SlideShare a Scribd company logo

Russian Hacker Cyber Threats to US Voting Infrastructure

David Sweigert
David Sweigert

Uploaded as a courtesy by: Dave Sweigert

Health & Medicine
1 of 5
I N T E L L I G E N C E A S S E S S M E N T U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y (U//FOUO) CyberThreats andVulnerabilities to US Election Infrastructure 20 September 2016 National Protection and Programs Directorate Office of Intelligence and Analysis IA-0213-16 (U) Warning: This document is UNCLASSIFIED//FOR OFFICIAL USE ONLY (U//FOUO). It contains information that may be exempt from public release under the Freedom of Information Act (5 U.S.C. 552). It is to be controlled, stored, handled, transmitted, distributed, and disposed of in accordance with DHS policy relating to FOUO information and is not to be released to the public, the media, or other personnel who do not have a valid need to know without prior approval of an authorized DHS official. State and local homeland security officials may share this document with authorized critical infrastructure and key resource personnel and private sector security officials without further approval from DHS (U) All US person information has been minimized. Should you require the minimized US person information, please contact the I&A Production Branch at IA.PM@hq.dhs.gov, IA.PM@dhs.sgov.gov, or IA.PM@dhs.ic. U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y
U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y Page 1 of 4 20 September 2016 (U//FOUO) Cyber Threats and Vulnerabilities to US Election Infrastructure (U//FOUO) Prepared by the Office of Intelligence and Analysis (I&A) and the Office of Cyber and Infrastructure Analysis (OCIA). (U) Scope (U//FOUO) This Assessment provides a baseline understanding of cyber threats to computer-enabled US election infrastructure. This Assessment discusses cyber risk and provides mitigation measures to owners and operators of US election infrastructure. This Assessment is intended to assist state and local governments in protecting, preventing, mitigating, and responding to cyber incidents against US election infrastructure. (U) Key Judgments (U//FOUO) DHS has no indication that adversaries or criminals are planning cyber operations against US election infrastructure that would change the outcome of the coming US election. Multiple checks and redundancies in US election infrastructure—including diversity of systems, non-Internet connected voting machines, pre-election testing, and processes for media, campaign, and election officials to check, audit, and validate results—make it likely that cyber manipulation of US election systems intended to change the outcome of a national election would be detected. (U//FOUO) We judge cybercriminals and criminal hackers are likely to continue to target personally identifiable information (PII), such as that available in voter registration databases. We have no indication, however, that criminals are planning theft of voter information to disrupt or alter US computer-enabled election infrastructure. (U//FOUO) We assess multiple elements of US election infrastructure are potentially vulnerable to cyber intrusions. The risk to US computer-enabled election systems varies from county to county, between types of devices used, and among processes used by polling stations. (U) US Computer-Enabled Election Infrastructure (U) US election infrastructure is a diverse set of assets, systems, and networks, both public and private. Based on our analysis of each phase of the election process, the following election infrastructure represents the key computer-enabled assets, systems, and networks most critical to the security and resilience of the election process. » (U) Electronic voting systems and associated infrastructure located at polling places during voting. » (U) Information technology infrastructure and systems used to maintain voter registration databases. » (U) Information technology infrastructure and systems used to manage elections, which may include systems that count, audit, and display election results on election night, as well as for post-election reporting used to certify and validate results.
U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y Page 2 of 4 (U) Election Processes: Some Computer-Enabled (U//FOUO) No Indication of Cyber Operations to Change Vote Outcome (U//FOUO) DHS has no indication that adversaries or criminals are planning cyber operations against US election infrastructure that would change the outcome of the coming US election. Multiple checks and redundancies in US election infrastructure—including diversity of systems, non-Internet connected voting machines, pre-election testing, and processes for media, campaigns and election officials to check, audit, and validate results—make it likely that cyber manipulation of US election systems intended to change the outcome of a national election would be detected. » (U//FOUO) We assess that successfully mounting widespread cyber operations against US voting machines, enough to affect a national election, would require a multiyear effort with significant human and information technology resources available only to a nation-state. The level of effort and scale required to change the outcome of a national election, however, would make it nearly impossible to avoid detection. This assessment is based on the diversity of systems, the need for physical access to compromise voting machines, and the security and pre-election testing employed by state and local officials.* In addition, the vast majority of localities engage in logic and accuracy testing, which work to ensure voting machines operate and tabulate as expected—before, during, and after the election. » (U//FOUO) We judge, as a whole, voter registration databases are resilient to systemic, nationwide cyber manipulation because of the diverse systems and security measures surrounding them. Targeted intrusions against individual voter registration databases, however, are possible. Additionally, with illicit access, manipulation of voter * (U) Voting precincts in more than 3,100 counties across the United States use nearly 50 different types of voting machines produced by 14 different manufacturers. The diversity in voting systems and versions of voting software provides significant security by complicating attack planning. Most voting machines do not have active connections to the Internet. U//FOUO
U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y Page 3 of 4 data, or disruptions to their availability, may impact a voter’s ability to vote on Election Day. Most jurisdictions, however, still rely on paper voter rolls or electronic poll books that are not connected in real-time to voter registration databases, limiting the possible impacts in 2016. » (U//FOUO) We assess the impact of an intrusion into vote tabulation systems would likely be contained to the manipulation of unofficial Election Night reporting results, which would not impact the certified outcome of an election, but could undermine public confidence in the results. In addition, local election officials, media organizations, and political campaigns carefully monitor local voting patterns, particularly in electorally significant jurisdictions, and are likely to detect and begin investigating potential anomalies quickly. (U//FOUO) Non-State Actors Likely To Continue Targeting PII, Potentially Attempt Disruption (U//FOUO) We judge cybercriminals and criminal hackers are likely to continue to target voter PII. We have no indication, however, that cybercriminals are planning theft of voter information to disrupt or alter computer-enabled US election infrastructure voting. Politically-motivated criminal hackers could attempt temporary disruptive cyber attacks, such as denial-of-service (DoS) attacks or web defacements against election-related websites, in the lead-up to or during the election process. Disruptive attacks could target public-facing state and local government websites, potentially including election infrastructure used to report election results to the general public and media; however, we judge this activity would likely have little impact on the voting process itself. » (U//FOUO) Unknown cyber actors in mid-July used an open-source scanning tool to identify and exploit a structured query language (SQL) injection vulnerability and exfiltrate PII from a Midwestern state board of elections website, according to FBI sources with excellent access and information provided by a cybersecurity organization supporting states. In at least three other states, voting and non-voting related websites during the same period observed unsuccessful SQL injection attacks from unknown actors, according to the same reporting. » (U//FOUO) Cybercriminals routinely attempt exploitation of misconfigured and vulnerable websites and webservers via SQL injection, brute force login attempts, cross-site scripting, and other publicly known vulnerabilities, according to DHS reporting from sources with direct access. » (U//FOUO) Criminal hackers routinely engage in disruptive attacks such as website defacement and DoS attacks, through exploiting publicly known vulnerabilities and for-hire DoS tools, according to DHS reporting from reliable sources with direct access. (U) Vulnerability of Computer-Enabled Election Systems (U//FOUO) We assess multiple elements of US election infrastructure are potentially vulnerable to cyber intrusions. The risk to computer-enabled election systems, however, varies from county to county, between types of devices used and among processes used by polling stations. » (U//FOUO) Electronic Voting Systems: Security researchers have repeatedly demonstrated in laboratory testing environments that voting machines are vulnerable to compromise, usually with physical access, and such compromises could result in the manipulation of vote totals. Election outcomes would only be impacted if the compromise happened on a large scale across multiple machines or jurisdictions—which we judge to be beyond the capability of any adversary—or in cases of smaller local elections where the margin of victory is at a smaller scale. » (U//FOUO) Voter Registration Databases: Online voter registration systems provide a potential point of vulnerability to enable cyber actors to gain illicit access to voter registration databases. Cyber actors have exploited these portals in the past to gain illicit access to voter information. Compromises of voter registration databases have resulted in the potential release of PII, but not the modification of records—with the exception of one unconfirmed incident of voter registration manipulation reported by US media. The exposure of voters’ information would have limited impact on the integrity of the election process; however, it could undermine confidence in the system and provide the ability to conduct further cyber operations.
U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y Page 4 of 4 » (U//FOUO) Public Dissemination of Voting Results: State government information technology solutions generally include a public-facing Internet-connected portion that is used to report election results to the general public and media, which some states have begun migrating to the cloud due to Election Day demand. Vulnerabilities in the public-facing Internet portion could be used to display inaccurate vote results to the public and media. Election Day results are not the official results of the state or local jurisdiction. (U) For further references please see Attachments: 1) (U) US-CERT – Securing Voter Registration Data [Security Tip (ST16-001)], published 15 September 2016, available at https://www.us-cert.gov/ncas/tips/ST16-001 2) (U) USG – Cyber Incident Reporting: A Unified Message for Reporting to the Federal Government, available at https://www.dhs.gov/sites/default/files/publications/Cyber%20Incident%20Reporting%20United%20Message.pdf 3) (U) NPPD – State, Local, Tribal, and Territorial (SLTT) Cybersecurity Engagement (U) Reporting Computer Security Incidents (U) To report a computer security incident, either contact US-CERT at 888-282-0870, or go to https://forms.us- cert.gov/report/ and complete the US-CERT Incident Reporting System form. The US-CERT Incident Reporting System provides a secure, web-enabled means of reporting computer security incidents to US-CERT. An incident is defined as a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard computer security practices. In general, types of activity commonly recognized as violating typical security policies include attempts (either failed or successful) to gain unauthorized access to a system or its data, including personally identifiable information; unwanted disruption or denial of service; the unauthorized use of a system for processing or storing data; and changes to system hardware, firmware, or software without the owner’s knowledge, instruction, or consent. (U) Tracked by: HSEC-1.1, HSEC-1.2, HSEC-1.3 (U) Source Summary Statement (U//FOUO) This Assessment is based on DHS, FBI, and US media reporting, as well as our understanding of cyber actors and their capabilities. We assess these sources provide credible information based on their direct access to the reported information. We have moderate confidence in our assessment that adversaries or criminals are not planning cyber operations that would compromise the vote integrity of the coming election, attempt theft, or conduct short-lived disruptive cyber incidents.

