Kenya’s Independent Electoral and Boundaries Commission (IEBC) chairman has absolved Safaricom of blame over the system failures during Monday’s election, saying his commission was responsible for the problems.
Issack Hassan noted the problems that had seen the electronic transmission of election data stopped were in fact the fault of the IEBC’s IT workforce.
He noted his staff had not received enough training on how to handle the systems, defending corporate suppliers of the hardware, which also Next Technologies, who supplied most of the infrastructure, and JapakGIS, which supplied the software.
IT experts also came to the network provider’s defence, dismissing claims the system had suffered an external hack.
According to Tyrus Kamau, an independent security consultant who specialises in penetration tests, the virtual private network managed by Safaricom was impermeable, with any leak only possible from the inside.
“The system is pretty solid from the outside, meaning that from an external assessment, it would take say a government agency to break in since it’s running on Safaricom’s Virtual Private Network. Now from an insider point of view, an attacker could have the advantage of seating within a trusted network (Safaricom or IEBC) and would be pre-disposed to perform injection attacks,” he says.
Tyrus had earlier said the phone numbers provided by Safaricom to the IEBC had a hard coded intelligence network almost “impossible to intercept”.
On the collapse of the server as a result of lack of disk space, experts say the problem could have resulted from a result of insufficient or lack of Load Tests, which are performed to give an indication of what the system’s breaking point is.
For now the IEBC have resorted to manual tallying and results have started coming in faster than expected, with about 120 of the 290 constituencies already in.
Results are expected on Friday.
