Unknown hackers have attacked the website of Colombia’s National Registry, which on Sunday will be responsible for one of the most important votes in the country’s recent history, a referendum on peace with FARC rebels.
The hack came to light when citizens who had consulted about their polling station posted complaints on social media that, according to the website, they had deceased. Others read that their polling station had been had been pulled.
“Smile if you’re alive”
Those who received that message were wrongly advised to visit the nearest National Registry office and request their status be revised.
The National Registry, however, had earlier announced it would not allow the inscription of new ID papers until after the provisional referendum.
Another message appeared on the website, below the button to consult polling stations, saying “Smile if you’re alive.”
According to National Registrar Juan Carlos Galindes, the consulting application on the website “was the subject of a cyberattack, which resulted in our security system to react immediately and suspend” the page where people can look up their polling station.
Galindes stressed the hack only compromised the website, not the voter database.
Opposition calls fraud
But according to the conservative opposition party Democratic Center, the electoral website was an attempt to voter fraud by the government, who they oppose in the peace referendum.
Several CD senators were quick to exploit the hack after it was announced, looked up their own polling station, found out the universal error also appeared with them and immediately accused the government of “cooking up fraud.”
The party is he only congressional opponent of the peace deal with the government and, according to pollsters, likely to lose the vote on Sunday.
While the hack in no way seemed to have affected the National Registry’s voter database, the hack did reveal the vulnerability of the Register’s Office’s website just days before the referendum.
More attacks to come?
“To execute this attack it was crucial to have the passwords to enter. It is possible somebody leaked this and the possibility exists the attackers were able to decipher them,” security information company Adalid director Andres Guzman told newspaper El Tiempo.
The National Registry website was attacked and effectively shut down in previous elections.
Guzman considered the security breach “very serious” and warned that the number of attacks could increase ahead of the vote that will either result in the public ratification of the peace deal or the suspension of the FARC’s ongoing demobilization and disarmament.
Ironically, the attack took place exactly when Technology Ministry was inaugurated a forum on cyber security.
Hackers have successfully shut down numerous Colombian government and police websites in the past few years.
Globally, there has been a major increase in the use of cyber crime in times of electoral cycles in Colombia and beyond.
The director of the Democratic Center, Oscar Ivan Zuluaga, and several others within the party are investigated for using cybercrime ahead of the 2014 elections. One campaign employee, a renowned political hacker, was sentenced for obtaining classified information for electoral purposes.
Most recently, hackers were able to access email correspondence from the United States Democratic Party leadership, which severely disrupted the American election cycle ahead of the November presidential election.