Venezuela’s Presidential Election: A Cyberattack, Delayed Results, and Global Backlash
On July 28, 2024, Venezuela held presidential elections that immediately captured the attention of the global community. The National Electoral Council of Venezuela (CNE) declared the victory of the incumbent president, Nicolás Maduro. However, the election results sparked widespread controversy and were questioned by both the opposition and the international community.
One of the major issues related to these elections was the delay in announcing the voting results. The authorities explained this delay as being caused by a purported cyberattack, which they claimed was orchestrated by North Macedonia. However, a network traffic analysis conducted by the research group Team Cymru cast doubt on this assertion.
On July 28, the day of the elections, a sharp spike in traffic directed at the IP address 201.130.83.39, associated with the CNE, was observed. This surge in traffic, involving a large number of connections from IP addresses across the globe, could indicate an attempt at a distributed denial-of-service (DDoS) attack. Nevertheless, there is no definitive proof of who was behind this attack.
The investigation revealed that the primary activity was concentrated on Autonomous System AS61471, managed by the CNE. Between July 23 and August 2, 2024, traffic related to IP 201.130.83.39 surged dramatically on July 28, coinciding with the day of the elections. This IP address services two key CNE subdomains that provide access to critical systems related to the electoral process.
The analysis indicated that during a brief period, approximately from 11:29 to 12:03 local time, there was a significant increase in the number of connections from remote hosts worldwide. These connections may have hindered access to CNE systems for regular users, which aligns with the characteristics of a DDoS attack.
Despite this, the data does not confirm that the attack was organized from North Macedonia, as claimed by Venezuelan authorities. The analysis showed that the majority of the IP addresses involved in the attack were registered in the Czech Republic and South Africa.
Nevertheless, the lack of specific information about who exactly was behind this attack creates uncertainty around the incident. In a situation where every aspect of the Venezuelan elections is under intense scrutiny, such technical disruptions could further undermine trust in the results and fuel additional speculation.
Thus, while the events of July 28, 2024, were indeed accompanied by a significant spike in network activity, the precise causes and sources remain highly ambiguous. This incident underscores the importance of protecting electoral infrastructure, especially in the context of international attention and a tense political climate.
