'This malicious, massive, orchestrated attempt to thwart democracy' - Macleans.ca

‘This malicious, massive, orchestrated attempt to thwart democracy’


Scytl Canada, the company that conducted the NDP’s online voting, explains what happened this weekend.

This was an organized and large-scale Distributed Denial of Service (DDoS) attack launched against the voting system in an orchestrated, professional, albeit illegal manner.

Well over 10,000 malevolent IP addresses (computers) have been identified so far, as having generated many hundreds of thousands of false voting requests to the system. This effectively “jammed up the pipe” into the voting system, delaying voter access. This network of malevolent computers, commonly known as a “botnet”, was located on computers around the world but mainly in Canada.

The required organization and the demonstrated orchestration of the attack indicates that this was a deliberate effort to disrupt or negate the election by a knowledgeable person or group.


‘This malicious, massive, orchestrated attempt to thwart democracy’

  1. Sounds amazingly like what was done to the gun registy when it was being set up….tie up the phones, back up the paperwork system….with idiotic questions, and deliberate mistakes…..anything to make the start-up expensive and difficult to use.

    • Actually, sounds much more like what happened to me when I tried to get Stones tickets a few years ago, but don’t let the fact denial of service attacks tend to emanate from the same sort of people that like to occupy things dissuade you from another anti-Harper rant.

      Methinks  Broadbent’s vast minion network was responsible. 

      •  Nah….prolly aliens. Seems about as likely.

      • Ed Broadbent thwarted you from getting Stones tickets?!  What a douche.

    • Lol right. A low tech attack on the gun registry by citizen activists vs a high tech attack by proffesional hackers.

      I didn’t know Harper had gotten the proffesional hackers vote. Somebody notifiy Vic Toews ! He has nothing to worry about now.

      Good God Emily. Is anything not a conspiracy theory done by the evil Harper ?

      •  This isn’t high tech, anyone can do it.

        And the method used is irrelevant….it was a deliberate attack.

        You might also note the company said this, not me…and no one has used the name ‘Harper’…..yet.

        I have no idea why anyone would do it….it would bog the system, and slow the vote but it wouldn’t change the results.  Seems to have no purpose other than being a pain-in-the-ass one

        • You implied Conservatives were behind this.

          Instead of saying this was like any other standard denial of service attack (for which anonymous is famous) you said:

          “Sounds amazingly like” a low tech attack from a decade ago done by the Conservatives to imply that they were behind this.

          Heck even the NDP robocalled a Quebec MP who defected to the Liberals.

          Maybe its sweet revenge.

          •  They’d be the most likely bunch….it’s not like it’s the only such attack they’d have done

          • I would not put anything beyond the Harper Conservatives, but I do wonder a bit about how much any party would hope to gain by messing up the online portion of a leadership vote.  As mentioned above, without further information, I would not rule out a more mundane reason, having to do with a combination of the Spanish company, the voters, the instructions, etc.

            This computer problem only seemed to come up in the latter ballots.  Also, didn’t the number of voters go up a bit on the final ballot?  So, it would seem the delay may have been put to good use as there were over 60,000 eligible voters not casting ballots – presumably the campaigns were still trying to get out additional voters.  Maybe this caused some confusion about voting and required ID/process.

          • “They’d be the most likely bunch”

            errr right. The party with the oldest voters and the least tech savy is most likely behind an attack that hacker groups do every day.

            You’ve officially jumped the shark here Emily. That’s just nutty.

      •  @yahoo-K5XAITELSHKETDEDYIH6U5AF54:disqus

        Oh NOW you’re claiming to be old and out of it!   LOL

        Best. Excuse. Ever.

        • I wasn’t talking about myself.

          Do YOU believe i’m behind this ? The conspiracy theories just get weirder and weirder don’t they ?

          Now the Macleans comment board was somehow involved in an old timers attack on the NDP because of something done with the gun registry a decade ago.

        • It’s now referred to as the Toews defence.

          • LOL!

  2. Thwart democracy – that’s a bit much.  These parties are private organizations after all.  It does however put some light on computer voting at general elections = bad idea, at least for now.

    Through the whole affair I felt like I was watching some ‘reality show’ where obviously everything is orchestrated.   I probably don’t understand the workings of preferential ballots cause I don’t understand why we were kept waiting for the results of four ballots when, out of the total 59,210 votes in the final round, 55,659 were advanced votes.  There was more than 12,000 votes separating TM and BT on the last ballot! Seems to me the end was known before the convention took off.  But, as I said, I haven’t thought about this with a calculator and all, it’s the impression I was left with.

  3. Hmm…10,000 “malevolant IPs”. Isn’t that about how many people were supposed to vote electronically?

    Maybe the NDP should have looked for the evil bit in the IP packets for their vote.

    Seriously for a moment…these guys can’t even secure their own network for a leadership vote. I’m supposed to trust them with CSIS?

    • And yet you still hold trust for harper’s government?  I sure don’t trust them to tell the truth on anything anymore.

    •  This is a company hired by the party for the vote….and they clearly said there was no breach of security.

      Don’t confuse this with govt computers…they are not remotely the same.

      • Because IT companies are notoriously honest and transparent when it comes to security breaches….

