Why IEBC hack claims likely to remain in limbo


An IEBC official holds a KIEMS gadget during tallying in Nyeri on August 9, 2017. Photo | JOSEPH KANYI | NMG

The Independent and Electoral Boundaries Commission (IEBC) did not grant Supreme Court-appointed information technology (IT) experts access to its servers and the election management system, leaving claims hacking played a role in the outcome of the August 8 election in limbo.

The Supreme Court on Monday ordered the IEBC to grant presidential election candidates Raila Odinga and Uhuru Kenyatta access to the polls body’s servers for purposes of scrutiny in the presence of IT experts.

Chief Justice David Maraga issued the orders following claims by Mr Odinga, who has challenged Mr Kenyatta’s declaration as winner, that the IEBC’s database and servers were hacked to ensure his rival won the election.

Mr Odinga also claimed that some IEBC employees were involved in unauthorised access of the polls body’s electronic systems and that they were part of a scheme to rig Mr Kenyatta into office.


NASA leaders from left: Moses Wetangula, Kalonzo Musyoka and Raila Odinga at the Supreme Court on August 29, 2017. Photo | Jeff Angote | Nairobi

Court-appointed IT experts say in a report submitted to the court on Tuesday evening that the IEBC had refused to grant access to its internal and external firewall configurations, log in trails for the polls body’s servers and the Kenya Integrated Election Management System (KIEMS) kits’ database management systems.

The experts — Elijah Omwenga and Jose Sevilla — alongside Judiciary ICT employee Janet Kadenyi say in the report that the IEBC declined to offer access to the internal firewall configuration.

READ: Nasa and IEBC row over server access - VIDEO

ALSO READ: Use of technology returns to haunt 2017 elections - VIDEO

The Supreme Court had ordered access to the internal firewall configuration without disclosure of the software version used.

The IEBC argued that the move would compromise the security of its systems, the experts say in their report.

Help clear up doubt

The audit was widely expected to shed light on whether unauthorised people had access to the IEBC’s systems and whether there was foul play on election day and thereafter.

“The IEBC was to demonstrate that the logs came from IEBC servers by allowing all parties to have read-only access and to copy the logs. Alternatively, the IEBC could access the information in the presence of the petitioners and provide copies as and when requested,” say the experts.

Live access, they say, was provided on August 29, 2017 at about 3.15 p.m. without the ability to access the logs or even view them, making them to conclude that the polls body did not grant the request.

The experts say that the polls body said it would have provided deeper access to its systems if given more time.


Independent Electoral and Boundaries Commission (IEBC) Chairman Wafula Chebukati (left) and CEO Ezra Chiloba. photo | Salaton Njau | NMG

The report was on Tuesday evening forwarded to the Supreme Court judges, who are expected to take it into consideration while preparing a judgment on Mr Odinga’s petition.

Mr Kenyatta and the IEBC have denied any foul play during the August 8 polls insisting that Mr Odinga had not provided any concrete evidence of rigging.

The court was also expected to make public a separate report detailing the validity of results transmission forms 34A and 34B.

Mr Odinga claimed in his petition that some of the forms lacked key security features, casting doubt on their validity.

But the IEBC said the security features complained of were not made mandatory by law.