By Khatuna Mshvidobadze
Copyright © 2012 Potomac Institute for Policy Studies
Following Russia’s December 4 Duma elections, Prime Minister Vladimir Putin and his United Russia Party suffered the dual embarrassments of having their election rigging exposed and, nonetheless, failing to reach 50% of the vote. Putin refused the demands of street protestors to rerun the parliamentary elections, looking forward instead to the March 4 presidential election. During his December 15 annual television call-in show, he said, “I ask the central election commission to install web cameras in all 90,000 polling stations in the country and to put the footage on the internet so the whole country can see.”
Accordingly, the Ministry of Communications and Mass Media launched a $430 million program to install two cameras in all but the 4,000 most remote polling places. Footage will be live-streamed on election day when visitors to a dedicated online platform hosting the video will be able to switch among precincts to observe citizens casting their votes. After voting ends in the last district, the cameras will switch to broadcasting the tallying of votes, complete with sound.
The Communications Ministry published program information on www.webvybory2012.ru, inviting public discussion. Senior Ministry official Ilia Massoukh told a January 13 press conference that 200,000 individuals had already commented.
Russian information security experts began to express their concern that the new effort at “transparency” had significant vulnerabilities.
Some said that the webcams proposed for the program are ordinary ones, not those that feature cryptographic protection.
Others worried about the proposed software. Kaspersky Lab expert Dmitry Tarakanov told RIA NOVOSTI, the “planned use of free software is good news itself, but if this applies to the operating system, here we should not forget that systems based on Linux…are not free from vulnerabilities. It is necessary to consider and choose the latest version of the software, which has eliminated all known vulnerabilities.”
Maxim Beloenko of HighLoad Lab warned of DDoS attacks, not so much against what could amount to 20,000 simultaneous broadcasts, “but an attack on a web portal through which users can watch live streams is more likely to happen.”
After two months of public discussion on system vulnerabilities, Massoukh told Reuters that the huge network of Russian election webcams controlled by the state telecommunications and ISP company Rostelecom have been targeted by DDoS attacks. The details have not yet been revealed; however, Massoukh speculated, potential targets may be the live webcast website webvybory2012.ru and other information resources related to the elections.
Consider the irony in this sequence of events: Putin requested the program; security experts and others publicly discussed vulnerabilities and possible attacks, including DDoS attacks; and then the DDoS attacks materialized. It is no harder to imagine this happening in Putin’s Russia than it is to imagine Putin and United Russia garnering just 49% of the vote.
Of course, we do not now know the perpetrators. Kremlin-directed hacktivists preparing to spoof surveillance of polling places? Opposition sympathizers who want Putin’s monitoring cameras to fail? Kremlin-directed hacktivists who want to make the Putin Government appear to be the victim? Cyber hooligans of one form or another, inside or outside of Russia?
There will no doubt be more cyber shenanigans before the polls close on March 4.