According to the Cable the Independent National Electoral Commission (INEC) says its result viewing (IReV) portal has come under attack from hackers across the world.
Mahmood Yakubu, INEC chairman, said this while delivering a keynote address at a stakeholders’ conference on election result management on Friday in Abuja.
The conference was organised by YIAGA Africa, a civil society organisation (CSO), to launch the election result analysis dashboard (ERAD) report agenda.
Yakubu said the commission has recorded several attempts to hack the cyber security system of the result viewing portal.
“Another technical concern for us is the repeated attempts to break through our cyber security system for the portal,” he said.
“Our engineers reported several cyberattacks on the portal during the Ekiti and Osun governorship elections, some of them from as far as Asia. I am glad to note that all of them failed.
“However, while we are confident in the security solutions that we have deployed for IReV and all our web presence, we must remain vigilant and continue to strengthen our defences. We have tasked our engineers to do everything possible to fully protect the IReV and all our web resources.”
Yakubu also stated that INEC is working to address other challenges which are administrative in nature.
“For example, we found that some of the low-quality uploads that occurred in the field, which some of the observers have also noted, were due to the unavailability or substitution of presiding officers that were trained prior to the elections,” he said.
“We shall administratively deal with this challenge and ensure that only adequately trained Presiding Officers are deployed for elections.
“Also, more hands-on training may be required to ensure that all those involved throughout the value chain of the IReV are fully ready for what is bound to be a major outing during the 2023 general election.”
END OF THE CABLE NEWS
As a cybersecurity professional, I have valid reason to be worried about the future of electoral process, as INEC intends to go electronic, with respect to transmission and collation of election result.
I saw this coming when I made a representation to the APC Constitution’s Review and Drafting Committee for the need to amend its constitution and make provision for ICT Directorate and ensure the including of a functional cybersecurity unit to headed by a tested cybersecurity professional. I was excited that the party considered my genuine intention and created ICT Directorate in its amended constitution, which was ratified during the 2021 National Convention.
What I am not aware is if the party has actually implemented the provision of the amended clause in the Party’s National Secretariat.
Political parties need to have an Information Security Professional, either as consultant or in the party’s functional operational unit to help implemented time-tested security measures for the party.
For instance, in information security industry, there are professionals called Penetration Testers, these sets of IT professionals possess the ability to conduct security assessment of systems, applications and networks to determine if they are vulnerable to attack. In the case of INEC election result portal, an IT security professional who knows his job can run a penetration testing on the Portal and advise his party of the potential vulnerability of the portal. That would enable the party to engage INEC on loopholes found on the portal by its IT security officer.
It is at such point that INEC, if it wants to be seen as a responsible Electoral umpire, that it can call for a demonstration on vulnerability found. That way, quick and time-tested fix can be deployed to forestall possible cyberattack.
Now that it has happened, INEC, political parties should be on RED ALERT.
To be forewarned is to be forearmed
I am Destiny Young
