Ontario. Scytl Canada
is a subsidiary of Scytl Secure Electronic Voting.
Scytl Secure Electronic Voting (www.scytl.com) is a technology company specializing in the development of secure
electronic voting and electoral modernization. It has conducted over
100,000 voting events since its founding in 1994.
Based in Barcelona and with subsidiaries in Baltimore, Toronto, New
Delhi, Athens and Kiev, Scytl's solutions have been used in public
elections by governments from countries such as the United States,
United Kingdom, France, Canada, Norway, Switzerland, United Arab
Emirates, South Africa, India and Australia, among others.
SOURCE SCYTL CANADA
For further information:
Susan Crutchlow, 289 795-3252. Email: firstname.lastname@example.org
Scytl Canada Inc.
1155 North Service Road West
Oakville, ON L6M 3E3