Bobby O'Brien, Microsoft
Since the onset of the “First Wave of Democracy” in the early 19th Century, democratic institutions have promoted peace between nations, nurtured international economic development, and been an important guarantor of political and civil rights around the globe. Over the course of the last two years, however, the threat posed by cyber-enabled interference to electoral processes, one of the most important democratic institutions, has become increasingly apparent.
Addressing this threat to democracy will require significant new efforts by governments (including intergovernmental organizations), technology companies, and civil society, both individually and in partnership. To coordinate its own contributions to this shared effort, Microsoft established its Defending Democracy Program (managed by CELA’s ‘Cybersecurity & Democracy Team’) in April 2018.
This session will focus on how Microsoft is putting cybersecurity to work for the defense of democracy. More specifically, it will:
• Survey the threat landscape as it relates to cyber-enabled interference in democratic processes;
• Detail how both existing and new security technologies are being used to mitigate these threats;
• Discuss how cybersecurity concepts & methods (e.g. risk management, threat modeling, and/or ‘security by design’) can be used to enhance security across the election stakeholder ecosystem;
• Propose ways cybersecurity practitioners can leverage their expertise to defend democracy.
Breaking the Kubernetes Kill Chain: Host Path Mount
BlueHat v18 || Cybersecurity for the defense of democracy
1.
2. Nation state cyberattacks are increasing…
DDoS against
Estonia
Russo-
Georgian war
‘Cast Lead’ and
‘Pillar of Defense’
(Israel/Palestine)
GhostNet
Operation
Aurora
Stuxnet
Flame
Jasmine
Revolution
Sands
Heartbleed
security bug
Yahoo!
Japan
Pension
Service Montenegro
French
Elections
NotPetya
Sony
OPM
USA - ISIS
US 2016
elections
North Korea Ukraine
power grid
ADP
WannaCry
2007 2011 2014 20162008 2009 2010 2012 2013 2015 2017
North Korea –
South Korea
Saudi Aramco
and RasGas
9. Campaigns present unique security risks
“Today’s campaigns are uniquely soft
targets. They’re inherently temporary and
transient. They don’t have the time or money to
develop long-term, well-tested security
strategies. Large numbers of new staff are often
onboarded quickly without much time for
training. They may bring their own hardware
from home and the malware lurking on it.
Events move quickly, the stakes are high,
and people feel that they don’t have time to
care about cybersecurity. There are a lot of
opportunities for something to go wrong.”
“Unfortunately for campaigns and our
country, foreign adversaries may think that
harming or helping a particular candidate
advances their national interest, whether that
means creating chaos and confusion among
American voters, or punishing an official who
has spoken out against them. This may sound
like thriller fiction, but the reality is that a
sophisticated foreign intelligence service,
cybercriminal or hacktivist with a grudge
against a candidate, could decide that you or
someone on your campaign is a target.”
12. Eligibility
(0365 Customers)
All U.S. political campaigns at federal, state, tribal and local level
National and state political party committees
Political technology vendors
Think tanks and democracy advocacy organizations
Microsoft AccountGuard is a new service designed to protect
organizations that underpin democracy from cyberattacks.
This service is offered free of charge and was
approved unanimously by the FEC last month.
Introducing Microsoft AccountGuard
13. Microsoft AccountGuard | Service Benefits
Unified Threat
Detection &
Notification
Across Accounts
Notification when targeted
or compromised by nation-
state attackers
Covers organizational
(O365) and personal
(Outlook.com & Hotmail)
email accounts
1
Security Guidance &
Ongoing Education
Security best practices
guidance and resources
Security briefings, trainings,
and webinars to address
evolving cyberattack trends
2
Private Preview
Opportunities
Access to private
preview security
services & features
Opportunity to provide
feedback on how best
to address ever-
changing security
needs.
3
16. U.S. elections = system of systems
“Unlike other nations, the
United States has no
centralized, nationwide
election authority.”
-Securing the Vote (NAS, 2018)
18. Threat modeling for democracy
“Threat modeling is a process by which potential
threats, such as structural vulnerabilities can be
identified, enumerated, and prioritized – all from a
hypothetical attacker’s point of view. The purpose
of threat modeling is to provide defenders with
a systematic analysis of the probable attacker’s
profile, the most likely attack vectors, and the
assets most desired by an attacker.”
What does the threat model for democracy look like? How can it inform
efforts to better secure democratic processes? How confident are we that the
democratic vulnerabilities of 2016 will be the exploits of 2018 and beyond?
19. Call to Action
1. Connect with Microsoft’s Defending Democracy Program
2. Get involved in the democratic process
3. Discuss: how can cybersecurity be put to work to defend democracy?