The Superior Electoral Court (TSE) suffered a distributed denial of service (DDoS) attack, on Sunday (15) during municipal elections, informed the president of the court, Luís Roberto Barroso.
In a press conference, President Barroso reported that the attack began at 10:41 am on Sunday of election and the attacks came from Brazil, the United States and New Zealand.
“Attacks are not a TSE problem. The STF, the STJ, the Pentagon, the UK government are attacked. The relevance is to prevent these attacks from succeeding. In the case of TSE there was no“, said.
A distributed denial of service (DDoS) attack, or just a denial of service attack, is a simple attack, used to bring down websites and servers online. This is done with a program that overloads the victim’s server with a massive amount of hits forcing the server to be very busy and consequently unavailable. It is an overload invalidation and data is not normally stolen with this approach.
Delay in the dissemination of results
Since Thursday (12th), the TSE website and e-Título application have had technical problems. The site went offline on Thursday and Friday (13) and the app crashed during election Sunday. In addition, there was a delay in disclosing election results.
According to Barroso, there is no relationship between the falls in services, the DDoS attack and the delay in counting. He guarantees that the slow vote count was caused by a hardware failure of the TSE “supercomputer”.
“It was a technical problem and there is no relation to the DDoS attack. It was a flaw in the supercomputer’s processor core. The problem has already been fixed, “he explained without giving further details.
Regarding the app, Barroso justifies that the court’s technology team was forced to shut down a server to ensure a backup in case of a successful cybercriminal attack. “We shut down a server to be sure and left a server, which is, due to the excessive demand of the last hour, has instability,” he said.
Until the time of publication of this report, the e-Título application continues to have problems in the system that informs the location where voters vote and on the page indicated to justify the vote.
Data leakage
During the press conference, Barroso also confirmed data leaks from TSE servers, but said they are old, were stolen in October this year and that the Federal Police is already investigating.
“The data released is old. Access to this data occurred before October 23… So far, no relationship has been identified. Logically, we cannot rule out any possibility, but there is, so far, no indication in this sense… The PF has been working in tune with the entire area of security and technology of the TSE, and there is no indication of damage to the election ”, said Barroso.
In a clarification note published on Facebook, the court wrote that the DDoS attack and the slowness in the systems is not related to data leakage. [confirmado por Barroso durante a coletiva].
“We emphasize that there is no relationship with the leak of personal data from servers and no relationship with the attempted cyber attack recorded in the morning,” says the court in a clarification note on Facebook.
Source: TSE press conference; TSE on Facebook.
See the original post at: https://thehack.com.br/tse-sofre-ataque-de-ddos-mas-garante-nao-ter-relacao-com-vazamento-de-dados-e-queda-nos-servicos/?rand=48873
