Ukrainian parliamentary election interference (2014): Difference between revisions
Jump to navigation
Jump to search
Content added Content deleted
(editing real world examples) |
(small edits following Darryl's update) |
||
| (5 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
<br /> |
|||
{| class="wikitable" |
{| class="wikitable" |
||
| |
! scope="row"|Date |
||
| |
|October 2014 shortly before the Ukrainian parliamentary elections were held. |
||
|- |
|- |
||
| |
! scope="row"|Suspected Actor |
||
|A pro-Russian hacktivist group called |
|A pro-Russian hacktivist group called CyberBerkut with suspected ties to the GRU hacker group known as APT28 (or Fancy Bear) was allegedly responsible for the attacks.<ref>A Greenberg, [https://www.wired.com/story/russia-election-hacking-playbook/ 'Everything We Know About Russia's Election-Hacking Playbook'] ''Wired'' (6 September 2017).</ref> |
||
|- |
|- |
||
| |
! scope="row"|Target and Method |
||
|Four days before the national vote, the Ukrainian central election system was compromised and critical files were deleted, rendering the vote-tallying system inoperable; three days before the national vote, CyberBerkut released exfiltrated data onto the internet as proof of the success of the operation.<ref name="CSMonitor">M Clayton, [https://www.csmonitor.com/World/Passcode/2014/0617/Ukraine-election-narrowly-avoided-wanton-destruction-from-hackers 'Ukraine election narrowly avoided "wanton destruction" from hackers'] ''CS Monitor'' (17 June 2014).</ref> |
|||
| ⚫ | |||
Malware, which would have portrayed ultra-nationalist candidate Dmytro Yarosh as the winner with 37 percent of the vote and candidate Petro Poroshenko as having 29 percent of the vote, was installed.<ref name="CSMonitor" /> |
|||
| ⚫ | Shortly after polls closed, the website of the Ukrainian Central Election Commission, which organized the elections, was shut down. Ukrainian security officials characterized the operation as a distributed denial-of-service (DDoS) attack, which can slow down or disable a network by flooding it with communications requests.<ref name="CSMonitor" /> |
||
|- |
|- |
||
| |
! scope="row"|Purpose |
||
|The |
|The Central Election Commission described the attack as "just one component in an information war being conducted against our state".<ref name="AFP">[https://news.yahoo.com/hackers-target-ukraines-election-website-204128284.html 'Hackers target Ukraine's election website'] AFP (25 October 2014).</ref> The attack can be seen as part of the ongoing conflict between Russia and Ukraine, which had started with the annexation of the Crimean Peninsula by Russia in February-March 2014.<ref>See, eg, [http://www.rulac.org/browse/conflicts/international-armed-conflict-in-ukraine 'International armed conflict in Ukraine'] ''Rule of Law in Armed Conflicts'' (12 September 2017).</ref> |
||
|- |
|- |
||
| |
! scope="row"|Result |
||
|The vote-tallying system was restored, using backups, three days before the national vote.<ref name="CSMonitor" /> |
|||
|Ukrainian officials announced that they were prepared for this case and used a backup to restore the entire system. |
|||
Ukrainian cybersecurity personnel were able to remove the malware 40 minutes before election results went live, preventing it from releasing erroneous results.<ref name="CSMonitor" /> |
|||
Election results were blocked for two hours and the final tally was delayed.<ref name="CSMonitor" /> Nonetheless, Ukrainian officials announced that they had prepared for the possibility of a DDoS attack and used a backup to restore the entire system.<ref name="AFP" /> |
|||
|- |
|- |
||
| |
! scope="row"|Aftermath |
||
|Russian media announced that Dmytro Yarosh had won the election with 37 percent of the vote and that Petro Poroshenko had obtained 29 percent of the vote, despite such erroneous results never having been publicly released by Ukrainian officials.<ref name="CSMonitor" /> |
|||
|In 2015 Ukraine was again subject to a cyber attack conducted by Russia against an Ukranian power grid. |
|||
In 2015, Ukraine was subject to another [[Power grid cyberattack in Ukraine (2015)|cyber operation conducted against the Ukrainian power grid]]. |
