AEC Plans ‘Penetration Test’
The Australian Electoral Commission is reportedly preparing to test the security of its core electoral systems ahead of the next federal election by bombarding it, following worries that foreign cyber attackers may have influenced the outcome of last year’s US election.
This also follows last year’s DDos attack on the federal census, which saw the Australian Bureau of Statistics’ census site brought down.
A parliamentary committee last month found that ageing IT systems and inflexible, outdated legislation are posing big risks to the integrity of Australia’s federal voting system. It recommended pumping more money into the AEC to deal with the matter.
The AEC is now on the hunt for personnel to conduct a “holistic security review” of its IT environment and recommend how any vulnerabilities might be addressed, according to an ITNews report;
Part of the procedure will include “penetration testing” on the AEC operating system, alongside limited application layer testing, firewall and ACL testing (at the server level), and database and network equipment security controls testing.