Recommended

IDEAS-Nomination-OH
IDEAS-Nomination-OHIDEAS-Nomination-OH
IDEAS-Nomination-OHJohn Dziurlaj
 
Crime Fighting Computer Systems And Databases
Crime Fighting Computer Systems And DatabasesCrime Fighting Computer Systems And Databases
Crime Fighting Computer Systems And Databasesafraidferry231
 
Crime Fighting Computer Systems And Databases
Crime Fighting Computer Systems And DatabasesCrime Fighting Computer Systems And Databases
Crime Fighting Computer Systems And Databasesafraidferry231
 
Monitoring 287g
Monitoring 287gMonitoring 287g
Monitoring 287gWorlds Touch
 
The Security Implications of Foreign Hardware & Software February 2019
The Security Implications of Foreign Hardware & Software February 2019The Security Implications of Foreign Hardware & Software February 2019
The Security Implications of Foreign Hardware & Software February 2019ChadCogan
 
Peter Novotny Ignite Talk Ned Feb 26
Peter Novotny Ignite Talk Ned Feb 26Peter Novotny Ignite Talk Ned Feb 26
Peter Novotny Ignite Talk Ned Feb 26MobileActive.org
 
E314456.pdf
E314456.pdfE314456.pdf
E314456.pdfajmrdjournals
 
Where to find border and immigration data
Where to find border and immigration dataWhere to find border and immigration data
Where to find border and immigration databorderzine
 

Recommended

IDEAS-Nomination-OH
IDEAS-Nomination-OHIDEAS-Nomination-OH
IDEAS-Nomination-OHJohn Dziurlaj
 
Crime Fighting Computer Systems And Databases
Crime Fighting Computer Systems And DatabasesCrime Fighting Computer Systems And Databases
Crime Fighting Computer Systems And Databasesafraidferry231
 
Crime Fighting Computer Systems And Databases
Crime Fighting Computer Systems And DatabasesCrime Fighting Computer Systems And Databases
Crime Fighting Computer Systems And Databasesafraidferry231
 
Monitoring 287g
Monitoring 287gMonitoring 287g
Monitoring 287gWorlds Touch
 
The Security Implications of Foreign Hardware & Software February 2019
The Security Implications of Foreign Hardware & Software February 2019The Security Implications of Foreign Hardware & Software February 2019
The Security Implications of Foreign Hardware & Software February 2019ChadCogan
 
Peter Novotny Ignite Talk Ned Feb 26
Peter Novotny Ignite Talk Ned Feb 26Peter Novotny Ignite Talk Ned Feb 26
Peter Novotny Ignite Talk Ned Feb 26MobileActive.org
 
E314456.pdf
E314456.pdfE314456.pdf
E314456.pdfajmrdjournals
 
Where to find border and immigration data
Where to find border and immigration dataWhere to find border and immigration data
Where to find border and immigration databorderzine
 
FBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareFBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareDavid Sweigert
 
HIPAA Security Rule consent agreement with OCR
HIPAA Security Rule consent agreement with OCRHIPAA Security Rule consent agreement with OCR
HIPAA Security Rule consent agreement with OCRDavid Sweigert
 
TDL3 Rootkit Background
TDL3 Rootkit BackgroundTDL3 Rootkit Background
TDL3 Rootkit BackgroundDavid Sweigert
 
Emergency Services Sector Cybersecurity Initiative UASI briefing
Emergency Services Sector Cybersecurity Initiative UASI briefingEmergency Services Sector Cybersecurity Initiative UASI briefing
Emergency Services Sector Cybersecurity Initiative UASI briefingDavid Sweigert
 
Psychology of the Insider Threat
Psychology of the Insider ThreatPsychology of the Insider Threat
Psychology of the Insider ThreatDavid Sweigert
 
Healthcare Contingency Operations by DHHS ASPR
Healthcare Contingency Operations by DHHS ASPRHealthcare Contingency Operations by DHHS ASPR
Healthcare Contingency Operations by DHHS ASPRDavid Sweigert
 
Example of Security Awareness Training -- Department of Aging
Example of Security Awareness Training -- Department of AgingExample of Security Awareness Training -- Department of Aging
Example of Security Awareness Training -- Department of AgingDavid Sweigert
 
Developing Transistion Planning from Cyber Incident Response to Recovery
Developing Transistion Planning from Cyber Incident Response to RecoveryDeveloping Transistion Planning from Cyber Incident Response to Recovery
Developing Transistion Planning from Cyber Incident Response to RecoveryDavid Sweigert
 
NIST Malware Attack Prevention SP 800-83
NIST Malware Attack Prevention SP 800-83NIST Malware Attack Prevention SP 800-83
NIST Malware Attack Prevention SP 800-83David Sweigert
 
Wireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksWireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksDavid Sweigert
 
HIPAA HHS OCR Audit Questions
HIPAA HHS OCR Audit QuestionsHIPAA HHS OCR Audit Questions
HIPAA HHS OCR Audit QuestionsDavid Sweigert
 
Cyber war netwar and the future of cyberdefense
Cyber war netwar and the future of cyberdefense Cyber war netwar and the future of cyberdefense
Cyber war netwar and the future of cyberdefense David Sweigert
 
Use of reverse proxies to counter attacks -- TCP flow analysis
Use of reverse proxies to counter attacks -- TCP flow analysisUse of reverse proxies to counter attacks -- TCP flow analysis
Use of reverse proxies to counter attacks -- TCP flow analysisDavid Sweigert
 
