Please enable JavaScript.
Coggle requires JavaScript to display documents.
Misinformation & Cyberattack Elections 2019 (Targets (Election…
Misinformation & Cyberattack
Elections 2019
why important?
threat = global
multiple countries =party
one incident = legitimacy whole election
(EU wide impact)
mission
identify, mitigate and manage risk
traffic and incident monitoring
Indicators and escalation criteria
Testing and auditing?
Training and Supporting Parties and Candidates
Election Security Task Force
Election management body
Org responsible for information security of the elections
governmental and/or national CERT teams
Law enforcement
relevant government ministries, secret service
the vendors or developers of the technology that elections rely on
Where?
election systems
auxiliary systems
social media
Targets
election systems
Cyberattack
electronic tools used in gathering or aiding the gathering of votes
digital tools to transmit, process and count votes
systems to publish or communicate election results
relevant auxiliary systems and services
watering hole technique (European elections)
voter and candidate registration and databases;
relevant auxiliary systems and services
voter and candidate registration and databases
electronic tools used in gathering or aiding the gathering of votes
digital tools to transmit, process and count votes
systems to publish or communicate electronic results
Politicians
Campaign IT
Hacking campaign websites
Misconfiguration of a website
Leak of confidential information
Party
DoS or overload of party/campaign registration
Tampering with sponsorship (legality issues bv. AfD)
Tampering with the registrations.
Private information
Hacking candidate laptops or e-mail accounts
Disinformation about person
Election technology
DoS or overload of voter registration system
Tampering or DoS of voting and/or vote
confidentiality
Software bug altering results of the election
Tampering with logs/journals
Breach of voter privacy during the casting of
votes
Tampering, DoS, or overload of the systems used
for counting or aggregating results
Tampering or DoS of communication links used to
transfer (interim) results
Government IT
Hacking/misconfiguration of government servers,
communication networks, or endpoints
Spreading misinformation on elections,
parties/candidates or results on government websites
DoS or overload of government websites
Voters
Electoral rolls
suppressing or add voters.
Identity fraud during voter registration
Misinformation campaign
preventing vote through access blocking
Media / press
hacking of internal systems used by media or press
Tampering, DoS or overload of media communication links
Defacement, DoS, or overload of websites or other systems used for publication of the results
Who?
Hardware
software
people
infiltration and black-male (insider threat)
nonchalance in procedures