So, all of the problems we just talked about are things that can go wrong on the
voter's PC. They're client side threats.
There's some equally worrisome problems that can happen on the server.
The, the web server that the voting officials maintain in order to provide
that web site and to accept the ballots that voters submit.
Now the sad state of internet security is that both client side and server side
threats are extremely widespread problems in other kinds of online applications.
And, and, and both very hard to defend against.
But I want to talk about some of the most important server side threats for voting
today. So one threat and one of the easiest kinds
of attacks to carry out is something called the denial-of-service attack.
A denial-of-service attack just tries to knock the server offline, so that real
users can't get to it. Or to make it so slow that real users go
away. Remember those botnets we talked about at
the end of the last segment? Well botnets can be used to commit a
massive form of denial-of-service called the distributed denial-of-service or DDoS
attack. This is where potentially thousands of
infected computers on the internet just try to access the server at the same
time, overwhelming it with traffic. These servers might try to reload that
webpage as many times as they can, all the time, as long as the denial of service
attack is going on. This kind of attack has become a popular
form of hacktivism. And there tools like this.
Something called the Low Orbit Ion Cannon. That are available to people to
voluntarily take part in a denial-of-service attack, and use their
home computer as part of a, a massive mob of machines attacking a particular site
that has invoked the ire of the protesters. This kind of tool was used recently to
attack websites of major credit card operations after those credit card
operators stop doing business with the website Wikileaks.
We've also seen examples of denial of service against elections online.
One example from 2012 involved a party election in Canada.
Where the National Democratic Party held an election that was partly interrupted by
denial of service. Another kind of threat against the server
side, is the threat of insider attacks. An insider attack is attacks by trusted
people. Are as much or more of a threat in
Internet voting as they are in other electronic voting systems like DRE voting.
So, if the insiders include people who develop the, the Internet voting system.
People who are running the systems for the elections.
The election authority people who make other pieces of software, commercial
off-the-shelf software for instance that's running on those machines.
Insider attacks are particularly severe, particularly severe possibility with
online voting because its not simply enough to set the system for election and,
and then go away. Any online service has to be able to
respond to attacks as they happen and so people have to be logging into these
servers to monitor them, potentially to update things if new kinds of problem are
discovered. All the time, there are new software
glitches, vulnerabilities discovered in different kinds of server software.
And so we have to update that software as soon as possible in order to prevent the
attack from happening. With a, an online voting system we're
faced with two possibilities. If an attack is discovered shortly before
the election, we can either update the software and install new software that
potentially hasn't been tested, hasn't been vetted for, kinds of flaws or, or,
or, insider attacks embedded in it. Or we can, we can wait and not update the
software, but then, we're running an election on something that's already known
to be vulnerable. So we're, we're face with the we're face
with an extremely difficult, perhaps impossible choice there.
Since an online voting system has to count votes in secret like any other kind of
voting system. This just further complicates defenses
against insider attacks, since we can't be constantly monitoring the results as
things are going on. From the voter's perspective with the
simple online voting system of the, the model that, that we described at the
earlier in this lecture there's just voters have to take the, the word of
election authorities and the people who develop the server software that their
votes are actually being counted. Another kind of threat is remote
intrusion, and this is the sort of thing that is enabled by bugs, glitches,
vulnerabilities as we called them in online server software.
If there certain kinds of flaws in the software that's, that's serving the
website then remote parties can get in. Attackers can access the servers.
Potentially run software on them. Potentially change data on them.
Steal data etcetera. In the context of voting this is really,
really scary since the server is maintaining what is usually the only copy
of the votes. Now, a particularly dangerous kind of
server side intrusion is the result of something we call an advanced persistent
threat, or APT. And what an advanced persistent threat is,
is this is an attacker who is who is specifically targeting a particular a
particular server or host. Now, to explain the distinction many
attacks online are, are just the result of criminals looking for any vulnerable
systems that they can find. They don't care if it's a server at, at a
business or a machine in someone's home. They just want to infect a machine in
order to enlist yet another member of their bot net army.
An advanced persistent threat involves an attacker who's expending all of its
resources to attack you. Now this kind of attack, if the attacker
is well resourced can be extremely difficult to defend against.