Russian government-connected hacktivist group CyberBerkut breaches Ukraine’s Election Commission
On May 22, 2014, Russian government-connected hacktivist group CyberBerkut successfully penetrated the Ukrainian Central Election Commission’s (CEC) voting system three days prior to the May 25 presidential election. According to Ukraine’s security service (SBU), the hackers manipulated election data in favor of a far-right candidate. SBU agents determined that a CEC administrator planted a virus within internal CEC systems that permitted CyberBerkut to access the CEC’s digital infrastructure and disable the CEC’s election analytics system. Ukrainian officials also noted the presence of malware developed by Russian military intelligence agency (GRU)-connected Fancy Bear, or APT28, on CEC systems. Despite the data breach, CyberBerkut and Fancy Bear did not succeed in changing the ultimate outcome of the election. The Wall Street Journal and the University of Toronto’s Citizen Lab have linked CyberBerkut, a self-proclaimed independent pro-Russian hacktivist group, to Russian military intelligence agency (GRU)-connected hacking group Fancy Bear, or APT 28.

About This Incident

Threat Actors: Russia

Incident Metadata

Date: 22-May-14
Country: Ukraine