The head of Ukraine’s cyber police force, Serhiy Demedyuk, told Reuters that hackers had targeted Ukraine’s electoral servers and the personal computers of election staff prior to Ukraine’s upcoming presidential election slated for March 31, 2019.
Hacker tactics have included “phishing” operations such as virus-infected greeting cards, shopping invitations, and notices for software updates. Demedyuk said that “virus-laden New Year’s greetings on behalf of government bodies…have become so widespread that they are just overwhelming. Such mailing lists, spam letters are sent to them and their relatives, which contains malware to control their computer equipment. This is the easiest way, but it is effective.”
Malicious software hidden within the documents attempts to steal sensitive information, including passwords, personal credentials, and other sensitive data. Demedyuk said that hackers were also caught purchasing the personal details of Ukrainian election officials, including civil servants and employees, on the dark web with anonymous cryptocurrency.
The cyber police chief said that no electoral system network compromises have been detected yet. However, the Ukrainian government is preparing for an increase in malicious activity once the commission’s regional offices officially begin their work about a month before Election Day. Furthermore, given the attacks on Ukraine’s critical infrastructure in 2015 and 2016, Kyiv worries that the energy and banking sectors could be targeted and potentially manipulated by hackers using software “backdoors” to gain access.
In terms of attack attribution, Demedyuk said that the financing of these attacks appeared to come from the same online sources, believed to originate in Russia, used for previous cyber incidents. Kremlin spokesperson Dmitry Peskov responded specifically to these charges, stating that “Russian state structures have never interfered, and are not interfering, in the internal affairs of other countries.”