DearSA cyber attack: Bots used in bid to sway outcome of Covid-19 survey

Public participation platform DearSA was the target of a cyber attack on Saturday when 20,000 submissions on a mandatory vaccination survey were filled in by bots.

The organisation said a specific IP address targeted the campaign, which attracted more than 180,000 submissions.

DearSA asked the public to comment, object to, or support mandatory vaccinations and certificates, or passbooks, for Covid-19.

DearSA is a non-profit platform with an active participant network of more than 900,000 people.

According to the organisation, interim results show the vast majority of participants object to mandatory vaccinations and passbooks.

The bot was set up to automatically answer “Yes I do” and used fake e-mails and names to fill in the public participation form.

“The interim results discredit surveys and refute findings by organisations such as the World Economic Forum, the University of Johannesburg and the Human Sciences Research Council,” the organisation reported on Monday.

DearSA director Rob Hutchinson said it was important for the public to know this event was not a hack but rather a single person injecting 20,000 entries to the campaign to try to influence the outcome.

“Someone ran a script [list of commands that automate processes on the web] which added 20,000 'participants' all with the same IP address. None have messages added and we were alerted to it when all the e-mails sent [part of the process of participating in the campaigns] bounced.

“We can't delete the entries because this will compromise the campaign, but we have flagged them.

“Our service provider, Amazon, also flagged them as fake. We are working with Amazon to ensure it doesn't happen again, this is the first time.

“The motive was to influence the outcome. At the time we had over 160,000 entries with 89% against.

“This was definitely not a hack, there was no breach of data but rather someone trying to inject data. All participants' data is removed from the server several times a week and stored off site [to safeguard in case of a breach].”

Hutchinson said the organisation would make public details about the individual who tried to influence the outcome once investigators had confirmed this. 

DearSA director Gideon Joubert said: “We are getting a digital forensic investigator to look at this and will take it further.

“It benefits no-one to do this ... we will have to appoint an independent auditor to audit the results. This will mean the data won't be affected. This was definitely done by someone with little experience.” 

TimesLIVE