Disaster Recovery planning within HIPAA framework
Disaster Recovery planning within HIPAA frameworkDisaster Recovery planning within HIPAA framework
Disaster Recovery planning within HIPAA frameworkDavid Sweigert
 
Cyber Essentials Requirements for UK Government
Cyber Essentials Requirements for UK GovernmentCyber Essentials Requirements for UK Government
Cyber Essentials Requirements for UK GovernmentDavid Sweigert
 
NIST Patch Management SP 800-40 Rev 3
NIST Patch Management SP 800-40 Rev 3NIST Patch Management SP 800-40 Rev 3
NIST Patch Management SP 800-40 Rev 3David Sweigert
 
Overview of SMB, NetBIOS and other network attacks
Overview of SMB, NetBIOS and other network attacksOverview of SMB, NetBIOS and other network attacks
Overview of SMB, NetBIOS and other network attacksDavid Sweigert
 
Cyber TTX Training Opportunity for mid-January 2017
Cyber TTX Training Opportunity for mid-January 2017Cyber TTX Training Opportunity for mid-January 2017
Cyber TTX Training Opportunity for mid-January 2017David Sweigert
 
Intrusion Detection and Discovery via Log Correlation to support HIPAA Securi...
Intrusion Detection and Discovery via Log Correlation to support HIPAA Securi...Intrusion Detection and Discovery via Log Correlation to support HIPAA Securi...
Intrusion Detection and Discovery via Log Correlation to support HIPAA Securi...David Sweigert
 
Cyber Threats that impact the US Energy Infrastructure
Cyber Threats that impact the US Energy InfrastructureCyber Threats that impact the US Energy Infrastructure
Cyber Threats that impact the US Energy InfrastructureDavid Sweigert
 
DEF CON 27 - Voting village - report defcon27 hires
DEF CON 27 - Voting village - report defcon27 hiresDEF CON 27 - Voting village - report defcon27 hires
DEF CON 27 - Voting village - report defcon27 hiresFelipe Prado
 
Perspectivesmanage
PerspectivesmanagePerspectivesmanage
PerspectivesmanageArt Bowker
 

More Related Content

Viewers also liked

FBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareFBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareDavid Sweigert
 
HIPAA Security Rule consent agreement with OCR
HIPAA Security Rule consent agreement with OCRHIPAA Security Rule consent agreement with OCR
HIPAA Security Rule consent agreement with OCRDavid Sweigert
 
TDL3 Rootkit Background
TDL3 Rootkit BackgroundTDL3 Rootkit Background
TDL3 Rootkit BackgroundDavid Sweigert
 
Emergency Services Sector Cybersecurity Initiative UASI briefing
Emergency Services Sector Cybersecurity Initiative UASI briefingEmergency Services Sector Cybersecurity Initiative UASI briefing
Emergency Services Sector Cybersecurity Initiative UASI briefingDavid Sweigert
 
Psychology of the Insider Threat
Psychology of the Insider ThreatPsychology of the Insider Threat
Psychology of the Insider ThreatDavid Sweigert
 
Healthcare Contingency Operations by DHHS ASPR
Healthcare Contingency Operations by DHHS ASPRHealthcare Contingency Operations by DHHS ASPR
Healthcare Contingency Operations by DHHS ASPRDavid Sweigert
 
Example of Security Awareness Training -- Department of Aging
Example of Security Awareness Training -- Department of AgingExample of Security Awareness Training -- Department of Aging
Example of Security Awareness Training -- Department of AgingDavid Sweigert
 
Developing Transistion Planning from Cyber Incident Response to Recovery
Developing Transistion Planning from Cyber Incident Response to RecoveryDeveloping Transistion Planning from Cyber Incident Response to Recovery
Developing Transistion Planning from Cyber Incident Response to RecoveryDavid Sweigert
 
NIST Malware Attack Prevention SP 800-83
NIST Malware Attack Prevention SP 800-83NIST Malware Attack Prevention SP 800-83
NIST Malware Attack Prevention SP 800-83David Sweigert
 
Wireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksWireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksDavid Sweigert
 
HIPAA HHS OCR Audit Questions
HIPAA HHS OCR Audit QuestionsHIPAA HHS OCR Audit Questions
HIPAA HHS OCR Audit QuestionsDavid Sweigert
 
Cyber war netwar and the future of cyberdefense
Cyber war netwar and the future of cyberdefense Cyber war netwar and the future of cyberdefense
Cyber war netwar and the future of cyberdefense David Sweigert
 
Use of reverse proxies to counter attacks -- TCP flow analysis
Use of reverse proxies to counter attacks -- TCP flow analysisUse of reverse proxies to counter attacks -- TCP flow analysis
Use of reverse proxies to counter attacks -- TCP flow analysisDavid Sweigert
 
Disaster Recovery planning within HIPAA framework
Disaster Recovery planning within HIPAA frameworkDisaster Recovery planning within HIPAA framework
Disaster Recovery planning within HIPAA frameworkDavid Sweigert
 
Cyber Essentials Requirements for UK Government
Cyber Essentials Requirements for UK GovernmentCyber Essentials Requirements for UK Government
Cyber Essentials Requirements for UK GovernmentDavid Sweigert
 
NIST Patch Management SP 800-40 Rev 3
NIST Patch Management SP 800-40 Rev 3NIST Patch Management SP 800-40 Rev 3
NIST Patch Management SP 800-40 Rev 3David Sweigert
 
Overview of SMB, NetBIOS and other network attacks
Overview of SMB, NetBIOS and other network attacksOverview of SMB, NetBIOS and other network attacks
Overview of SMB, NetBIOS and other network attacksDavid Sweigert
 
Cyber TTX Training Opportunity for mid-January 2017
Cyber TTX Training Opportunity for mid-January 2017Cyber TTX Training Opportunity for mid-January 2017
Cyber TTX Training Opportunity for mid-January 2017David Sweigert
 
Intrusion Detection and Discovery via Log Correlation to support HIPAA Securi...
Intrusion Detection and Discovery via Log Correlation to support HIPAA Securi...Intrusion Detection and Discovery via Log Correlation to support HIPAA Securi...
Intrusion Detection and Discovery via Log Correlation to support HIPAA Securi...David Sweigert
 
Cyber Threats that impact the US Energy Infrastructure
Cyber Threats that impact the US Energy InfrastructureCyber Threats that impact the US Energy Infrastructure
Cyber Threats that impact the US Energy InfrastructureDavid Sweigert
 

Viewers also liked (20)

FBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareFBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from Ransomware
 
HIPAA Security Rule consent agreement with OCR
HIPAA Security Rule consent agreement with OCRHIPAA Security Rule consent agreement with OCR
HIPAA Security Rule consent agreement with OCR
 
TDL3 Rootkit Background
TDL3 Rootkit BackgroundTDL3 Rootkit Background
TDL3 Rootkit Background
 
Emergency Services Sector Cybersecurity Initiative UASI briefing
Emergency Services Sector Cybersecurity Initiative UASI briefingEmergency Services Sector Cybersecurity Initiative UASI briefing
Emergency Services Sector Cybersecurity Initiative UASI briefing
 
Psychology of the Insider Threat
Psychology of the Insider ThreatPsychology of the Insider Threat
Psychology of the Insider Threat
 
Healthcare Contingency Operations by DHHS ASPR
Healthcare Contingency Operations by DHHS ASPRHealthcare Contingency Operations by DHHS ASPR
Healthcare Contingency Operations by DHHS ASPR
 
Example of Security Awareness Training -- Department of Aging
Example of Security Awareness Training -- Department of AgingExample of Security Awareness Training -- Department of Aging
Example of Security Awareness Training -- Department of Aging
 
