Tuesday, April 05, 2011
Cyber attacks hit Canadians. Again.
Two recent incidents are:
* the Epsilon breach in the US, where Canadian email addresses were compromised
Air Miles among firms hit by huge data breach
* the attack on four Bay Street law firms
Major law firms fall victim to cyber attacks
Now imagine that instead of email addresses and mergers and acquisitions information, the prize was the entire Canadian election, the direction of the entire Canadian economy.
Do you imagine for a second that the same sophisticated computer attackers that have already successfully broken into computer systems will somehow not decide to attack an online voting system? Keep in mind that corporations and law firms have huge financial and reputation incentives to protect their systems, and they still fail. Do you think the government will do any better? Do you think that the millions of Canadians using their personal computers to vote will have better Internet security than Bay Street law firms?
Voting over the Internet is an invitation to successful cyberattack. And following such an attack, the entire integrity of your voting system is compromised. To compromise a paper-based election you need people to physically intervene simultaneously at locations all across Canada, somehow escaping detection of all the citizens and elections officials present. It would require massive coordination and risk of detection and capture. To compromise an Internet-based election, all you need is one person with an Internet connection anywhere in the world, pushing a button.