Cybersecurity professionals can directly protect democracy.
A virtual election simulation this week highlighted a typical November election day in the fictional city of Adversaria.
A red team of hackers does everything it can keep residents from voting. Meanwhile, a blue team of first responders from local, state and federal agencies springs into action. They do everything they can to limit disruptions, and ensure voting centers remain open and the integrity of voting remains intact.
This was the theme of Cybereason‘s latest Operation Blackout virtual election simulation.
Cybereason has been hosting virtual election simulation exercises with both public and private sector professionals to test resilience to possible disruptions.
There were surprises and lessons learned in this latest virtual election simulation. Election security remains a top concern across the United States, which lends even more weight to these exercises.
Sam Curry, Cybereason’s chief security officer, tells us how it went. He also talks about what can be applied to the upcoming election and beyond.
Channel Futures: What was the goal behind Operation Blackout? Does it reflect what’s expected during the November election?
Sam Curry: Their goal of the simulation is to sway public opinion, prevent voter turnout and undermine future elections. During the exercise, nothing was hacked, and no one was harmed because it is an exercise. We are not actually hacking an election. The goal was to simulate the experience without having anyone hurt. Naturally, the teams pick an aspect or two to emphasize and as such each simulation is unique.
All infrastructure systems are election systems, and what Cybereason has learned over the course of seven previous Operation Blackout exercises is … election day threats are real when attempts could be made on electricity grids, transportation systems and municipalities in general.
CF: Were there any surprises or lessons learned during the virtual election simulation? If so, can you give some examples?
SC: Every simulation has lessons and surprises. In this case, the blue team innovated with an excellent measure of installing specific election-only ballot boxes in cities across the country. They called for help when needed and stuck the landing for safety during the finale. The red team taught us how easy it is to create chaos and sow doubt on a shoestring budget. In some ways, they did a little too much, with some measures that countered one another or telegraphed direction. Overall, both teams performed.
CF: What were the end results of the virtual election simulation?
SC: Recognizing that having clear channels of information or disinformation was very important for affecting public sentiment for both sides. Control of social media networks for municipalities allowed the red team to easily spread misinformation through supposedly “legitimate” channels. Many of the activities performed by the red team were simple, cheap and commoditized. These activities do not necessarily require a nation-state attacker to carry out, just someone motivated and with a little knowledge.
CF: Do the results apply to ensuring election security and integrity?
SC: The results from the exercise have clear takeaways. One, the coordinated efforts of first responders is critical. And two, it is essential to control communications, to call for help, to show leadership, to focus on safety. These may seem obvious, but they are not. Operation Blackout exercises remind us to lean in and do our duty with smart and structured improvement, and not just dedication at go time.
CF: With election security being such a hot topic right now, is there reason to feel optimistic?
SC: Each election hacking simulation improves on the one before and these exercises have proven to be solid immersive experiences for practicing cyber incident readiness much as war games prepare the military in times of peace. The law enforcement participants on the blue team appreciate the utility of the exercise and how applicable it is to …