Venezuelan authorities say a cyberattack carried out from abroad has disrupted the work of the National Electoral Council (CNE), which continues to have its official website offline. This has been the main justification given by the CNE – and the Venezuelan government – for the delay in publishing the results. detailed election data of July 28th.
But what is known about this alleged attack? According to the country’s authorities, the attacks were mainly carried out from North Macedonia, an Eastern European country, and reached 30 million per minute. Furthermore, they continued to occur until last Sunday (11).
On Monday (12), Venezuela’s Minister of Science and Technology, Gabriela Jiménez, presented an assessment of the alleged attack. hacker. She said that 25 institutions in the country were affected, including everything from the state oil company (PDVSA), to communications and telecommunications companies, and even the electoral system.
“The attacks are increasing 24 hours a day. All state platforms have been attacked in multiple ways,” Jiménez explained, adding that 65% of the attacks were to take down internet services and 17% to steal information.
The CNE handed over to the Supreme Court of Justice (STJ) the data that would prove the cyberattack after the TSJ began an investigation into the matter, at the request of the Maduro government. The president of the Supreme Court, magistrate Caryslia Rodríguez, said that she will review all the data on the attack.
“[O TSJ] will carry out an expert assessment of the massive cyber attack on the Venezuelan electoral system, for which the Chamber [do Tribunal] will have highly qualified and suitable personnel who will use the highest technical standards”, said the judge of the country’s highest court.
The CNE also reported that the attacks were unable to alter the votes, which are protected by their own system, without an internet connection. In addition, Maduro accused multibillionaire Elon Musk, owner of the X platform, formerly Twitter, of being involved in the case.
Netscout vs Carter
The government’s version was partially corroborated by a major US information security firm, Netscout Systems. The company claims that the day after the election, July 29, DDoS attacks against targets in Venezuela have increased tenfold. This type of attack is typically used to take down websites and systems.
“Even a small amount of traffic, if sent at the right time to an unprepared target, can result in network disruptions,” Netscout said, adding that “nearly all of the attacks against Venezuela on the days in question targeted a single telecommunications provider.” However, Netscout’s analysis did not include the days after the 29th of last month.
On the other hand, the head of the Carter Center’s observation mission, Jennie Lincoln – who participated in the election observation mission in Venezuela – stated that there is no evidence of this cyber attack.
“There are companies that monitor and know when there are denials of service [ataques cibernéticos] and there wasn’t one on election day or that night,” Lincoln explained in an exclusive interview with the French agency AFP, without, however, saying which companies she consulted.
Experts
Information technology experts interviewed by Brazil Agency highlighted that there are several companies that monitor cyber attacks in real time and can consult the history of malicious attack traffic from previous days and months, proving or not the Venezuelan government’s thesis.
Information security specialist Breno Borges considered that, to monitor these cyber movements, companies need to have servers close to the infrastructures that suffered these attacks.
“It’s as if I sent a bunch of letters to fill up your mailbox and prevent new letters from arriving at your house. I can only find out about this attack of letters if I’m on the street watching the letters arrive or if you let me enter your house and open the mailbox,” he said.
The most accurate way to confirm the veracity and scale of the attack is through Venezuelan institutions themselves, if they allow monitoring of the history of their systems, Borges added.
DDoS
Technology expert Pedro Markum, from the organization Transparência Hacker, explained that DDoS attacks are common, occur every day and have the potential to take down pages and systems, but not to change votes, which are in a separate system.
“These DDoS attacks should in no way impact the election results, but they could cause delays in the tabulation [dos resultados]they can indeed be a justification, both real and a good fictional justification”, he pondered.
Markum also stated that he has no reason to doubt Netscout’s assessment, which pointed to attacks on the 29th. However, analyzing data from the Russian company Kaspersky, which also monitors cyberattacks, the expert did not find any abnormalities in recent days. For him, the information provided so far by the Venezuelan government is scarce and not very detailed.
Transparency
“You prints [apresentados pela ministra Jiménez] are decontextualized, there is no density of information. When we look at other providers that monitor this information – such as Kaspersky, which is a Russian provider and therefore has no commitment to American imperialism – we do not detect any anomalies, not in this volume [de 30 milhões por minuto]”, said Pedro Markum.
The expert considered, however, that localized attacks not identified by providers could take down poorly protected pages and that only the government can put an end to the doubts surrounding the alleged cyber attack against the Venezuelan election.
“If they really wanted to prove that these attacks are happening, it wouldn’t be difficult, any computer system can go there and check,” Markum added.
The director of the electoral analysis portal Votoscopio, Eugenio G. Martínez, drew attention to the suspension of the CNE’s telecommunications audit, scheduled to take place after the July 28 vote and which could prove the cyber attacks.
“This audit was essential to verify the machine’s transmission records. Its importance became even greater after the CNE reported the attempted hacker attack,” said Martínez.
Attacks in 2019
This is not the first time that the Maduro government has claimed to be the victim of attacks carried out to supposedly destabilize the country. In March 2019, a two-day blackout left Venezuela without power in the context of the self-proclamation of then congressman Juan Guaidó who, with the support of some 50 countries, attempted to take control of the country.
According to the government, the electrical system was the target of a cyberattack that prevented the restoration of electricity. The opposition said that the blackout was simply the result of the dismantling of the national power grid.