Romania's presidential election faces disruption after more than 85,000 cyberattacks and a TikTok disinformation campaign linked to Russia undermine public trust in the electoral process.
What happened
Romania’s Constitutional Court (CCR) annulled the results of the first round of its presidential election after the Romanian Intelligence Service (SRI) revealed an unprecedented wave of cyberattacks targeting election systems. Over 85,000 attacks were directed at election infrastructure, including voter registration systems and the Permanent Electoral Authority (AEP), between November 19 and 25. Credentials for election-related websites, including bec.ro and registrulelectoral.ro, were leaked on a Russian cybercrime forum.
In addition to the cyberattacks, a coordinated disinformation campaign on TikTok promoted pro-Russian candidate Calin Georgescu. The campaign involved over 100 influencers, many with dormant accounts reactivated just weeks before the election.
A closer look at the attack tactics
The cyberattacks exploited vulnerabilities like SQL injection and cross-site scripting (XSS), enabling attackers to steal sensitive information and disrupt operations. Breaches were traced back to devices in over 33 countries, suggesting a sophisticated and global effort to compromise Romania's electoral process.
One significant breach occurred on November 19, when a server connected to both public and internal AEP networks was compromised, providing attackers with access to critical systems. The influence campaign used TikTok hashtags and narratives similar to prior pro-Russian campaigns in Moldova, driving Georgescu’s messaging to trend on November 26.
The potential impact on democracy
The breach proves the risks of digital election systems and the broader implications of disinformation campaigns on public trust.
- Cybersecurity risks: Vulnerabilities in Romania’s election systems not only exposed sensitive data but also threatened the integrity of the democratic process. Hackers could have altered election results or disrupted voting altogether.
- Influence campaigns: Coordinated efforts on TikTok demonstrated how social media platforms can be weaponized to amplify propaganda, shape public opinion, and manipulate election outcomes.
- Loss of trust: The annulment of election results eroded voter confidence, demonstrating how cyberattacks can destabilize democratic institutions.
Lessons learned
Secure election systems
Governments must implement security protocols to protect election infrastructure. Regular vulnerability assessments and advanced monitoring tools can identify and mitigate risks like SQL injection and XSS. Adopting secure, encrypted systems for voter registration and election operations is fundamental to safeguarding electoral integrity.
Monitor and combat disinformation
The TikTok campaign illustrated how misinformation can sway public opinion. Governments and platforms should collaborate to identify and remove coordinated disinformation campaigns while educating the public on how to recognize manipulation.
Establish incident response protocols
Romania’s delayed response to the attacks indicates the need for preemptive action plans. Incident response teams should be trained to detect and neutralize threats quickly, minimizing damage and restoring trust in critical systems.
Strengthen international cooperation
Cyberattacks and disinformation campaigns often cross borders. Collaborative efforts between nations can help trace attackers, shut down cybercrime forums, and hold malicious actors accountable.
FAQs
What is SQL injection?
SQL injection is a technique where attackers insert malicious code into a database query, allowing them to access or alter sensitive data.
What is cross-site scripting (XSS)?
XSS allows hackers to inject harmful scripts into websites, enabling them to steal user data or modify site content.
How do TikTok disinformation campaigns work?
These campaigns use influencers to spread propaganda or false narratives through targeted hashtags and posts, shaping public opinion.
What is Romania’s Permanent Electoral Authority (AEP)?
The AEP oversees election operations in Romania, including voter registration and election system management.
What are cybercrime forums?
These are online platforms where hackers share tools, stolen data, and techniques for executing cyberattacks.
Farah Amod
