Comelec website hacked anew over VCMs


THE website of the Commission on Elections (Comelec) was again hacked by a group demanding activation of all security features of vote counting machines (VCMs) that will be used in the May 2016 elections as mandated by law.

According to Senior Commissioner Christian Robert Lim, the hacker, Anonymous Philippines, was the same group that also defaced the Comelec website last year.

“This is the second time that they hacked our website. But it’s back to normal now,” Lim said on Monday.

The latest intrusion was disclosed by Comelec spokesman James Jimenez in his Tweeter account on Monday morning.

Jimenez said the poll body’s Information Technology (IT) group is instituting additional safeguards to prevent another attack.

“Our IT group is now sorting it out,” he added.

The poll body spokesman said the site was defaced by the hackers on Sunday night.
Jimenez, however, noted that the hackers did not inflict any material damage and failed to intrude into sensitive records of the Comelec.

“I want to emphasize that the database in our website is accessible to the public. There is no sensitive information there. We will use a different website for the elections, especially for results reporting and that one we are protecting very well,” he said.

In a message posted on the Comelec website, the group called on the Comelec to activate the security features of the VCMs.

“One of the processes by which people exercise their sovereignty is through voting in an election–where people choose the candidates who will best represent them under the principle that ‘public office is a public trust.’”

“But what happens when the electoral process is so mired with questions and controversies? Can the government still guarantee that the sovereignty of the people is upheld?” it said.

Comelec Chairman Andres Bautista gave assurances that all the security features of the VCMs will be activated, including issuance of receipts as ordered by the Supreme Court.
But Gus Lagman, a former commissioner of the poll body, said the cyber attack showed the vulnerability of the Comelec website.

Lagman, however, added that it will be difficult to hack into the VCMs and manipulate the votes during election day.

“Usually hackers need hours and even days for them to study how they can hack into a system, and the VCMs do not give them the needed time to do it,” he explained.

Lagman said hackers will have to “invade” more than 90,000 machines in order for them to manipulate results of the elections.

“That is why I’m not worried with external hacking. What I’m worried about is the internal tampering or inside job,” he added.

Meanwhile, Lito Averia, an IT expert from the National Citizens’ Movement for Free Elections or Namfrel, said the Comelec really needs to beef up its website security.

“What can be attacked right after election day is the Comelec’s website where election results will be posted, assuming the same level of security as the current website will be installed,” Averia added.


Please follow our commenting guidelines.

Comments are closed.