Occupy Central

Electoral reform referendum voting hours to be extended after cyberattacks

Organisers are steeling themselves for massive cyberattacks after an 'unprecedented' onslaught

PUBLISHED : Wednesday, 18 June, 2014, 2:54am
UPDATED : Wednesday, 18 June, 2014, 9:18am

Occupy Central organisers will extend the voting hours of their three-day citywide ballot on electoral reform to buffer the exercise against a deluge of cyberattacks.

The electronic system that had been set up to accept advance registrations came under more than 10 billion cyberattacks in a total of 20 hours over the past few days, the organisers said.

One internet security expert said "the scale of attack was unprecedented in the history of Hong Kong" and believed at least 5,000 computers were involved.

The June 20-22 "referendum" can also accept votes at 15 polling stations set up across the city - but these would be opened only on Sunday and could accommodate a total of about 70,000 votes at most, Occupy organiser Dr Chan Kin-man said yesterday.

"We are trying to set up new stations on Sunday, but it is hard as … no [primary or secondary] school has agreed to lend us its premises," Chan said.

He said the cyberattacks of the past days were "definitely" initiated at the state level, as big technology companies would have no motive to do such a thing. "It's hard not to suspect that it is actually our motherland trying to put down the referendum," he said.

Chan said they were making last-ditch efforts to save the system, but would also extend the voting time. He did not reveal more details.

The Occupy Central movement, which threatens to block Central roads in a last push for democracy, has assigned the University of Hong Kong to run the unofficial referendum gauging the public's views on how to elect the next city's chief executive in 2017. Voters can go online from Friday, or cast their ballots at the polling stations between 10am and 10pm on Sunday.

Organisers opened preregistration on smartphone app Pop Vote last Friday, but 30 hours into the exercise, the system was overwhelmed by immense distributed denial-of-service (DDoS) attacks, forcing two out of three service providers - Amazon Web Services and UDomain - to withdraw from the project.

The Internet Society's Young Wo-sang, who offers the university professional advice, said the decisions of the two firms would make the balloting system more vulnerable and thus greatly lower its capacity to handle the 800,000 votes that HKU had prepared for.

"Even Amazon, an international company that services the US government, could not manage it," Young said.

Meanwhile, Zhou Bo, deputy director of the State Council's Hong Kong and Macau Affairs Office, and Basic Law Committee deputy director Zhang Rongshun postponed their visit tomorrow to Hong Kong, where they had planned to explain Beijing's white paper on "one country, two systems", as they had other business to deal with.

Chan said the duo probably wanted to avoid spurring more people into voting in the referendum this week.