Cyberattack on Florida election is first known attempt

Experts analyzing last year's election found rejected "phantom requests" for absentee ballots

Published March 18, 2013 9:36PM (EDT)

  (Shutterstock/ mtkang)
(Shutterstock/ mtkang)

In what experts have called the first reported attempt to cyberattack a U.S. election, more than 2,500 “phantom requests” for absentee ballots were sent to Miami-Dade County elections website according to a grand jury report flagged by NBC News Monday.

All the requests were detected and rejected, but the incident has nonetheless raised concerns about cyberthreats to online voting systems. The improper requests came from a small number of computer IP addresses overseas, which drew the attention of election workers. As NBC noted, "it is not clear whether the bogus requests were an attempt to influence a specific race, test the system or simply interfere with the voting." The originators of the phantom requests could not be traced, the grand jury report noted, as they used proxy servers that make Internet activity untraceable.

NBC noted that while there have been allegations of U.S. election system rigging in the past, experts believe this incident to be the first (although long-anticipated) documented cyberattack attempt. Via NBC:

“It’s the first documented attack I know of on an online U.S. election-related system that’s not (involving) a mock election,” said David Jefferson, a computer scientist at Lawrence Livermore National Laboratory who is on the board of directors of the Verified Voting Foundation and the California Voter Foundation.

Other experts contacted by NBC News agreed that the attempt to obtain the ballots is the first known case of a cyberattack on voting, though they noted that there are so many local elections systems in use that it's possible that a similar attempt has gone unnoticed.

There have been allegations of election system hacking before in the U.S., but investigations of irregularities have found only software glitches, voting machine failures, voter error or inconclusive evidence. Where there has been evidence of a computer security breach -- such as a 2006 incident in Sarasota, Fla., in which  a computer worm that had been around for years raised havoc with the county elections voter database -- it was unclear whether the worm's appearance was timed to interfere with the election.

In any case, experts say they’ve been warning about this sort of attack for years.


By Natasha Lennard

Natasha Lennard is an assistant news editor at Salon, covering non-electoral politics, general news and rabble-rousing. Follow her on Twitter @natashalennard, email nlennard@salon.com.

MORE FROM Natasha Lennard


Related Topics ------------------------------------------

2012 Elections Absentee Ballot Cyberattack Florida Voting