Read on Twitter
Yesterday, a cyber operation on Brazil's Superior Electoral Court ( #TSE) made headlines - on the day of Brazil's municipal elections, the first time Brazilians went to the voting booth after Jair Bolsonaro was elected president.
https://www1.folha.uol.com.br/poder/2020/11/ataque-de-hackers-no-sistema-do-tse-nao-viola-seguranca-da-eleicao.shtml /1
https://www1.folha.uol.com.br/poder/2020/11/ataque-de-hackers-no-sistema-do-tse-nao-viola-seguranca-da-eleicao.shtml /1
Such a fairly unsophisticated operation can have a destabilizing effect: BR uses voting machines, so media and population worry about election security (although fact-checking agencies concluded there was that election security was not compromised): /2 https://projetocomprova.com.br/publica%C3%A7%C3%B5es/ataque-de-hackers-no-sistema-do-tse-nao-viola-seguranca-da-eleicao/
So what happened?
1. Doxing: On election day, hacking collective CyberTeam published TSE internal data, claiming they obtained them that day. In a statement, they "claim[ed] justice and internal investigations in the prison systems" of BR + Portugal. /3 https://livecoins.com.br/em-dia-de-eleicao-hackers-vazam-dados-do-tse/
1. Doxing: On election day, hacking collective CyberTeam published TSE internal data, claiming they obtained them that day. In a statement, they "claim[ed] justice and internal investigations in the prison systems" of BR + Portugal. /3 https://livecoins.com.br/em-dia-de-eleicao-hackers-vazam-dados-do-tse/
But: The data actually date from 2001-2010. The TSE president stated they detected a breach on the court's systems on October 23rd originating in Portugal. (Folha article).
2. DDoS: The TSE website suffered a DDoS attack on the morning of election day. /4 https://www1.folha.uol.com.br/poder/2020/11/investigacao-aponta-operacao-coordenada-em-ataque-a-tse-e-postagens-alegando-fraude.shtml
2. DDoS: The TSE website suffered a DDoS attack on the morning of election day. /4 https://www1.folha.uol.com.br/poder/2020/11/investigacao-aponta-operacao-coordenada-em-ataque-a-tse-e-postagens-alegando-fraude.shtml
3. Disinformation: Brazil has a history of election disinformation, as laid out in this study by @FGVDAPP: https://democraciadigital.dapp.fgv.br/publicacoes/desinformacaoeleitoral/
The events at the TSE quickly led to speculations on social media on electoral fraud.
The link between the 3 is still unclear. /5
The events at the TSE quickly led to speculations on social media on electoral fraud.
The link between the 3 is still unclear. /5
This is not the only recent cyber op targeting BR courts: Earlier in November, the Superior Court of Justice was hit with ransomware attributed to RansomExx, as was (allegedly) the Pernambuco State Court of Justice
https://www.bleepingcomputer.com/news/security/brazils-court-system-under-massive-ransomexx-ransomware-attack/
See also
https://twitter.com/ale_paulus/status/1324040968769712128?s=20 /6
https://www.bleepingcomputer.com/news/security/brazils-court-system-under-massive-ransomexx-ransomware-attack/
See also
https://twitter.com/ale_paulus/status/1324040968769712128?s=20 /6
So what now?
BR might want to improve resilience and IT security capabilities, ramp up investments in personnel, and build up + strengthen effective processes - both for political and technical response.
International exchanges of best practices might not hurt, either.
BR might want to improve resilience and IT security capabilities, ramp up investments in personnel, and build up + strengthen effective processes - both for political and technical response.
International exchanges of best practices might not hurt, either.
What did I forget/get wrong? @LouMarieHSD @boomartins
@dfaranha @diegorrcc @anchisesbr @eduardokraemer
@dfaranha @diegorrcc @anchisesbr @eduardokraemer
