Florida confirms cyber attack on voting systems

Authorities in Florida have announced that a voting fraud incident in last year's elections was partially the work of a cyber attack.

A grand jury investigating fraud in Miami-Dade County reported that during last year's primary election an automated program was used to manipulate the state's absentee voter registration platform.

The attack, which was spotted and thwarted by security protections in the system, rapidly applied for some 2,500 absentee ballots. Administrators only caught the attack when the registration system reported an anomaly in the traffic patterns.

After an investigation, the requests were traced back to IP addresses in India, the UK and Ireland, though the addresses were likely the work of a traffic anonymising tool being used by the attackers.

Had the attack been successful, the individual could have had access to enough absentee ballots to shift the outcome of the local election.

The incident has led to calls for the state to beef up its security protections for voter registration and require absentee voters to log in through a secured site with a user name and password.

"The security of the on-line absentee ballot request system is very low as there are no specific log-ins or passwords required by the voter requesting a ballot," the grand jury concluded in its report.

The security of online voting processes and has long been an area of scrutiny both for officials and the voting public. Experts have in the past worried that connected systems such as electronic voting booths can be compromised by an outside attacker and manipulated to influence elections.

Last year, encryption and security expert Bruce Schneier warned that securing online voting machines would prove next to impossible.