Portugal: Cyberattack on Brazilian electoral court was from Portugal

The Brazilian Federal Police identified Portugal as the origin of a cyberattack on the computer system of the Brazilian Supreme Electoral Court, which occurred before 23 October and which, according to the authorities, did not affect Sunday’s municipal elections.

“It was a leak [of information] without any relevance and without any importance to the electoral process (…) This attack apparently had its origin in Portugal and, always remembering, the [electronic] ballot boxes are not networked [connected to the internet], so they are not vulnerable to any kind of attack during the electoral process,” Luis Roberto Barroso, president of the Supreme Electoral Court (TSE, said on Sunday.

On Sunday morning, Veja magazine published information on this first attack on the TSE that came from Portugal, adding that only old data about court officials was extracted from the computer system. No data was stolen after 23 October.

Shortly after 10 a.m. on Sunday (Brasilia time, 1 p.m. in Lisbon), the TSE’s computer systems were once again attacked by cyber-pirates in another action that originated in Brazil, the United States and New Zealand.

The action took place during municipal elections throughout the country, which took millions of Brazilians to the polls to elect new mayors and councillors from the legislative chambers of 5,567 cities.  

Barroso had already confirmed early in the afternoon that the TSE systems were the target of an attempted invasion this Sunday, which had no impact on voting.

“There was indeed an attempt to attack today, with a massive amount of accesses trying to bring down the system. This attack was neutralised and had no impact,” Barroso said.

“The information I have is that it was an attempt to bring down the system. But everything is working well,” he added.

In addition to cyber-piracy, the elections in Brazil presented problems at the end of Sunday night in disseminating the results, which usually occur within a few hours because the country has an electronic voting system.

In a note, the TSE stressed that the slow process of tabulating the votes was causing a delay in the dissemination of the results.

“The data is normally sent by the Regional Electoral Courts (TREs) and received by the tallying bank, which is adding the content more slowly than expected,” the court said.

“The problem is being resolved by the technicians so that the results can be announced more quickly. We point out that there is no connection with the leakage of personal data from servers [TSE employees] and no connection with the attempted cyberattack recorded in the morning,” he said.