One Article Review
| Source |  RiskIQ |
|---|---|
| Identifiant | 8622259 |
| Date de publication | 2024-12-09 12:58:56 (vue: 2024-12-09 13:08:45) |
| Titre | Romania\\'s election systems targeted in over 85,000 cyberattacks |
| Texte | #### Targeted Geolocations - Romania #### Targeted Industries - Government Agencies & Services ## Snapshot Romania\'s election infrastructure faced over 85,000 cyberattacks, with threat actors gaining access to election-related websites and leaking credentials on a Russian hacker forum shortly before the presidential elections. Additionally, Romanian intelligence agencies have highlighted a potential state-backed influence campaign targeting the presidential election, where TikTok influencers with millions of followers promoted candidate Calin Georgescu using coordinated messages and hashtags. ## Description The Romanian Intelligence Service (SRI) reported that the Permanent Electoral Authority\'s IT infrastructure was compromised on November 19, with a server containing mapping data being targeted. This server was connected to both the public web and the Authority\'s internal network. The leaked credentials pertained to several Romanian election sites, and the attackers obtained these by either targeting legitimate users or exploiting vulnerabilities in a training server for voting section operators. The attacks, which originated from over 33 countries, continued until the night after the first presidential election round on November 25th. The attackers aimed to access and compromise the election infrastructure, alter public election information, and deny system access. They attempted breaches using SQL injection and cross-site scripting (XSS) vulnerabilities. The SRI warned that the infrastructure still harbors vulnerabilities that could allow attackers to move laterally within the network and establish persistence. Additionally, the SRI described an influence campaign targeting the Romanian presidential election, where over 100 TikTok influencers with a collective following of over 8 million were paid to promote presidential candidate Calin Georgescu. The Ministry of Internal Affairs observed a sharp increase in the visibility of these videos, which shared [similarities with content promoting a pro-Russian candidate in Moldova](https://sip.security.microsoft.com/intel-explorer/articles/05cff118). The SRI noted that Georgescu\'s campaign was supported by a sudden increase in activity from 25,000 TikTok accounts, with 800 of them created in 2016 and becoming active just before the election. While the SRI did not directly attribute the attacks and influence campaign to Russia, the Romanian Foreign Intelligence Service highlighted Russia\'s history of election interference and its perception of Romania as an enemy state due to its NATO alliance. As of December 6, the Constitutional Court of Romania (CCR) [annulled the presidential elections](https://www.ccr.ro/comunicat-de-presa-6-decembrie-2024/) based on findings that the first round of elections was affected by a Russian influence campaign and decided that new elections will be held. ## Microsoft Analysis and Additional OSINT Context Russia targets Romania for influence operations in part due to Romania\'s strategic role on NATO\'s eastern flank, its energy initiatives, and its position on the Black Sea. Romania hosts key NATO infrastructure, including the Aegis Ashore missile defense system. Additionally, Romania\'s efforts to reduce reliance on Russian energy through projects like the BRUA pipeline challenge Moscow\'s influence in the region. Situated on the Black Sea, Romania plays a critical role in regional security and economic dynamics that are vital to Russia\'s geopolitical interests. To undermine Romania\'s alignment with NATO and the EU, Russia employs disinformation campaigns that exploit domestic issues and regional tensions, seeking to weaken trust in democratic institutions and disrupt Western cohesion. ## References [Romania\'s election systems targeted in over 85,000 cyberattacks](https://www.bleepingcomputer.com/news/security/romanias-election-systems-targeted-in-over-85-000-cyberattacks/). Bleeping Computer (accessed 2024-12-09) ## Cop |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | #### **© 000 100 2016 2024 2024** 2024/ 25th 800 access accessed accounts active activity actors additional additionally aegis affairs affected after agencies aimed alignment all alliance allow alter analysis annulled any are ashore attackers attacks attempted attribute authority backed becoming before being black bleeping bleepingcomputer both breaches brua calin campaign campaigns candidate ccr challenge cohesion collective com/intel com/news/security/romanias compromise compromised computer connected constitutional containing content context continued coordinated copyright could countries court created credentials critical cross cyberattacks cyberattacks/ data december decembrie decided defense democratic deny described description did directly disinformation disrupt distribution domestic due dynamics eastern economic efforts either election elections electoral employs enemy energy establish exploit exploiting explorer/articles/05cff118 faced findings first flank followers following foreign forum from gaining geolocations geopolitical georgescu government hacker harbors hashtags have held highlighted history hosts https://sip https://www including increase industries influence influencers information infrastructure initiatives injection institutions intelligence interests interference internal issues its just key laterally leaked leaking legitimate like mapping messages microsoft million millions ministry missile moldova moscow move nato network new night not noted november observed obtained operations operators originated osint over paid part perception permanent permission persistence pertained pipeline plays position potential presa presidential pro prohibited projects promote promoted promoting public reduce references region regional related reliance reported reproduction reserved rights ro/comunicat role romania romanian round russia russian scripting sea section security seeking server service services several shared sharp shortly similarities site sites situated snapshot sql sri state strategic sudden supported system systems targeted targeting targets tensions them thereof these threat through tiktok training trust undermine until users using videos visibility vital voting vulnerabilities warned weaken web websites western where which will within without written xss based the |
| Tags | Vulnerability Threat |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.