Developing Transistion Planning from Cyber Incident Response to Recovery
Developing Transistion Planning from Cyber Incident Response to RecoveryDeveloping Transistion Planning from Cyber Incident Response to Recovery
Developing Transistion Planning from Cyber Incident Response to Recovery
 
NIST Malware Attack Prevention SP 800-83
NIST Malware Attack Prevention SP 800-83NIST Malware Attack Prevention SP 800-83
NIST Malware Attack Prevention SP 800-83
 
Wireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksWireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication Attacks
 
HIPAA HHS OCR Audit Questions
HIPAA HHS OCR Audit QuestionsHIPAA HHS OCR Audit Questions
HIPAA HHS OCR Audit Questions
 
Cyber war netwar and the future of cyberdefense
Cyber war netwar and the future of cyberdefense Cyber war netwar and the future of cyberdefense
Cyber war netwar and the future of cyberdefense
 
Use of reverse proxies to counter attacks -- TCP flow analysis
Use of reverse proxies to counter attacks -- TCP flow analysisUse of reverse proxies to counter attacks -- TCP flow analysis
Use of reverse proxies to counter attacks -- TCP flow analysis
 
Disaster Recovery planning within HIPAA framework
Disaster Recovery planning within HIPAA frameworkDisaster Recovery planning within HIPAA framework
Disaster Recovery planning within HIPAA framework
 
Cyber Essentials Requirements for UK Government
Cyber Essentials Requirements for UK GovernmentCyber Essentials Requirements for UK Government
Cyber Essentials Requirements for UK Government
 
NIST Patch Management SP 800-40 Rev 3
NIST Patch Management SP 800-40 Rev 3NIST Patch Management SP 800-40 Rev 3
NIST Patch Management SP 800-40 Rev 3
 
Overview of SMB, NetBIOS and other network attacks
Overview of SMB, NetBIOS and other network attacksOverview of SMB, NetBIOS and other network attacks
Overview of SMB, NetBIOS and other network attacks
 
Cyber TTX Training Opportunity for mid-January 2017
Cyber TTX Training Opportunity for mid-January 2017Cyber TTX Training Opportunity for mid-January 2017
Cyber TTX Training Opportunity for mid-January 2017
 
Intrusion Detection and Discovery via Log Correlation to support HIPAA Securi...
Intrusion Detection and Discovery via Log Correlation to support HIPAA Securi...Intrusion Detection and Discovery via Log Correlation to support HIPAA Securi...
Intrusion Detection and Discovery via Log Correlation to support HIPAA Securi...
 
Cyber Threats that impact the US Energy Infrastructure
Cyber Threats that impact the US Energy InfrastructureCyber Threats that impact the US Energy Infrastructure
Cyber Threats that impact the US Energy Infrastructure
 

Similar to Russian Hacker Cyber Threats to US Voting Infrastructure

DEF CON 27 - Voting village - report defcon27 hires
DEF CON 27 - Voting village - report defcon27 hiresDEF CON 27 - Voting village - report defcon27 hires
DEF CON 27 - Voting village - report defcon27 hiresFelipe Prado
 
Perspectivesmanage
PerspectivesmanagePerspectivesmanage
PerspectivesmanageArt Bowker
 
Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting David Sweigert
 
Samuel GarasAugust 31, 2016Current Event #1Critics Say North C.docx
Samuel GarasAugust 31, 2016Current Event #1Critics Say North C.docxSamuel GarasAugust 31, 2016Current Event #1Critics Say North C.docx
Samuel GarasAugust 31, 2016Current Event #1Critics Say North C.docxanhlodge
 
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...The Federal Government's Track Record on Cybersecurity and Critical Infrastru...
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...- Mark - Fullbright
 
Complaint cj-pearson-v.-kemp-11.25.2020
Complaint cj-pearson-v.-kemp-11.25.2020Complaint cj-pearson-v.-kemp-11.25.2020
Complaint cj-pearson-v.-kemp-11.25.2020ELIAS OMEGA
 
Review DNI WTAs for 2015 and 2016 (see attached). Compare and con.docx
Review DNI WTAs for 2015 and 2016 (see attached). Compare and con.docxReview DNI WTAs for 2015 and 2016 (see attached). Compare and con.docx
Review DNI WTAs for 2015 and 2016 (see attached). Compare and con.docxronak56
 
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...David Sweigert
 
Election Security 2020
Election Security 2020Election Security 2020
Election Security 2020Roger Johnston
 
Data Breach Research Plan 72415 FINAL
Data Breach Research Plan 72415 FINALData Breach Research Plan 72415 FINAL
Data Breach Research Plan 72415 FINALJoseph White MPA CPM
 
CitizenReporting_for_Crime_Analysis
CitizenReporting_for_Crime_AnalysisCitizenReporting_for_Crime_Analysis
CitizenReporting_for_Crime_AnalysisPatrick Floto
 
Congressional_Election_Fraud_Briefing_4JAN2021-v2.0.ppt
Congressional_Election_Fraud_Briefing_4JAN2021-v2.0.pptCongressional_Election_Fraud_Briefing_4JAN2021-v2.0.ppt
Congressional_Election_Fraud_Briefing_4JAN2021-v2.0.pptssuserc3b3ed1
 
Complaint cj-pearson-v.-kemp-11.25.2020
Complaint cj-pearson-v.-kemp-11.25.2020Complaint cj-pearson-v.-kemp-11.25.2020
Complaint cj-pearson-v.-kemp-11.25.2020Kenneth Hogge Sr
 
Please answer this short question asap. Thanks in advance. 1.What .pdf
Please answer this short question asap. Thanks in advance. 1.What .pdfPlease answer this short question asap. Thanks in advance. 1.What .pdf
Please answer this short question asap. Thanks in advance. 1.What .pdfagarshailenterprises
 
Government Employs Backdoor Searches ACSB standards- Social and Ethica.docx
Government Employs Backdoor Searches ACSB standards- Social and Ethica.docxGovernment Employs Backdoor Searches ACSB standards- Social and Ethica.docx
Government Employs Backdoor Searches ACSB standards- Social and Ethica.docxLeonardN9WWelchw
 
Using Apache Spark and Differential Privacy for Protecting the Privacy of the...
Using Apache Spark and Differential Privacy for Protecting the Privacy of the...Using Apache Spark and Differential Privacy for Protecting the Privacy of the...
Using Apache Spark and Differential Privacy for Protecting the Privacy of the...Databricks
 
Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Jordan Peacock
 

Similar to Russian Hacker Cyber Threats to US Voting Infrastructure (20)

DEF CON 27 - Voting village - report defcon27 hires
DEF CON 27 - Voting village - report defcon27 hiresDEF CON 27 - Voting village - report defcon27 hires
DEF CON 27 - Voting village - report defcon27 hires
 
Perspectivesmanage
PerspectivesmanagePerspectivesmanage
Perspectivesmanage
 
Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting
 
Samuel GarasAugust 31, 2016Current Event #1Critics Say North C.docx
Samuel GarasAugust 31, 2016Current Event #1Critics Say North C.docxSamuel GarasAugust 31, 2016Current Event #1Critics Say North C.docx
Samuel GarasAugust 31, 2016Current Event #1Critics Say North C.docx
 
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...The Federal Government's Track Record on Cybersecurity and Critical Infrastru...
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...
 
