The very first case of a cyberattack against online election data has occurred in South Florida, involving more than 2,500 “phantom requests” for absentee ballots last summer. This news comes in the wake of attacks on high-profile individuals, including the Vice President and First Lady, which we wrote about here.
The "phantom requests" were sent to the Miami-Dade County elections website using a computer program. When the "phantom requests" were flagged, Florida elections staff checked with voters to see if they requested an absentee ballot. Although state officials blocked the Internet Protocol address where the requests originated from, the hacker eventually switched to different IP addresses. The mysterious requests eventually stopped, but the hackers were never identified.
Although there have been past allegations of U.S. election system hackings – such as a 2006 incident in Sarasota, Fla., when a computer worm allegedly dismantled the county elections voter database – investigations into those events have traced them to software glitches or machine failures. “It’s the first documented attack I know of on an online U.S. election-related system that’s not [involving] a mock election,” said David Jefferson, a computer scientist on the board of directors of the Verified Voting Foundation. This case exposes the danger of putting states’ voting systems online – whether that’s allowing voters to register or actually vote.