A computer hacking group called CyberBerkut attempted to alter the Ukrainian presidential election. They did so by having an administrator at the Central Election Commission (CEC) plant a virus from an internal computer that granted the hackers access.
Victor Yagun of the Security Service of the Ukraine held a press conference announcing the cyber attack. The main target of CyberBerkut was the election analytic system that aggregates voter data. Altering the information would have created a different winner in the recent Ukrainian election for president. Destroying the data would have created the illusion of election fraud. Yagun also reported an employee of the CEC, who provided the hacking group with internal access, was also detained.
Volodymyr Zverev, head of the State Service for Special Communication and Information Security, said the virus released by CyberBerkut destroyed all the internal data of the CEC servers on May 22. The virus was released inside CEC by someone able to log into the network and open email containing the virus. The compromised data collected by CyberBerkut included personal emails of CEC members and technical documents on the operation of CEC’s election analytic system. All of the lost data was restored from a backup server by 4 pm on May 22.
Evidence pointing to an inside source stemmed from tracking where the virus first infiltrated the CEC network. The login information for a CEC computer showed a person used the correct username and password on the first attempt.
Zverev blamed Kaspersky antivirus software for its failure to recognize the virus. Kaspersky Lab is a Russian software firm. A spokesperson from the company said Kaspersky Lab was ready to investigate the recent cyber attack and write programming to help prevent such an incident from happening again.
Mykhailo Okhendovsky, the CEC director, said in a press conference the network is operational and will continue running. The CEC’s election analytics system functioned normally after it was restored from the backup server. Okhendovsky said if there are any failures, the CEC will not hide the problem. His organization will speak openly about them.
The computer hacking group called CyberBerkut took credit in the attempt to alter the Ukrainian presidential election. The group claimed it had infiltrated CEC’s digital infrastructure and disabled the election analytics system. The group also claimed it had uploaded personal emails of CEC officials. They also collected the technical specifications from the analytic system that aggregates voting data. On the hacking group’s website, they stated they could now access the CEC communications system anytime they wished.
Maxim Savanevskiy, of Watcher.com.ua, said CyberBerkut’s hacking of CEC inflicted no major damage. The main problem seemed to have been an internal source granting the hackers access from within. Once the passwords to vital programs are changed, access to outside sources would be eliminated.
Victoria Siumar, the deputy National Security and Defense Council Secretary said the problem with hackers goes back to the previous pro-Russian Yanukovych administration. Members from that government may have programmed the CEC computers with built-in vulnerabilities to assist hackers in gaining backdoor access into the network.
It would not be the first time former President Yanukovych faced such allegations. In 2004, his allies rigged the presidential election in his favor. Their plan included a similar hacking system that exploited access to a data transit server.
With cyber attacks on individuals, businesses, and government institutions on the rise, the Security Service of the Ukraine and members of the CEC were lucky to be able to find the perpetrators. Losing or altering vital election data during an election would have meant a disaster and cries of fraud. The attempt by CyberBerkut to alter the Ukrainian presidential election could have created a different result that would have added further turmoil in the region.
By Brian T. Yates