Complaint cj-pearson-v.-kemp-11.25.2020
Complaint cj-pearson-v.-kemp-11.25.2020Complaint cj-pearson-v.-kemp-11.25.2020
Complaint cj-pearson-v.-kemp-11.25.2020
 
Review DNI WTAs for 2015 and 2016 (see attached). Compare and con.docx
Review DNI WTAs for 2015 and 2016 (see attached). Compare and con.docxReview DNI WTAs for 2015 and 2016 (see attached). Compare and con.docx
Review DNI WTAs for 2015 and 2016 (see attached). Compare and con.docx
 
The Power of Identity
The Power of IdentityThe Power of Identity
The Power of Identity
 
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
 
Election Security 2020
Election Security 2020Election Security 2020
Election Security 2020
 
Data Breach Research Plan 72415 FINAL
Data Breach Research Plan 72415 FINALData Breach Research Plan 72415 FINAL
Data Breach Research Plan 72415 FINAL
 
CitizenReporting_for_Crime_Analysis
CitizenReporting_for_Crime_AnalysisCitizenReporting_for_Crime_Analysis
CitizenReporting_for_Crime_Analysis
 
Congressional_Election_Fraud_Briefing_4JAN2021-v2.0.ppt
Congressional_Election_Fraud_Briefing_4JAN2021-v2.0.pptCongressional_Election_Fraud_Briefing_4JAN2021-v2.0.ppt
Congressional_Election_Fraud_Briefing_4JAN2021-v2.0.ppt
 
Complaint cj-pearson-v.-kemp-11.25.2020
Complaint cj-pearson-v.-kemp-11.25.2020Complaint cj-pearson-v.-kemp-11.25.2020
Complaint cj-pearson-v.-kemp-11.25.2020
 
Please answer this short question asap. Thanks in advance. 1.What .pdf
Please answer this short question asap. Thanks in advance. 1.What .pdfPlease answer this short question asap. Thanks in advance. 1.What .pdf
Please answer this short question asap. Thanks in advance. 1.What .pdf
 
privtechsomeassemb
privtechsomeassembprivtechsomeassemb
privtechsomeassemb
 
Government Employs Backdoor Searches ACSB standards- Social and Ethica.docx
Government Employs Backdoor Searches ACSB standards- Social and Ethica.docxGovernment Employs Backdoor Searches ACSB standards- Social and Ethica.docx
Government Employs Backdoor Searches ACSB standards- Social and Ethica.docx
 
RSTREET17
RSTREET17RSTREET17
RSTREET17
 
Using Apache Spark and Differential Privacy for Protecting the Privacy of the...
Using Apache Spark and Differential Privacy for Protecting the Privacy of the...Using Apache Spark and Differential Privacy for Protecting the Privacy of the...
Using Apache Spark and Differential Privacy for Protecting the Privacy of the...
 
Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]
 

More from David Sweigert

The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)
The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)
The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)David Sweigert
 
Sample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark AnalysisSample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark AnalysisDavid Sweigert
 
National Cyber Security Awareness Month poster
National Cyber Security Awareness Month posterNational Cyber Security Awareness Month poster
National Cyber Security Awareness Month posterDavid Sweigert
 
Department of Defense standard 8570 - CompTia Advanced Security Practitioner
Department of Defense standard 8570 - CompTia Advanced Security Practitioner Department of Defense standard 8570 - CompTia Advanced Security Practitioner
Department of Defense standard 8570 - CompTia Advanced Security Practitioner David Sweigert
 
National Cyber Security Awareness Month - October 2017
National Cyber Security Awareness Month - October 2017National Cyber Security Awareness Month - October 2017
National Cyber Security Awareness Month - October 2017David Sweigert
 
California Attorney General Notification Penal Code 646.9
California Attorney General Notification Penal Code 646.9California Attorney General Notification Penal Code 646.9
California Attorney General Notification Penal Code 646.9David Sweigert
 
Congressional support of Ethical Hacking and Cyber Security
Congressional support of Ethical Hacking and Cyber SecurityCongressional support of Ethical Hacking and Cyber Security
Congressional support of Ethical Hacking and Cyber SecurityDavid Sweigert
 
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)David Sweigert
 
Application of Racketeering Law to Suppress CrowdStalking Threats
Application of Racketeering Law to Suppress CrowdStalking ThreatsApplication of Racketeering Law to Suppress CrowdStalking Threats
Application of Racketeering Law to Suppress CrowdStalking ThreatsDavid Sweigert
 
Canada Communications Security Establishment - Threat Vector Chart
Canada Communications Security Establishment - Threat Vector ChartCanada Communications Security Establishment - Threat Vector Chart
Canada Communications Security Establishment - Threat Vector ChartDavid Sweigert
 
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...Port of Charleston evacuation case study: The cognitive threat of conspiracy ...
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...David Sweigert
 
Cyber Incident Response Team NIMS Public Comment
Cyber Incident Response Team NIMS Public CommentCyber Incident Response Team NIMS Public Comment
Cyber Incident Response Team NIMS Public CommentDavid Sweigert
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentDavid Sweigert
 
National Incident Management System (NIMS) NQS DRAFT
National Incident Management System (NIMS) NQS DRAFTNational Incident Management System (NIMS) NQS DRAFT
National Incident Management System (NIMS) NQS DRAFTDavid Sweigert
 
National Incident Management System - NQS Public Feedback
National Incident Management System - NQS Public FeedbackNational Incident Management System - NQS Public Feedback
National Incident Management System - NQS Public FeedbackDavid Sweigert
 
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERT
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERTNursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERT
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERTDavid Sweigert
 
National Preparedness Goals 2015 2nd edition
National Preparedness Goals 2015 2nd editionNational Preparedness Goals 2015 2nd edition
National Preparedness Goals 2015 2nd editionDavid Sweigert
 
Healthcare Sector-wide Disaster Prepardness Plan
Healthcare Sector-wide Disaster Prepardness PlanHealthcare Sector-wide Disaster Prepardness Plan
Healthcare Sector-wide Disaster Prepardness PlanDavid Sweigert
 
Cyber Risk Assessment for the Emergency Services Sector - DHS
Cyber Risk Assessment for the Emergency Services Sector - DHSCyber Risk Assessment for the Emergency Services Sector - DHS
Cyber Risk Assessment for the Emergency Services Sector - DHSDavid Sweigert
 
Exam notes for the Certified in Homeland Security -- Level II
Exam notes for the Certified in Homeland Security -- Level IIExam notes for the Certified in Homeland Security -- Level II
Exam notes for the Certified in Homeland Security -- Level IIDavid Sweigert
 

More from David Sweigert (20)

The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)
The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)
The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)
 
Sample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark AnalysisSample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark Analysis
 
National Cyber Security Awareness Month poster
National Cyber Security Awareness Month posterNational Cyber Security Awareness Month poster
National Cyber Security Awareness Month poster
 
Department of Defense standard 8570 - CompTia Advanced Security Practitioner
Department of Defense standard 8570 - CompTia Advanced Security Practitioner Department of Defense standard 8570 - CompTia Advanced Security Practitioner
Department of Defense standard 8570 - CompTia Advanced Security Practitioner
 
National Cyber Security Awareness Month - October 2017
National Cyber Security Awareness Month - October 2017National Cyber Security Awareness Month - October 2017
National Cyber Security Awareness Month - October 2017
 
California Attorney General Notification Penal Code 646.9
California Attorney General Notification Penal Code 646.9California Attorney General Notification Penal Code 646.9
California Attorney General Notification Penal Code 646.9
 
Congressional support of Ethical Hacking and Cyber Security
Congressional support of Ethical Hacking and Cyber SecurityCongressional support of Ethical Hacking and Cyber Security
Congressional support of Ethical Hacking and Cyber Security
 
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
 
Application of Racketeering Law to Suppress CrowdStalking Threats
Application of Racketeering Law to Suppress CrowdStalking ThreatsApplication of Racketeering Law to Suppress CrowdStalking Threats
Application of Racketeering Law to Suppress CrowdStalking Threats
 
Canada Communications Security Establishment - Threat Vector Chart
Canada Communications Security Establishment - Threat Vector ChartCanada Communications Security Establishment - Threat Vector Chart
Canada Communications Security Establishment - Threat Vector Chart
 
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...Port of Charleston evacuation case study: The cognitive threat of conspiracy ...
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...
 
