Contingency Plan Invoked for “6.22 Civil Referendum”Back

June 18, 2014


Under the sole support from CloudFlare, the mobile application platform for mock voting and pre-registration for “6.22 Civil Referendum” operated by the Public Opinion Programme (POP) at The University of Hong Kong has resumed limited service since late afternoon of June 16, 2014 (Monday). As of noon today our system has received about 35,000 mock votes and pre-registrations. However, in light of the nonstop DDoS (distributed denial-of-service) attacks targeted at our system on astronomical scale, we have decided to change our voting arrangement as follows:



Voting arrangement

Voting channels

June 18

Mock voting and pre-registration

Mobile applications

June 19

System maintenance

June 20-22

Original arrangement unchanged
(large scale activities)

Mobile applications;
web; 15 polling stations

June 23-28

Extended voting period
(small scale activities)

Mobile applications; web; 1 polling station
at R4201, 4/F, Amenities Building,
City University of Hong Kong, evenings only

June 29

Additional large scale voting
(large scale activities)

Mobile applications; web;
about 10 polling stations


In other words, the voting period for “6.22 Civil Referendum” will be extended for one week until June 29 (next Sunday). Detailed arrangements for the extended voting period, such as the location and number of polling stations, the voting time, and so on, will be announced in due course. We intend to print 100,000 paper ballots before June 20 for contingency use, and many more can be printed on demand. We have already reported the DDoS attacks to the police.


In case our system encounters further DDoS again on astronomical scale after it comes into operation, we may further expand our voting period and physical scale, to order to achieve our aim of letting every Hong Kong people who wishes to express their opinion via our civil referendum has sufficient time and tools to do so.


Robert Chung, Director of POP, repeats, “While society is condemning physical violence, it should also condemn verbal violence, political violence as well as cyber violence. We will not be defeated if off-site e-voting cannot be used in the civil referendum. Even if we could only use on-site e-voting, or even worse, only use paper ballots on-site, we will still make it a success. If such a peaceful and rational way of settling disputes cannot work well here, the future of Hong Kong will be very gloomy indeed.”


Media Enquiry:    Angel Lai  Tel: 3917 7700;    Karie Pang  Tel: 3917 7788


3.23 Civil Referendum - Cyber Attacks

Incident #1

Date: March 21, 2012
Incident: A POP server received distributed denial-of-service (DDoS) attack
Description: According to the staff of Information Technology Services of The University of Hong Kong, the server received attacks from hackers at a speed of “one million clicks per second”.

Incident #2

Date: March 22, 2012
Incident: Email accounts of two IT staffs at POP has been hacked twice in succession
Description: The passwords were changed, and one of the accounts had been logged in by an unknown IP address.

Incident #3

Date: March 23, 2012
Incident: Civil Referendum Project server has been attacked
Description: The voting website registered unusual traffic causing it to malfunction starting from 07:00, Information Technology Services found that the server access record was abnormal. Four IP addresses were constantly queried, for more than ten thousand times in total, causing the voting system to be paralyzed, and onsite voting had to be used. Afterwards, a 28 year-old clerk was arrested and convicted of criminal damage, resulting in a punishment of 160 hours service order.

6.22 Civil Referendum - Cyber Attacks

Incident #1

Date: May 27 & 28, 2014
Incident: Two POP server under DDoS attacks
Description: During around 16:00 to 18:00 on May 27, the computer system of Information Technology Services of The University of Hong Kong recorded two DDoS attacks, both aiming at POP server. This resulted in a 14-minutes network congestion in the university’s system, the email server was forced to be shut down.

Incident #2

Date: June 14, 2014 to current
Incident: Voting system of “6.22 Civil Referendum” under severe attack
Description: All three service provider came under immense DDoS attacks on a scale rarely seen. The domain name system (DNS) of AWS received over 10 billion system queries in 20 hours, while CloudFlare and UDomain recorded DDoS attacks in scales of 75Gb per second and 10Gb per second respectively. The three service providers in an unusual move suspended the services, so the mock voting system could not run smoothly. However, the information stored in the system was not affected. Internet security experts said the DDoS attacks on the voting system is unprecedented in the history of Hong Kong in terms of scale and duration, compared to similar cases known to the public.