More than 10,000 IP addresses used in attack on NDP vote
The company that ran the online voting system used to help choose the winner of the weekend's NDP leadership race is now blaming several hours of delays on a "malicious, massive" attack on its voting system.
In a news release, Barcelona-based Scytle Canada said "well over 10,000 malevolent IP addresses" were used in a Distributed Denial of Service attack which generated hundreds of thousands of false voting requests to the system.
"We deeply regret the inconvenience to NDP voters caused by this malicious, massive, orchestrated attempt to thwart democracy," said Susan Crutchlow, general manager of Scytl Canada in a statement.
The attack effectively "jammed up the pipe" into the voting system, delaying voter access, the statement said.
"This network of malevolent computers, commonly known as a 'botnet,' was located on computers around the world but mainly in Canada."
The system slowdown was a frustration for delegates at the NDP convention on Saturday in Toronto, who had been told they would be able to cast their ballots online to avoid long lineups at the Toronto convention.
However, many members could not access the system at all, or their attempt to vote timed out.
Because of the delays, Thomas Mulcair was not declared the winner until around 9 p.m. ET. Results were originally expected by late afternoon, and many delegates eventually left the convention before the results were in.
Despite the slowdown, Scytle bragged in the news release that security was not compromised and the integrity of the system was not affected.
"While the attack temporarily slowed down the voting process, at no time was Scytl's highly sophisticated security system penetrated," the release stated, noting that an independent audit by Price Waterhouse Coopers confirmed no ballots were affected.
The statement said a team of 12 high-level personnel were brought in as soon as the problem was identified as an external attack, and "Scytl was able to allow the voting process to proceed with an overall three-hour delay."
Susan Crutchlow, general manager of Scytle Canada, praised the NDP for its "level-headed" response to the problems.
"They were calm and co-operative and extended the voting time to ensure the integrity of the process, even in the face of media criticism and groundless speculation," Crutchlow said in the statement.
At first, long delays were attributed by the party to larger-than-expected voter turnout.
However, only about 9,500 votes of the 65,000 total were generated on the weekend, with the vast majority of party members voting in advance.
Scytle is based in Barcelona and has subsidiaries in Toronto, Baltimore, New Delhi, Athens and Kiev.
In a news release, Barcelona-based Scytle Canada said "well over 10,000 malevolent IP addresses" were used in a Distributed Denial of Service attack which generated hundreds of thousands of false voting requests to the system.
"We deeply regret the inconvenience to NDP voters caused by this malicious, massive, orchestrated attempt to thwart democracy," said Susan Crutchlow, general manager of Scytl Canada in a statement.
The attack effectively "jammed up the pipe" into the voting system, delaying voter access, the statement said.
"This network of malevolent computers, commonly known as a 'botnet,' was located on computers around the world but mainly in Canada."
The system slowdown was a frustration for delegates at the NDP convention on Saturday in Toronto, who had been told they would be able to cast their ballots online to avoid long lineups at the Toronto convention.
However, many members could not access the system at all, or their attempt to vote timed out.
Because of the delays, Thomas Mulcair was not declared the winner until around 9 p.m. ET. Results were originally expected by late afternoon, and many delegates eventually left the convention before the results were in.
Despite the slowdown, Scytle bragged in the news release that security was not compromised and the integrity of the system was not affected.
"While the attack temporarily slowed down the voting process, at no time was Scytl's highly sophisticated security system penetrated," the release stated, noting that an independent audit by Price Waterhouse Coopers confirmed no ballots were affected.
The statement said a team of 12 high-level personnel were brought in as soon as the problem was identified as an external attack, and "Scytl was able to allow the voting process to proceed with an overall three-hour delay."
Susan Crutchlow, general manager of Scytle Canada, praised the NDP for its "level-headed" response to the problems.
"They were calm and co-operative and extended the voting time to ensure the integrity of the process, even in the face of media criticism and groundless speculation," Crutchlow said in the statement.
At first, long delays were attributed by the party to larger-than-expected voter turnout.
However, only about 9,500 votes of the 65,000 total were generated on the weekend, with the vast majority of party members voting in advance.
Scytle is based in Barcelona and has subsidiaries in Toronto, Baltimore, New Delhi, Athens and Kiev.