Cyber Incident Response Team NIMS Public Comment
Cyber Incident Response Team NIMS Public CommentCyber Incident Response Team NIMS Public Comment
Cyber Incident Response Team NIMS Public Comment
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public Comment
 
National Incident Management System (NIMS) NQS DRAFT
National Incident Management System (NIMS) NQS DRAFTNational Incident Management System (NIMS) NQS DRAFT
National Incident Management System (NIMS) NQS DRAFT
 
National Incident Management System - NQS Public Feedback
National Incident Management System - NQS Public FeedbackNational Incident Management System - NQS Public Feedback
National Incident Management System - NQS Public Feedback
 
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERT
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERTNursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERT
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERT
 
National Preparedness Goals 2015 2nd edition
National Preparedness Goals 2015 2nd editionNational Preparedness Goals 2015 2nd edition
National Preparedness Goals 2015 2nd edition
 
Healthcare Sector-wide Disaster Prepardness Plan
Healthcare Sector-wide Disaster Prepardness PlanHealthcare Sector-wide Disaster Prepardness Plan
Healthcare Sector-wide Disaster Prepardness Plan
 
Cyber Risk Assessment for the Emergency Services Sector - DHS
Cyber Risk Assessment for the Emergency Services Sector - DHSCyber Risk Assessment for the Emergency Services Sector - DHS
Cyber Risk Assessment for the Emergency Services Sector - DHS
 
Exam notes for the Certified in Homeland Security -- Level II
Exam notes for the Certified in Homeland Security -- Level IIExam notes for the Certified in Homeland Security -- Level II
Exam notes for the Certified in Homeland Security -- Level II
 

Recently uploaded

Russian Call Girls in Pune Tanvi 9907093804 Short 1500 Night 6000 Best call g...
Russian Call Girls in Pune Tanvi 9907093804 Short 1500 Night 6000 Best call g...Russian Call Girls in Pune Tanvi 9907093804 Short 1500 Night 6000 Best call g...
Russian Call Girls in Pune Tanvi 9907093804 Short 1500 Night 6000 Best call g...Miss joya
 
Russian Call Girls in Bangalore Manisha 7001305949 Independent Escort Service...
Russian Call Girls in Bangalore Manisha 7001305949 Independent Escort Service...Russian Call Girls in Bangalore Manisha 7001305949 Independent Escort Service...
Russian Call Girls in Bangalore Manisha 7001305949 Independent Escort Service...narwatsonia7
 
Call Girls Colaba Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls Colaba Mumbai ❤️ 9920874524 👈 Cash on DeliveryCall Girls Colaba Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls Colaba Mumbai ❤️ 9920874524 👈 Cash on Deliverynehamumbai
 
Call Girls Yelahanka Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Yelahanka Just Call 7001305949 Top Class Call Girl Service AvailableCall Girls Yelahanka Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Yelahanka Just Call 7001305949 Top Class Call Girl Service Availablenarwatsonia7
 
Low Rate Call Girls Ambattur Anika 8250192130 Independent Escort Service Amba...
Low Rate Call Girls Ambattur Anika 8250192130 Independent Escort Service Amba...Low Rate Call Girls Ambattur Anika 8250192130 Independent Escort Service Amba...
Low Rate Call Girls Ambattur Anika 8250192130 Independent Escort Service Amba...narwatsonia7
 
Call Girls Service in Bommanahalli - 7001305949 with real photos and phone nu...
Call Girls Service in Bommanahalli - 7001305949 with real photos and phone nu...Call Girls Service in Bommanahalli - 7001305949 with real photos and phone nu...
Call Girls Service in Bommanahalli - 7001305949 with real photos and phone nu...narwatsonia7
 
Russian Call Girls Chickpet - 7001305949 Booking and charges genuine rate for...
Russian Call Girls Chickpet - 7001305949 Booking and charges genuine rate for...Russian Call Girls Chickpet - 7001305949 Booking and charges genuine rate for...
Russian Call Girls Chickpet - 7001305949 Booking and charges genuine rate for...narwatsonia7
 
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.Artifacts in Nuclear Medicine with Identifying and resolving artifacts.
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.MiadAlsulami
 
Call Girls Service Noida Maya 9711199012 Independent Escort Service Noida
Call Girls Service Noida Maya 9711199012 Independent Escort Service NoidaCall Girls Service Noida Maya 9711199012 Independent Escort Service Noida
Call Girls Service Noida Maya 9711199012 Independent Escort Service NoidaPooja Gupta
 
VIP Call Girls Indore Kirti 💚😋 9256729539 🚀 Indore Escorts
VIP Call Girls Indore Kirti 💚😋 9256729539 🚀 Indore EscortsVIP Call Girls Indore Kirti 💚😋 9256729539 🚀 Indore Escorts
VIP Call Girls Indore Kirti 💚😋 9256729539 🚀 Indore Escortsaditipandeya
 
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy Girls
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy GirlsCall Girls In Andheri East Call 9920874524 Book Hot And Sexy Girls
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy Girlsnehamumbai
 
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...Miss joya
 
Low Rate Call Girls Pune Esha 9907093804 Short 1500 Night 6000 Best call girl...
Low Rate Call Girls Pune Esha 9907093804 Short 1500 Night 6000 Best call girl...Low Rate Call Girls Pune Esha 9907093804 Short 1500 Night 6000 Best call girl...
Low Rate Call Girls Pune Esha 9907093804 Short 1500 Night 6000 Best call girl...Miss joya
 
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...Garima Khatri
 
Russian Call Girls in Chennai Pallavi 9907093804 Independent Call Girls Servi...
Russian Call Girls in Chennai Pallavi 9907093804 Independent Call Girls Servi...Russian Call Girls in Chennai Pallavi 9907093804 Independent Call Girls Servi...
Russian Call Girls in Chennai Pallavi 9907093804 Independent Call Girls Servi...Nehru place Escorts
 
Hi,Fi Call Girl In Mysore Road - 7001305949 | 24x7 Service Available Near Me
Hi,Fi Call Girl In Mysore Road - 7001305949 | 24x7 Service Available Near MeHi,Fi Call Girl In Mysore Road - 7001305949 | 24x7 Service Available Near Me
Hi,Fi Call Girl In Mysore Road - 7001305949 | 24x7 Service Available Near Menarwatsonia7
 
Call Girls Chennai Megha 9907093804 Independent Call Girls Service Chennai
Call Girls Chennai Megha 9907093804 Independent Call Girls Service ChennaiCall Girls Chennai Megha 9907093804 Independent Call Girls Service Chennai
Call Girls Chennai Megha 9907093804 Independent Call Girls Service ChennaiNehru place Escorts
 
Vip Call Girls Anna Salai Chennai 👉 8250192130 ❣️💯 Top Class Girls Available
Vip Call Girls Anna Salai Chennai 👉 8250192130 ❣️💯 Top Class Girls AvailableVip Call Girls Anna Salai Chennai 👉 8250192130 ❣️💯 Top Class Girls Available
Vip Call Girls Anna Salai Chennai 👉 8250192130 ❣️💯 Top Class Girls AvailableNehru place Escorts
 
Call Girl Chennai Indira 9907093804 Independent Call Girls Service Chennai
Call Girl Chennai Indira 9907093804 Independent Call Girls Service ChennaiCall Girl Chennai Indira 9907093804 Independent Call Girls Service Chennai
Call Girl Chennai Indira 9907093804 Independent Call Girls Service ChennaiNehru place Escorts
 

Recently uploaded (20)

Russian Call Girls in Pune Tanvi 9907093804 Short 1500 Night 6000 Best call g...
Russian Call Girls in Pune Tanvi 9907093804 Short 1500 Night 6000 Best call g...Russian Call Girls in Pune Tanvi 9907093804 Short 1500 Night 6000 Best call g...
Russian Call Girls in Pune Tanvi 9907093804 Short 1500 Night 6000 Best call g...
 
