Romanian Presidential Election Undermined By Russia

Authorities in the EU member nation, Romania, have revealed details of what appears to be a major attempt to interfere in the country’s presidential elections using the social media platform TikTok, and a series of cyber attacks.

The Romanian Intelligence Service (SRI) disclosed that over 85,000 computer network intrusions were launched against election websites and IT systems throughout the first round of the NATO member state’s election process. 

Based on the disclosure by the SRI, the persistent computer network intrusions are indicative of a state-sponsored cyber unit with considerable resources and capabilities at its disposal.

In consequence, Romania’s Supreme Court has moved quickly to annul the results of the first round of the presidential election. The Court has ruled that the first round process must be rerun and in a statement said the annulment was based on Article 146(f) of the Constitution, emphasising the need to ensure the correctness and legality of the electoral process. Romania's domestic intelligence service says there are signs the effort was "co-ordinated by a state-sponsored actor", which they clearly think is Russian.

Calin Georgescu, a  critic of NATO who has previously praised Russian President Putin, was almost unknown in Romania until he won the first round of voting in the presidential elections. Georgescu, a pro-Russian candidate who wants to end Romania’s support for Ukraine amid Russia’s invasion, emerged as the front-runner on November 24 despite being a political outsider who declared zero campaign spending.

Now, Romanian intelligence agencies say that his sudden and surprise surge in popularity is down to a "highly organised" and "guerrilla" campaign on social media, sharing identical messaging and using influencers.They say it was conducted from "external locations" to bypass controls.

A separate intelligence assessment says that Romania has been identified as an "enemy state" by Moscow and a priority target for what it calls "aggressive hybrid actions".

The politically disruptive information, came into the public domain only a few days before the second round of voting, as a result of declassified documents published by the outgoing President, Klaus Iohannis. They reveal how paid content supporting Georgescu was promoted on TikTok, without being marked as election campaigning, in violation of the platform’s own rules and of Romanian electoral law.

Other candidates’ content was subject to strict controls and Georgescu insists that he spent nothing on election promotion, denying he was even campaigning. However. the intelligence documents released identify one TikTok account alone which they say made payments of $381,000 (£299,819) to users who were promoting Georgescu in the five weeks from 24th October,

The European Commission has ordered TikTok to “freeze and preserve data” amid the ongoing Romanian presidential elections and declassified intelligence “pointing to interference from Russia.”

The declassified documents released were all papers drawn up for a meeting of the security council following the first round of the presidential election. They also reveal that access data for electoral websites was stolen from legitimate users and published online “on cyber-crime platforms originating from Russia”. Separately, the intelligence agencies report some 85,000 attempted hacks in an attempt to access electoral data and change content, including on election day. 

The report says the cyber-attackers used advanced methods to remain anonymous, working in a way and on a scale "typical of state-sponsored actors".

In comment, Craig Watt, an expert Threat Intelligence Consultant at Quorum Cyber said, "This recent event demonstrates that Russia’s ‘Information Confrontation Doctrine’ continues to form the foundation of Moscow’s strategic cyber targeting as influence assets capitalise on European political divisions to influence Western demographics in the direction of NATO-scepticism."

An investigation is ongoing to determine more details about the campaign and precisely who was responsible.  "It will be critical for the western intelligence community to work together to combat these malign cyber operations that continue to attack the fabric of European democracy." Watt concludes.

Presidency.ro   |    Reuters   |    BBC   |   AlJazeera   |    CNN   |   Record   

Image: Ideogram

You Might Also Read: 

Social Media Algorithms & Their Effects [extract]:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 


Cyber Security Intelligence: Captured Organised & Accessible


 

« US Telecoms Customer Data Stolen By Chinese Hackers 
TikTok Will Be Banned In The USA »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Securosis

Securosis

Securosis is an information security research and advisory firm dedicated to improving the practice of information security.

Cura Software Solutions

Cura Software Solutions

Cura Software Solutions (formerly Cura Technologies) is a market-leader in Governance, Risk and Compliance (GRC) enterprise applications.

FIDO Alliance

FIDO Alliance

FIDO Alliance is a non-profit organization formed to address the lack of interoperability among strong authentication devices.

CUIng.org

CUIng.org

The CUIng initiative was launched to tackle the problem of criminal exploitation of information hiding techniques.

Cyber Risk Opportunities

Cyber Risk Opportunities

Cyber Risk Opportunities was formed to enable middle-market executives to become more proficient cyber risk managers so their organizations can thrive.

QOMPLX

QOMPLX

QOMPLX integrate, contextualize, and analyze data from virtually any source to help you identify operational risk and inefficiencies throughout the enterprise.

Crypsis

Crypsis

Crypsis was built based on a shared vision of creating a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services.

Nettoken

Nettoken

Nettoken is the first identity management platform designed for everyday internet users, to encourage awareness and control of our ever expanding digital footprint and personal cybersecurity.

FraudLabs Pro

FraudLabs Pro

FraudLabs Pro detects fraud and helps merchants to reduce e-commerce chargebacks by identifying high risk transactions.

Phy-Cy.X Security Group

Phy-Cy.X Security Group

Phy-Cy.X specialize in the “Physics” of Information Security through both physical and cyber domains. We are not an IT company, we ARE an Information Security company.

Phakamo Tech

Phakamo Tech

Phakamo Tech offers a full set of governance, risk, compliance, cybersecurity and Microsoft Cloud services that include consulting, planning, implementation and cyber incident response.

X Technologies

X Technologies

X Technologies provide world-class engineering, information technology, information security, program management and repair services to Federal, State and commercial customers.

Atlant Security

Atlant Security

Atlant Security is a cyber and IT security company offering consulting and implementation services.

Secure Cyber Defense

Secure Cyber Defense

Secure Cyber Defense provides expert cybersecurity consulting and managed detection and response services to companies, local government, schools and universities.

Digital Security by Design (DSbD)

Digital Security by Design (DSbD)

Digital Security by Design is an initiative supported by the UK government to transform digital technology and create a more resilient, and secure foundation for a safer future.

Sword Group

Sword Group

Sword is a leader in data insights, digital transformation and technology services with a substantial reputation in complex IT, business projects and mission critical operations.