IEBC systems were not compromised, says digital director

Independent Electoral and Boundaries Commission chief executive Ezra Chiloba addresses the media at the Supreme Court on August 22, 2017. The agency has maintained that its systems were not compromised. PHOTO | JEFF ANGOTE | NATION MEDIA GROUP

What you need to know:

  • He said the firewalls had an inbuilt report back and alert mechanism in case of unauthorised attempted access.

The Independent Electoral and Boundaries Commission has dismissed reports that its systems were compromised and results manipulated in favour of President Uhuru Kenyatta.

In papers filed in court opposing the petition by National Super Alliance leader Raila Odinga, IEBC director of ICT James Muhati said the allegations made in the petition “are ambiguous, unsubstantiated and without any basis”.

SECURITY FEATURES
Mr Muhati added that in developing the system, the commission engaged a highly qualified team and eventually partnered with internationally recognised and accredited institutions to provide a top-of-the-range government-grade information security system.

“The concept and architecture around the security and verifiability of Kiems ensured that every component had in-built as well as process-related features aimed at guaranteeing the integrity and security of the system,” Mr Muhati said.

According to Mr Odinga, the commission allowed the system to be manipulated and the results, which declared Jubilee candidate the winner of the August 8 presidential election, could not be trusted.

SERVERS
Mr Muhati said the system was not compromised nor were the results manipulated in any way.

“Remarkably, no evidence or explanation has been offered to lay any basis for the allegations,” he said.

The ICT director said only authorised pre-determined tablets were configured to be able to relay or transmit results into the commission’s servers and that the tablets used were polling station-specific, meaning the information could not be traced from the source.

FIREWALLS
He added that the transmission was under round-the-clock automated monitoring.

“The entire network spectrum was secured with twin external and internal high-level perimeter firewalls, which filtered all the information and only defined and authorised transmission was permitted through the filters,” he said.

He added that the cyber security procedures aimed at ensuring the integrity of the transmission also had a third layer being a series of firewalls, which filtered incoming and outgoing data while restricting any third party or unauthorised access.

INTRUSION
He said the firewalls had an inbuilt report back and alert mechanism in case of unauthorised attempted access or unusual activity in the system.

“No intrusion or intervention was detected as can be seen through the alert mechanisms in-built in the firewalls availed,” he said.