Russian Call Girls in Bangalore Manisha 7001305949 Independent Escort Service...
Russian Call Girls in Bangalore Manisha 7001305949 Independent Escort Service...Russian Call Girls in Bangalore Manisha 7001305949 Independent Escort Service...
Russian Call Girls in Bangalore Manisha 7001305949 Independent Escort Service...
 
Call Girls Colaba Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls Colaba Mumbai ❤️ 9920874524 👈 Cash on DeliveryCall Girls Colaba Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls Colaba Mumbai ❤️ 9920874524 👈 Cash on Delivery
 
Call Girls Yelahanka Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Yelahanka Just Call 7001305949 Top Class Call Girl Service AvailableCall Girls Yelahanka Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Yelahanka Just Call 7001305949 Top Class Call Girl Service Available
 
Low Rate Call Girls Ambattur Anika 8250192130 Independent Escort Service Amba...
Low Rate Call Girls Ambattur Anika 8250192130 Independent Escort Service Amba...Low Rate Call Girls Ambattur Anika 8250192130 Independent Escort Service Amba...
Low Rate Call Girls Ambattur Anika 8250192130 Independent Escort Service Amba...
 
Call Girls Service in Bommanahalli - 7001305949 with real photos and phone nu...
Call Girls Service in Bommanahalli - 7001305949 with real photos and phone nu...Call Girls Service in Bommanahalli - 7001305949 with real photos and phone nu...
Call Girls Service in Bommanahalli - 7001305949 with real photos and phone nu...
 
Russian Call Girls Chickpet - 7001305949 Booking and charges genuine rate for...
Russian Call Girls Chickpet - 7001305949 Booking and charges genuine rate for...Russian Call Girls Chickpet - 7001305949 Booking and charges genuine rate for...
Russian Call Girls Chickpet - 7001305949 Booking and charges genuine rate for...
 
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.Artifacts in Nuclear Medicine with Identifying and resolving artifacts.
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.
 
Call Girls Service Noida Maya 9711199012 Independent Escort Service Noida
Call Girls Service Noida Maya 9711199012 Independent Escort Service NoidaCall Girls Service Noida Maya 9711199012 Independent Escort Service Noida
Call Girls Service Noida Maya 9711199012 Independent Escort Service Noida
 
VIP Call Girls Indore Kirti 💚😋 9256729539 🚀 Indore Escorts
VIP Call Girls Indore Kirti 💚😋 9256729539 🚀 Indore EscortsVIP Call Girls Indore Kirti 💚😋 9256729539 🚀 Indore Escorts
VIP Call Girls Indore Kirti 💚😋 9256729539 🚀 Indore Escorts
 
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy Girls
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy GirlsCall Girls In Andheri East Call 9920874524 Book Hot And Sexy Girls
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy Girls
 
Russian Call Girls in Delhi Tanvi ➡️ 9711199012 💋📞 Independent Escort Service...
Russian Call Girls in Delhi Tanvi ➡️ 9711199012 💋📞 Independent Escort Service...Russian Call Girls in Delhi Tanvi ➡️ 9711199012 💋📞 Independent Escort Service...
Russian Call Girls in Delhi Tanvi ➡️ 9711199012 💋📞 Independent Escort Service...
 
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...
 
Low Rate Call Girls Pune Esha 9907093804 Short 1500 Night 6000 Best call girl...
Low Rate Call Girls Pune Esha 9907093804 Short 1500 Night 6000 Best call girl...Low Rate Call Girls Pune Esha 9907093804 Short 1500 Night 6000 Best call girl...
Low Rate Call Girls Pune Esha 9907093804 Short 1500 Night 6000 Best call girl...
 
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...
 
Russian Call Girls in Chennai Pallavi 9907093804 Independent Call Girls Servi...
Russian Call Girls in Chennai Pallavi 9907093804 Independent Call Girls Servi...Russian Call Girls in Chennai Pallavi 9907093804 Independent Call Girls Servi...
Russian Call Girls in Chennai Pallavi 9907093804 Independent Call Girls Servi...
 
Hi,Fi Call Girl In Mysore Road - 7001305949 | 24x7 Service Available Near Me
Hi,Fi Call Girl In Mysore Road - 7001305949 | 24x7 Service Available Near MeHi,Fi Call Girl In Mysore Road - 7001305949 | 24x7 Service Available Near Me
Hi,Fi Call Girl In Mysore Road - 7001305949 | 24x7 Service Available Near Me
 
Call Girls Chennai Megha 9907093804 Independent Call Girls Service Chennai
Call Girls Chennai Megha 9907093804 Independent Call Girls Service ChennaiCall Girls Chennai Megha 9907093804 Independent Call Girls Service Chennai
Call Girls Chennai Megha 9907093804 Independent Call Girls Service Chennai
 
Vip Call Girls Anna Salai Chennai 👉 8250192130 ❣️💯 Top Class Girls Available
Vip Call Girls Anna Salai Chennai 👉 8250192130 ❣️💯 Top Class Girls AvailableVip Call Girls Anna Salai Chennai 👉 8250192130 ❣️💯 Top Class Girls Available
Vip Call Girls Anna Salai Chennai 👉 8250192130 ❣️💯 Top Class Girls Available
 
Call Girl Chennai Indira 9907093804 Independent Call Girls Service Chennai
Call Girl Chennai Indira 9907093804 Independent Call Girls Service ChennaiCall Girl Chennai Indira 9907093804 Independent Call Girls Service Chennai
Call Girl Chennai Indira 9907093804 Independent Call Girls Service Chennai
 

