Who hacked the website of North Macedonia’s state election commission on election day?

[dufus]

 

The website of North Macedonia’s State Election Commission (SEC), or to be more exact the site's election section, was targeted by hackers immediately after polls closed in the snap general election on July 15, leaving the question of who stands behind the attack?

 

Even though the elections passed in a free and democratic manner and were among the most peaceful in the country so far, the denial-of-service (DDoS) attack left a big stain on the election — the first since the country changed its name to North Macedonia and become a Nato member.

 

The election ended with a narrow lead for the ruling Social Democrats (SDSM) ahead of the opposition VMRO-DPMNE. Some VMRO-DPMNE supporters have already indicated they will not accept a new SDSM-led government. 

 

The SEC was hacked immediately after voting ended at 9pm on Wednesday. The election section then recovered for few minutes but the results disappeared again, preventing journalists and other interested people from monitoring the election results, which were announced with a huge delay a day after the election.

 

At the same time as the SEC site was brought down, the local news aggregator Time.mk was also hacked, but it recovered more quickly.

 

“We are under DDoS attack,” owner of Time.mk, Igor Trajkovski, said in a tweet at the time of the cyber attack. It was reported that Time.mk was attacked with more than 20mn IP addresses on July 15.

 

Institutional flaws

 

Most countries take measures to protect their electoral infrastructure in order to provide the maximum security on election day, which was not the case here in North Macedonia.

The cyber attack on the SEC website, which targeted the election platform, raised many questions about the way institutions in North Macedonia protect the election process.

 

The Macedonian Public Security Bureau does not even run its own website where people can get information about cyber security.

 

Officials from the local software company Duna Computers, which was selected before the election to manage the SEC’s electronic system for election statistics, said that the application for the election is a separate platform, which is independent from the SEC website, pointing out that the problem was with the SEC servers.

 

"We immediately told them that what happened was an attack and that there was no connection with Duna's election application,” Duna Computers’ owner Aleksandar Pajkovski said.

 

The attack was stopped as soon as Austrian telecommunication company A1 Austria, which has a unit in North Macedonia, A1 Makedonija, whose network SEC is using, intervened.

 

The cyber attack also raised other issues, such as controversial software procurement. Local media reported the day after the election that the procurement of the software by SEC was disputable, as Duna Computers was selected without a transparent tender.

 

Two local firms were invited to provide the software for processing election data, Duna and iVote, and Duna was selected by the SEC on June 19. The appeal by iVote was rejected and Duna officially won the contract on July 8, one week before the election.

 

Left wondering 

 

The unprecedented cyber attack slowed the entire procedure of entering the votes while citizens and the media are still wondering what really happened.

 

As there are many doubts about the results, SEC president Oliver Derkoski said that the commission will now decide whether to have a manual count of the votes, something that happened in Kosovo's election in October 2019.

 

After he read the first results, Derkoski, who comes from the opposition VMRO-DPMNE, said that the website was probably a target of external hackers and that the issue will be investigated. 

 

Strangely, the cyber attack was only reported a day after the election, to the interior ministry, which is led by minister Nake Culev. also from VMRO-DPMNE. Culev is part of the interim government, including opposition members, that has run the country since January 2020 to open the way for the snap elections.

 

Election credibility undermined 

 

The civic association MOST, which regularly monitors the country's elections, pointed out that although the election took place in a fair and democratic way, the hackers’ attack on the election platform might be a deliberate attack to disturb the electoral process.

 

MOST said that due to the attack, there is no complete insight into the initial election results.

 

"The timing with which the attack took place indicates that probably a previously planned attack was made to disrupt the credibility of the election process," MOST officials said.

 

After the election, Zaev announced he is going on holiday and will launch coalition talks to form a new cabinet after the big Macedonian national holiday on August 2. 

source