By Atty. Howie Calleja
Earlier this year the Department of Information and Technology’s Cybercrime Investigation and Coordination Center (through its executive director Cezar Mancao) in a legislative hearing said that it has discovered that Smartmatic’s systems were compromised. This came to light when Manila Bulletin first reported that Comelec’s servers were supposedly hacked and that a group of hackers was able to download files including usernames and pins of vote-counting machines.
This week Senate President Vicente Sotto III moved to authorize the panel to divulge certain details that were discussed during the executive session. As such, we now know that an employee from Smartmatic without proper authority and clearance brought a laptop outside the work premises to allow certain groups to access and copy files contained in the device. The extent of such data breach has still not yet been revealed. But an FB Post under XSOX Group have divulged some sensitive information which COMELEC claims to be old data, yet a concern nonetheless as to the safety of our electoral process against cyber fraud.
These are all “red flags” in our nation’s electoral cyber security. Internationally, we heard reports which unveiled that Russian and Iranian operative compromised the security of several networks that operated some election functions and materially obstructed the security of networks associated with or pertaining to U.S. political parties, candidates, and campaigns. And cyberattacks during the 2020 US election weren’t restricted to election systems, political groups or campaigns. At a recent cybersecurity workshop, Gary Pruitt, president and CEO of The Associated Press, reported that the news agency was targeted with 10,000 phishing-attempt emails on 2020 Election Day alone. We should note that even though they failed, they still remain as a viable treat to any nation’s democratic process.
We should always be on our guard for when there are attempts to tamper with our country’s automated elections its end goal is always to commit electoral fraud. Electoral fraud “can be defined as any purposeful action taken to tamper with electoral activities and election-related materials in order to affect the results of an election, which may interfere with or thwart the will of the voters” (López-Pintor, 2010). An example of electoral fraud involves gaining unauthorized access to voting machines and altering voting results. And, with our country’s soul at stake we should never fall prey to this kind of disheartenment of the people’s genuine will.
Information and communication technologies are progressively widespread in electoral administration and democratic processes. These technologies offer abundant new opportunities, but also new threats. Cybersecurity is currently one of the greatest electoral challenges, even for countries without any form of electronic voting. It involves a broad range of actors, including electoral management bodies, cybersecurity expert bodies and security agencies. As digital expansions affect more of our societies every day, all countries will need to invest in protecting their elections from these cyberthreats.
