The start of the primary elections on the 18th of September was not a smooth one. The software crashed and the election had to be paused. The opposition said it was an attack and involved Ferenc Frész, a senior cyber defense expert to examine what happened. Now, the results are here.
Voting in the first round of the primaries was (or would have been) possible in person at 775 tents as of 18 September, and online after a video pre-registration procedure. Voting- starting at 8 a.m. in most places- was already not without problems, but by 10 a.m. the whole system was down. Because of the crash, the elections had to be paused.
The first reaction from the opposition during the weekend was that the crash happened because of the large number of people who wanted to vote. However, in a later post, they referred to an outside attack. “The opposition parties have involved Ferenc Frész, a senior cyber defense expert at Cyber Services Zrt. who has previously worked with the Council of the European Union and NATO, in the investigation into the causes, methods, and origin of a distributed denial-of-service attack (DDoS attack),” they said in a Facebook post.
Fact“Distributed Denial of Service (DDoS) is a method where cyber criminals flood a network with so much malicious traffic that it cannot operate or communicate as it normally would. This causes the site’s normal traffic, also known as legitimate packets, to come to a halt. DDoS is a simple, effective, and powerful technique that’s fueled by insecure devices and poor digital habits.”
Now they have results of Ferenc Férsz’s analysis which the Primaries 2021 (Előválasztás 2021) Facebook page shared.
“From our point of view, the most important result of the investigation is that it proves beyond any doubt that a series of attacks against the infrastructure that also serves the pre-selection was carried out. It is also clear that these attacks were timed to the most important moments,”
“For our part, we have learned a lot from this episode and from Ferenc Frész’s investigation, and we also acknowledge that we could have been better prepared for these attacks. aHang has been present with its digital tools in the hottest public issues for a long time (we could mention the 2019 primaries or the Fudan consultation) and so far we have always been able to protect our infrastructure. It is also true that our main focus in the recent period has been on finalizing our software to make the necessary changes/improvements following recent political decisions, which has also not made it easy to prepare everything. In the end, as the report shows, the server room provider’s infrastructure was overloaded by the attack, which we could not have prevented with any other configuration (since several times the bandwidth of the available packet – the largest – was transmitted to the servers), and the originally planned capacity of our systems would have been sufficient to handle the primaries,” the post continued.
The opposition also thanked the IT staff and Ferenc Frész for their work and sent the full report to the Investigating Authority.
The summary of the investigation is the following: “It is possible that the system could not serve the unplanned network load. Attack patterns were seen in traffic, but none of these were network overloads, rather attempts to scan the vulnerabilities and of the server and the applications. Increased traffic, 41% of which was unscheduled, combined with under-sizing of the servers’ Internet connection and lack of internal synchronization caused the outage.”
The full report can be downloaded here.
Featured image photo via Magyar Hang