Weekly newsletter

Cybersecurity Expert: A Series of Attacks Against Primaries Was Carried Out

Júlia Tar 2021.09.28.

The start of the primary elections on the 18th of September was not a smooth one. The software crashed and the election had to be paused. The opposition said it was an attack and involved Ferenc Frész, a senior cyber defense expert to examine what happened. Now, the results are here.

Voting in the first round of the primaries was (or would have been) possible in person at 775 tents as of 18 September, and online after a video pre-registration procedure. Voting- starting at 8 a.m. in most places- was already not without problems, but by 10 a.m. the whole system was down. Because of the crash, the elections had to be paused.

Opposition Primaries Continue after Software Crash, Tens of Thousands Voting Daily
Opposition Primaries Continue after Software Crash, Tens of Thousands Voting Daily

They promised to restart the voting process on Monday the 20th at 7 am. However, the pre-registration still did not work before 10 am.Continue reading

The first reaction from the opposition during the weekend was that the crash happened because of the large number of people who wanted to vote. However, in a later post, they referred to an outside attack. “The opposition parties have involved Ferenc Frész, a senior cyber defense expert at Cyber Services Zrt. who has previously worked with the Council of the European Union and NATO, in the investigation into the causes, methods, and origin of a distributed denial-of-service attack (DDoS attack),” they said in a Facebook post.

Fact

Distributed Denial of Service (DDoS) is a method where cyber criminals flood a network with so much malicious traffic that it cannot operate or communicate as it normally would. This causes the site’s normal traffic, also known as legitimate packets, to come to a halt. DDoS is a simple, effective, and powerful technique that’s fueled by insecure devices and poor digital habits.”

Now they have results of Ferenc Férsz’s analysis which the Primaries 2021 (Előválasztás 2021) Facebook page shared.

“From our point of view, the most important result of the investigation is that it proves beyond any doubt that a series of attacks against the infrastructure that also serves the pre-selection was carried out. It is also clear that these attacks were timed to the most important moments,”

they said.

Opposition Parties Distance Themselves from Jobbik Politician after Controversial Photo Surfaces
Opposition Parties Distance Themselves from Jobbik Politician after Controversial Photo Surfaces

A photo depicting the deputy mayor of Ózd has recently surfaced, in which Farkas is making what many believe to be a Nazi salute. He denied any wrongdoing, claiming he was simply waving.Continue reading

“For our part, we have learned a lot from this episode and from Ferenc Frész’s investigation, and we also acknowledge that we could have been better prepared for these attacks. aHang has been present with its digital tools in the hottest public issues for a long time (we could mention the 2019 primaries or the Fudan consultation) and so far we have always been able to protect our infrastructure. It is also true that our main focus in the recent period has been on finalizing our software to make the necessary changes/improvements following recent political decisions, which has also not made it easy to prepare everything. In the end, as the report shows, the server room provider’s infrastructure was overloaded by the attack, which we could not have prevented with any other configuration (since several times the bandwidth of the available packet – the largest – was transmitted to the servers), and the originally planned capacity of our systems would have been sufficient to handle the primaries,” the post continued.

More Than a Half Million Citizens Cast Votes in Primaries So Far
More Than a Half Million Citizens Cast Votes in Primaries So Far

On Sunday, more than 55,000 voters turned up at the tents, and more than 20,000 people voted online.Continue reading

The opposition also thanked the IT staff and Ferenc Frész for their work and sent the full report to the Investigating Authority.

The summary of the investigation is the following: “It is possible that the system could not serve the unplanned network load. Attack patterns were seen in traffic, but none of these were network overloads, rather attempts to scan the vulnerabilities and of the server and the applications. Increased traffic, 41% of which was unscheduled, combined with under-sizing of the servers’ Internet connection and lack of internal synchronization caused the outage.”

The full report can be downloaded here.

Featured image photo via Magyar Hang