Russian Hacker Cyber Threats to US Voting Infrastructure

  • 1. I N T E L L I G E N C E A S S E S S M E N T U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y (U//FOUO) CyberThreats andVulnerabilities to US Election Infrastructure 20 September 2016 National Protection and Programs Directorate Office of Intelligence and Analysis IA-0213-16 (U) Warning: This document is UNCLASSIFIED//FOR OFFICIAL USE ONLY (U//FOUO). It contains information that may be exempt from public release under the Freedom of Information Act (5 U.S.C. 552). It is to be controlled, stored, handled, transmitted, distributed, and disposed of in accordance with DHS policy relating to FOUO information and is not to be released to the public, the media, or other personnel who do not have a valid need to know without prior approval of an authorized DHS official. State and local homeland security officials may share this document with authorized critical infrastructure and key resource personnel and private sector security officials without further approval from DHS (U) All US person information has been minimized. Should you require the minimized US person information, please contact the I&A Production Branch at IA.PM@hq.dhs.gov, IA.PM@dhs.sgov.gov, or IA.PM@dhs.ic. U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y
  • 2. U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y Page 1 of 4 20 September 2016 (U//FOUO) Cyber Threats and Vulnerabilities to US Election Infrastructure (U//FOUO) Prepared by the Office of Intelligence and Analysis (I&A) and the Office of Cyber and Infrastructure Analysis (OCIA). (U) Scope (U//FOUO) This Assessment provides a baseline understanding of cyber threats to computer-enabled US election infrastructure. This Assessment discusses cyber risk and provides mitigation measures to owners and operators of US election infrastructure. This Assessment is intended to assist state and local governments in protecting, preventing, mitigating, and responding to cyber incidents against US election infrastructure. (U) Key Judgments (U//FOUO) DHS has no indication that adversaries or criminals are planning cyber operations against US election infrastructure that would change the outcome of the coming US election. Multiple checks and redundancies in US election infrastructure—including diversity of systems, non-Internet connected voting machines, pre-election testing, and processes for media, campaign, and election officials to check, audit, and validate results—make it likely that cyber manipulation of US election systems intended to change the outcome of a national election would be detected. (U//FOUO) We judge cybercriminals and criminal hackers are likely to continue to target personally identifiable information (PII), such as that available in voter registration databases. We have no indication, however, that criminals are planning theft of voter information to disrupt or alter US computer-enabled election infrastructure. (U//FOUO) We assess multiple elements of US election infrastructure are potentially vulnerable to cyber intrusions. The risk to US computer-enabled election systems varies from county to county, between types of devices used, and among processes used by polling stations. (U) US Computer-Enabled Election Infrastructure (U) US election infrastructure is a diverse set of assets, systems, and networks, both public and private. Based on our analysis of each phase of the election process, the following election infrastructure represents the key computer-enabled assets, systems, and networks most critical to the security and resilience of the election process. » (U) Electronic voting systems and associated infrastructure located at polling places during voting. » (U) Information technology infrastructure and systems used to maintain voter registration databases. » (U) Information technology infrastructure and systems used to manage elections, which may include systems that count, audit, and display election results on election night, as well as for post-election reporting used to certify and validate results.
  • 3. U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y Page 2 of 4 (U) Election Processes: Some Computer-Enabled (U//FOUO) No Indication of Cyber Operations to Change Vote Outcome (U//FOUO) DHS has no indication that adversaries or criminals are planning cyber operations against US election infrastructure that would change the outcome of the coming US election. Multiple checks and redundancies in US election infrastructure—including diversity of systems, non-Internet connected voting machines, pre-election testing, and processes for media, campaigns and election officials to check, audit, and validate results—make it likely that cyber manipulation of US election systems intended to change the outcome of a national election would be detected. » (U//FOUO) We assess that successfully mounting widespread cyber operations against US voting machines, enough to affect a national election, would require a multiyear effort with significant human and information technology resources available only to a nation-state. The level of effort and scale required to change the outcome of a national election, however, would make it nearly impossible to avoid detection. This assessment is based on the diversity of systems, the need for physical access to compromise voting machines, and the security and pre-election testing employed by state and local officials.* In addition, the vast majority of localities engage in logic and accuracy testing, which work to ensure voting machines operate and tabulate as expected—before, during, and after the election. » (U//FOUO) We judge, as a whole, voter registration databases are resilient to systemic, nationwide cyber manipulation because of the diverse systems and security measures surrounding them. Targeted intrusions against individual voter registration databases, however, are possible. Additionally, with illicit access, manipulation of voter * (U) Voting precincts in more than 3,100 counties across the United States use nearly 50 different types of voting machines produced by 14 different manufacturers. The diversity in voting systems and versions of voting software provides significant security by complicating attack planning. Most voting machines do not have active connections to the Internet. U//FOUO
  • 4. U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y Page 3 of 4 data, or disruptions to their availability, may impact a voter’s ability to vote on Election Day. Most jurisdictions, however, still rely on paper voter rolls or electronic poll books that are not connected in real-time to voter registration databases, limiting the possible impacts in 2016. » (U//FOUO) We assess the impact of an intrusion into vote tabulation systems would likely be contained to the manipulation of unofficial Election Night reporting results, which would not impact the certified outcome of an election, but could undermine public confidence in the results. In addition, local election officials, media organizations, and political campaigns carefully monitor local voting patterns, particularly in electorally significant jurisdictions, and are likely to detect and begin investigating potential anomalies quickly. (U//FOUO) Non-State Actors Likely To Continue Targeting PII, Potentially Attempt Disruption (U//FOUO) We judge cybercriminals and criminal hackers are likely to continue to target voter PII. We have no indication, however, that cybercriminals are planning theft of voter information to disrupt or alter computer-enabled US election infrastructure voting. Politically-motivated criminal hackers could attempt temporary disruptive cyber attacks, such as denial-of-service (DoS) attacks or web defacements against election-related websites, in the lead-up to or during the election process. Disruptive attacks could target public-facing state and local government websites, potentially including election infrastructure used to report election results to the general public and media; however, we judge this activity would likely have little impact on the voting process itself. » (U//FOUO) Unknown cyber actors in mid-July used an open-source scanning tool to identify and exploit a structured query language (SQL) injection vulnerability and exfiltrate PII from a Midwestern state board of elections website, according to FBI sources with excellent access and information provided by a cybersecurity organization supporting states. In at least three other states, voting and non-voting related websites during the same period observed unsuccessful SQL injection attacks from unknown actors, according to the same reporting. » (U//FOUO) Cybercriminals routinely attempt exploitation of misconfigured and vulnerable websites and webservers via SQL injection, brute force login attempts, cross-site scripting, and other publicly known vulnerabilities, according to DHS reporting from sources with direct access. » (U//FOUO) Criminal hackers routinely engage in disruptive attacks such as website defacement and DoS attacks, through exploiting publicly known vulnerabilities and for-hire DoS tools, according to DHS reporting from reliable sources with direct access. (U) Vulnerability of Computer-Enabled Election Systems (U//FOUO) We assess multiple elements of US election infrastructure are potentially vulnerable to cyber intrusions. The risk to computer-enabled election systems, however, varies from county to county, between types of devices used and among processes used by polling stations. » (U//FOUO) Electronic Voting Systems: Security researchers have repeatedly demonstrated in laboratory testing environments that voting machines are vulnerable to compromise, usually with physical access, and such compromises could result in the manipulation of vote totals. Election outcomes would only be impacted if the compromise happened on a large scale across multiple machines or jurisdictions—which we judge to be beyond the capability of any adversary—or in cases of smaller local elections where the margin of victory is at a smaller scale. » (U//FOUO) Voter Registration Databases: Online voter registration systems provide a potential point of vulnerability to enable cyber actors to gain illicit access to voter registration databases. Cyber actors have exploited these portals in the past to gain illicit access to voter information. Compromises of voter registration databases have resulted in the potential release of PII, but not the modification of records—with the exception of one unconfirmed incident of voter registration manipulation reported by US media. The exposure of voters’ information would have limited impact on the integrity of the election process; however, it could undermine confidence in the system and provide the ability to conduct further cyber operations.
  • 5. U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y U N C L A S S I F I E D / / F O R O F F I C I A L U S E O N L Y Page 4 of 4 » (U//FOUO) Public Dissemination of Voting Results: State government information technology solutions generally include a public-facing Internet-connected portion that is used to report election results to the general public and media, which some states have begun migrating to the cloud due to Election Day demand. Vulnerabilities in the public-facing Internet portion could be used to display inaccurate vote results to the public and media. Election Day results are not the official results of the state or local jurisdiction. (U) For further references please see Attachments: 1) (U) US-CERT – Securing Voter Registration Data [Security Tip (ST16-001)], published 15 September 2016, available at https://www.us-cert.gov/ncas/tips/ST16-001 2) (U) USG – Cyber Incident Reporting: A Unified Message for Reporting to the Federal Government, available at https://www.dhs.gov/sites/default/files/publications/Cyber%20Incident%20Reporting%20United%20Message.pdf 3) (U) NPPD – State, Local, Tribal, and Territorial (SLTT) Cybersecurity Engagement (U) Reporting Computer Security Incidents (U) To report a computer security incident, either contact US-CERT at 888-282-0870, or go to https://forms.us- cert.gov/report/ and complete the US-CERT Incident Reporting System form. The US-CERT Incident Reporting System provides a secure, web-enabled means of reporting computer security incidents to US-CERT. An incident is defined as a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard computer security practices. In general, types of activity commonly recognized as violating typical security policies include attempts (either failed or successful) to gain unauthorized access to a system or its data, including personally identifiable information; unwanted disruption or denial of service; the unauthorized use of a system for processing or storing data; and changes to system hardware, firmware, or software without the owner’s knowledge, instruction, or consent. (U) Tracked by: HSEC-1.1, HSEC-1.2, HSEC-1.3 (U) Source Summary Statement (U//FOUO) This Assessment is based on DHS, FBI, and US media reporting, as well as our understanding of cyber actors and their capabilities. We assess these sources provide credible information based on their direct access to the reported information. We have moderate confidence in our assessment that adversaries or criminals are not planning cyber operations that would compromise the vote integrity of the coming election, attempt theft, or conduct short-lived disruptive cyber incidents.