Bangladesh official alleges cyberattack ‘from Ukraine and Germany’ targeted election

An official at the Bangladesh Election Commission has claimed that a cyberattack “from Ukraine and Germany” caused an election information app to crash as voters went to the polls on Sunday.

There has not been an allegation that the incident affected votes in the country, where incumbent Prime Minister Sheikh Hasina secured her fourth straight term in office after a record low turnout, as reported by BBC News.

Hasina, who has held power since 2009, is currently the longest-serving female head of government in the world. Her government has faced criticism from the international community, including the United Nations, amid allegations of human rights abuses and extrajudicial killings.

“Her long reign in power has been marked by arrests of opposition leaders, crackdowns on free speech and suppression of dissent,” as Reuters reported.

The country’s main opposition, the Bangladesh Nationalist Party (BNP), boycotted the general election on the grounds that the vote would be rigged. BBC News reported that while official figures for Sunday’s vote put turnout at around 40%, critics have claimed even that figure may be inflated. Bangladesh has about 120 million eligible voters.

Mohammed Jahangir Alam, the Election Commission’s official secretary, told journalists on Sunday that the election app had been “slowed down from Ukraine and Germany,” without specifying the nature of the cyberattack. “Our team has been working round the clock to fix the issue. Although the app is functioning slowly, it’s still working,” said Alam.

The app, Smart Election Management BD, was not essential for voting. It provided “historical and current data on electoral candidates and associate parties” alongside updates on how many votes had been cast.

Although not formally confirmed, the incident as described by Alam may have been a distributed denial of service (DDoS) attack — an unsophisticated type of cyber nuisance that works by flooding targeted network resources with junk requests, making them unreachable.

The nature of the attack was not disclosed, however it is not possible to spoof the source IP address in an application-layer DDoS that is sending HTTP requests to the target server.

Cloudflare, which has historically included Germany and Ukraine among the largest sources of DDoS traffic — although both accounted for far less traffic than China and the United States — said this “usually indicates the presence of botnets operating from within the country’s borders.”

Allegations of foreign interference

Prior to the election, both of the main political parties have made claims and counter-claims about foreign states attempting to influence the vote.

Thousands of BNP activists have been arrested following rallies that turned violent, something which the party alleged was instigated by government provocateurs. Arrest warrants are outstanding for many of the party’s senior figures, some of whom live in exile.

The BNP accused Russian foreign ministry spokeswoman Maria Zakharova of interference after she claimed that the party’s rallies were being sponsored by the U.S. government in a bid to secure Bangladesh’s support for the U.S. Indo-Pacific strategy.

The chief commissioner at the Bangladesh Election Commission has also alleged that “Western nations, including the U.S., are trying to influence the course and results of the general elections in Bangladesh.”

Following Sunday’s vote, Andrei Shutoff, a Russian election observer, reportedly warned: “In case the U.S.A. is not satisfied with the results of the people’s vote, attempts to further destabilize the situation in Bangladesh along the lines of the Arab Spring are likely.”