Read time: 3 minutes

Hacking claims cloud Kenya’s elections

Kenya , 10 Aug 2017

Hacking claims cloud Kenya’s elections

From Kenya, hours after the election results started streaming in, National Super Alliance (NASA) presidential candidate Raila Odinga suggested the IEBC (Independent Electoral and Boundaries Commission) result transmission database had been hacked.

According to the IEBC procedure, every result relayed from the polling station had to be accompanied with a scanned copy of form (34A) that showed the manual tallying and the signatures from the party agents. By Wednesday morning, there was only one form on the IEBC portal, while the provisional results showed nearly all polling stations had relayed their results.

Odinga claimed that the IEBC system had been manipulated to give his opponent, Uhuru Kenyatta, a lead in the presidential race. He said that there was an algorithm that subtracted his numbers and added them to those of Kenyatta, who at the time of publishing is believed to have garnered over a million votes.

Odinga also said that the hackers got into the system through identity of the late IEBC IT manager, Chris Musando and manipulated the results. "This is why they assassinated him," he claimed.

A 50-page master log document released online by Odinga includes input from experts within NASA's IT team who have claimed the server the IEBC was using was a Microsoft SQL server.

"Mr. Chris Musando was the super user in this case. Only one super user existed in this core server," according to the team, which added that the super user, in this case, could install algorithms and also remove logging.

"One good thing about the SQL environment and the virtual machine used is that there are always master logs that you cannot delete," the team stipulated.

Independent analysis from a s section of civil society, including The Kenya Human Rights Commission, confirmed discrepancies in the numbers shown on the IEBC portal. They tabled three forms showing different results.

In a rejoinder, the IEBC said that they will only announce the results on Form 34A as the final results should they differ from the text results transmitted. The electoral body is currently uploading the forms in their portal for verification by party agents.

"The election management system is secure. There were no external or internal interference with the system at any point before, during and after the voting. With the reports we saw, we went back to the database we are using. So that you know the RTS (result transmission and presentation) system is based on a database that is very different from the alleged hacked database," said Ezra Chiloba, CEO of the IEBC. "Our team has reviewed the alleged logs and established that the claims being made could not be substantiated from our end."

Read more
Daily newsletter