        And I very much look forward to you explaining how “govt computers” are different from privately owned computers.

        •  I don’t know why every little detail has to be explained on here.

          You could look up the company for yourself


          So unless a private company hired by the NDP is running CSIS…..

          • So…. you have no idea what you’re talking about…. again.

          • I see you’ve adopted Romney’s motto:

            “”You always accuse the other guy of what you’ve done yourself.””
            — Mitt Romney on the nature of politics

          • @OriginalEmily1:disqus 

            I know you are, but what I am?

    • There’s no real way to “secure” your site from a DDoS attack. The best you can do is have a network of redundant servers and adaptive load balancers in place. Something that’s not exactly a cheap endeavor.  I mean, perhaps you can blame the NDP for thinking people are basically decent and wouldn’t bother trying to screw with their internal election, but I’d rather they thought that than constantly be thinking that they’re the victims and everybody else in the big bad world is out to get them.

      As for the CSIS things, despite what most conservative supporters think, the goal of the governing party is supposed to be governance, not administration. Administration is left to the experts, who are paid by public money.

    • If the NDP outsources to a Spanish-based company for their nomination, why won’t they let the Red Army’s servers handle CSIS traffic? Safe and secure. Could Harper.INC do any better? worse?…

    • It seems to have escaped your notice that under the current government, the Departments of Finance and Treasury Board, along with Defence Research and Development Canada were hacked so hard, so deep, and for so long that they had to shut down all Internet use by staff.http://www.cbc.ca/news/politics/story/2011/02/16/pol-weston-hacking.html Conservatives talk a great line on security threats but go on dates with foreign operatives while Chinese spies set up shop inside our sensitive financial databanks.

      So far the focus of the Conservatives’ security efforts are to use national security as an excuse to cover up ineptitude in Afghanistan, introduce legislation to spy on Canadians and target video and music downloaders.

      The NDP doesn’t have to reach far to surpass the security bar set by this government.

  4. It would be useful if the media could ask this company what evidence they have that the IPs were malicious.  I was surprised at how small the number of online voters was compared to about 60,000 eligible voters who did not vote.  Could it be that some were making repeated attempts to vote and not doing it correctly?  Before jumping to conclusions about malicious intent, one needs to rule out more mundane reasons having to do with the company and the voters.  It would be good if the press could get answers for this kind of analysis.

    • There’s easy metrics to be able to tell DDoS attacks from valid users.  Frequency of transmission being the primary one. Unless you’re assuming that NDP voters sat there and simply hammered on the submit button as fast as their finger could click the mouse.

      • Yes, but we haven’t been given any metrics.  Just struck me that their claim of total number of malicious attempts was not much more than the number of voters who could have voted but chose not to and that apparently was enough to significantly delay everything.  

        • No, we haven’t. But at a certain point we have to realize that we aren’t the experts. If we have to verify everything personally, why bother having experts at all?

          • Well the company is not going to admit it if they weren’t capable of handling the total number of eligible voters, will they?  So, a few technical questions might give a clearer picture of what actually happened.

          •  The company is a world leader.

          • World leader?  I know they say so, but 10,000 IPs is only a fraction of the eligible voters who did not vote and their number suggests 10 or more attempts per IP.  Given the number who were eligible to vote, this seems like a perturbation that should not have bothered them.  Maybe the numbers we are getting are wacky, maybe there is other info we are not getting, or maybe they messed up and won’t admit it.  But kind of makes you wonder what if most of those non-voting members actually had tried to vote online.  By now, we still wouldn’t know who had won!!

      • I’ll buy that. As long as Scytl ‘Canada’/Barcelona releases all the data and metrics.

    • Scytl’s servers were swamped when all 4 votes came in simultaneously.

  5. Scytl Canada is a Spanish e-Voting corporate branch, incidentally.

    We have a Canadian company, eVote. But apparently the NDP is too good for them.

    •  Ahhh now the flag gets waved.

    • Perhaps the NDP was being careful with money.  Some parties understand what that means, after all.

      • Sure. Doesn’t Dear Robot’s party make the same argument? Shop foreign, good econ.

        • There’s a difference between public money and private money.

          • Really? Do you think global economic restructuring artists really care?

      • Actually, I recall a NDP criticism of Liberals not using a Canadian company during an election – don’t recall what it was they purchased, but the criticism sounded stupid to me. Of course, Layton criticizing Dion for his dual citizenship sounded stupid to me too.  Maybe Mulcair won’t go off on such stupid things – at least we can count on him to keep his mouth shut if another party leader has dual citizenship.  Haha.

      • Oh, just a fun co-incidence. Let’s not start tin-hat rumours.

  6. “…attempt to thwart democracy.”

    ‘thwart democracy’

    When a corporation uses ‘thwart’ in conjunction with ‘democracy’, you must know there is some serious evil afoot.

  7. test

    • received.

      • No no, the answer is 42

        • What was the question?

  8. I feel comforted when the company involves uses proper technical terminology like “jammed up the pipe”.

    But in all seriousness, it’s good to see Anonymous attacking the NDP, who sees (or at least until now) as force of good, and not the criminal organization that they really are. 

    • If it were true, the irony would be delicious.