The end of 2023 saw an uptick in distributed denial-of-service (DDoS) traffic across major industries in Bangladesh, and it may have been geared to disrupt the latest national elections.

Last week, it came to light that a mobile app providing critical information to Bangladeshi voters ahead of those elections was targeted by cyberattackers. As Dark Reading reported at the time, the Bangladeshi Election Commission claimed it was one of the latest victims of a DDoS attack. It turns out, the disruption effort could have been part of a much more widespread campaign to meddle with the national vote.

According to exclusive data provided to Dark Reading by Cloudflare, the end of 2023 in Bangladesh, running up to the vote, saw a 33% quarter-over-quarter jump in HTTP DDoS attack traffic. More than half of that was directed at the telecommunications industry, with the rest spread among other crucial sectors; media and newspapers was the next most-targeted industry, with banking, financial services, and insurance following closely behind.

“Telecommunication companies might be targeted by DDoS attacks before elections to disrupt communication channels, thereby hindering the dissemination of information and potentially impacting voter communication and coordination,” a representative of Cloudflare writes in an email to Dark Reading. “Such attacks could be politically motivated to create confusion, suppress voter turnout, or undermine the credibility of the electoral process.”

Cloudflare’s spokesperson also says that media production and newspaper companies may have been targeted by DDoS attacks before elections to disrupt the flow of information and influence public opinion, often driven by political motivations or to undermine trust in key institutions: “These attacks can also serve as a tactic to test defenses, spread misinformation, or serve economic interests through extortion.”

Did European DDoSers Affect an Election App in Bangladesh?

Smart Election Management BD is a government-run app providing Bangladeshi citizens with all kinds of election-related information — about voting locations, political parties, candidates, vote totals, and so on — though it is not a means of electronic voting. It has more than 500,000 downloads on Google Play. The Smart Election app remained live throughout Election Day on Jan. 7, in which the incumbent prime minister Sheikh Hasina Wazed won her fourth straight term. However, voters reported performance issues, including slowdowns, according to reporting by the Dhaka Tribune.

Mohammed Jahangir Alam, secretary of the Bangladesh Election Commission announced that the app had been struck by a cyberattack. But more curiously, he claimed the bad traffic originated in Germany and Ukraine.

The origination data often provides clues as to the motivations and actors behind politically motivated hacks — though there’s no obvious geopolitical tension that would explain why Western European or Ukrainian assailants would be involved in the politics of Bangladesh. And according to Cloudflare data, Bangladesh’s DDoS problem is well dispersed. Around 15% of Q4 2023 attack traffic came from the US, and 9% from Indonesia, with Brazil, Japan, India, Germany, and Russia following behind with around 4-5% apiece.

“In many cases, we see one main source country for DDoS attacks targeting another. For example, more than 80% of HTTP DDoS attack traffic targeting Taiwan [last year] originated from China,” says the spokesperson. “But in the case with Bangladesh … the source country list seems to be quite distributed, perhaps indicating the use of globally distributed botnets.”

Dark Reading reached out to the office of the Bangladesh Election Commission Secretary for further evidence to support Alam’s assertion, but did not receive a reply by the time of publishing.

The DDoS Threat to Elections

When it comes to election malfeasance, the firm’s contact says, “we expect to see a continuation of what we have seen in previous years. There will likely be ongoing online cyberattacks against entities in the election space — not only candidates and campaigns, but vulnerable nonprofits and other groups that help encourage voting and monitor elections.”

That said, DDoS might be a bigger player in global elections from now on than it has been, according to Cloudflare. The person adds, “The threat of DDoS attacks are evolving quickly, and are far from a low-level annoyance that they used to be thought of as. New emerging tech will only work to amplify the attack tactics of nation-states and affiliated groups. Threat actors will rely not only on the tried-and-true phishing tactics deployed in previous elections but also more widespread use of new tools that leverage emerging tech — like AI-optimized DDoS attacks.”

Source: www.darkreading.com