Friday, January 13, 2012

Websites and Hacking

The short reason for this post came about because functions of our website will be inoperable this weekend. 
Some county services are centralized, including website hosting.  The county has a pretty sophisticated redundancy program that thwarts attacks but also which becomes an issue for us when we post election results.  The websites are not updated instantaneously and it takes a few minutes for the updates to go across all of the servers.
So, for instance, we might posts results at 9:45 p.m., but some persons in the county may not be able to see them until 10.
Our website is huge for us.  Our very direct mission for the site is to reduce phone calls.  As mentioned, we have the same staff size we had 20 years ago and we simply don’t have the people to answer all the calls we would get it if we didn’t have the website.  The day before the 2004 presidential election, our office received 8,000 calls, mostly to find out polling place locations.
In 2008, with an aggressive web approach, we cut that in half.
So, our website becomes part of our operation.  We asked the county’s IT group what would happen if our site was compromised on election day.  This is a worry because three election offices in the country have been hacked within the last 12 months.
Anonymous, proud hacker
Even though the website hosting is outside of the control of our office, such a hack could cause voters to wonder what parts of the election could be compromised.  We’d probably never get a chance to explain that our voting tabulation server isn’t connected to the Internet or Intranet and all election programming and testing on the voting machines are done by our office.  (Think Like the Jetsons, Live Like the Flintstones is an approach that works for elections and, as you might guess, will be the subject of a future post).
Even if we could explain that, the confidence would be eroded. 
Further, if our website were down at the wrong time, calls increase, we can’t answer the calls, and people don’t know where to go vote.
So, when I asked the question, I was kind of greeted with a view that, “it’s just a website” (my words).  The point was, the IT manager didn’t see the mission critical need of keeping the website up, that we basically were out of business when it was down.
This weekend, because of power maintenance at the county’s administration building, portions of our site that are stored there will not be accessible.  So, voters who look up their information or where they vote won’t be able to retrieve that on Saturday.  We’ve lived through this before, a couple of years ago, and a four-hour delay became a full day, and this could very well extend beyond Saturday.
I’m sure we will get angry calls and emails.  We’ve sent out a media advisory and posted the information on our website.  I get frustrated when a website is down for maintenance myself.  It’s akin to the feeling of finding a restroom at an airport or office building during the day only to see it closed for cleaning.  Shouldn’t that happen at 3 a.m.?  Likewise, for right or wrong, 3 a.m. seems the only acceptable time, to me, and only until 3:15 for website maintenance.
We have redundant servers at redundant locations, so we need this information stored at all of the sites so that we don’t have any maintenance periods.   I really think even my 3 a.m. to 3:15 a.m. window is so “2000s,” and not acceptable in 2012. 
I’ve asked the IT department to develop, with us, a continuity of service plan in case our site is hacked.  I guarantee you one or more election office websites in the United States will be breached in October or November in some sort of opening page hijack with a message of, “Ha, ha, ha, the Captain was here,” or some other nonsense.  I am determined to make sure our site isn’t one of those.