|||
Ukrainian officials announced that they will upgrade their cyber defence system in order to prevent election meddling for the upcoming presidential elections in March 2019. |
|||
In 2018, Ukrainian officials noted that they were planning to upgrade their information technology infrastructure prior to the 2019 presidential election in order to address a range of cyber security threats that they had expected to face.<ref>OSCE, [https://www.osce.org/odihr/elections/ukraine/407657?download=true 'Ukraine: Presidential Election 31 March 2019 - ODIHR Needs Assessment Mission Report'] (21 December 2018) 7.</ref> |
|||
|- |
|- |
||
| |
! scope="row"|Analysed in |
||
|[[Scenario 01: Election interference |
|[[Scenario 01: Election interference]] |
||
|} |
|} |
||
[[Category:Example]] |
|||
[[Category:2014]] |
|||
[[Category:DDoS]] |
|||
Latest revision as of 11:27, 6 July 2021
| Date | October 2014 shortly before the Ukrainian parliamentary elections were held. |
|---|---|
| Suspected Actor | A pro-Russian hacktivist group called CyberBerkut with suspected ties to the GRU hacker group known as APT28 (or Fancy Bear) was allegedly responsible for the attacks.[1] |
| Target and Method | Four days before the national vote, the Ukrainian central election system was compromised and critical files were deleted, rendering the vote-tallying system inoperable; three days before the national vote, CyberBerkut released exfiltrated data onto the internet as proof of the success of the operation.[2]
Malware, which would have portrayed ultra-nationalist candidate Dmytro Yarosh as the winner with 37 percent of the vote and candidate Petro Poroshenko as having 29 percent of the vote, was installed.[2] Shortly after polls closed, the website of the Ukrainian Central Election Commission, which organized the elections, was shut down. Ukrainian security officials characterized the operation as a distributed denial-of-service (DDoS) attack, which can slow down or disable a network by flooding it with communications requests.[2] |
| Purpose | The Central Election Commission described the attack as "just one component in an information war being conducted against our state".[3] The attack can be seen as part of the ongoing conflict between Russia and Ukraine, which had started with the annexation of the Crimean Peninsula by Russia in February-March 2014.[4] |
| Result | The vote-tallying system was restored, using backups, three days before the national vote.[2]
Ukrainian cybersecurity personnel were able to remove the malware 40 minutes before election results went live, preventing it from releasing erroneous results.[2] Election results were blocked for two hours and the final tally was delayed.[2] Nonetheless, Ukrainian officials announced that they had prepared for the possibility of a DDoS attack and used a backup to restore the entire system.[3] |
| Aftermath | Russian media announced that Dmytro Yarosh had won the election with 37 percent of the vote and that Petro Poroshenko had obtained 29 percent of the vote, despite such erroneous results never having been publicly released by Ukrainian officials.[2]
In 2015, Ukraine was subject to another cyber operation conducted against the Ukrainian power grid. In 2018, Ukrainian officials noted that they were planning to upgrade their information technology infrastructure prior to the 2019 presidential election in order to address a range of cyber security threats that they had expected to face.[5] |
| Analysed in | Scenario 01: Election interference |
- ↑ A Greenberg, 'Everything We Know About Russia's Election-Hacking Playbook' Wired (6 September 2017).
- ↑ 2.0 2.1 2.2 2.3 2.4 2.5 2.6 M Clayton, 'Ukraine election narrowly avoided "wanton destruction" from hackers' CS Monitor (17 June 2014).
- ↑ 3.0 3.1 'Hackers target Ukraine's election website' AFP (25 October 2014).
- ↑ See, eg, 'International armed conflict in Ukraine' Rule of Law in Armed Conflicts (12 September 2017).
- ↑ OSCE, 'Ukraine: Presidential Election 31 March 2019 - ODIHR Needs Assessment Mission Report' (21 December 2018) 7.