Gearing up for Cybereason's D.C. election security tabletop exercise.
Cybereason does an interesting thing where the fake bad guys have to tamper with an election without hacking election infrastructure.
Cybereason does an interesting thing where the fake bad guys have to tamper with an election without hacking election infrastructure.
How do you do that? Well, as I wrote last year before Cybereasons first version of this exercise, you can depress voter turn out in targeted, partisan regions by, say, creating a massive traffic jam, or cutting the heat to a Duluth voting center. axios.com/newsletters/ax…
Hacking voting machines and running disinformation campaigns are probably less efficient ways to tamper with a national election than you think.
Strategically depressing voter turnout is probably a more effective approach than you think
Strategically depressing voter turnout is probably a more effective approach than you think
Cybereason folks will head the Red (bad guy), Blue (good guy) and White (referee) teams.
Interesting note: Cybereason has done this a few times and Dani Wood, who will head the Blue Team, is the only person who has led a Blue Team to victory.
If you've never participated in a tabletop wargame before, (a) what are you doing with your weekends? And (b) this is a turn-based game where each team submits a move every 20 minutes.
Here’s the scenario. 
There are a bunch of feds here, including an FBI guy on the Red Team.
Red Team has created traffic problems by tampering with construction schedules and street lights. They've also amplified fears that machines have been hacked, and hacked a few media outlets
Blue Team, who represents local law enforcement has wisely called the feds for help.
Blue Team, who represents local law enforcement has wisely called the feds for help.
Red also briefly downed 911 service.
If you're interested in the feasibility of any of this: here's how a simple phone scam accidentally knocked a 911 service offline.
axios.com/newsletters/ax…
axios.com/newsletters/ax…
Blue Team only just called up police reserves, meaning that the traffic tampering used up all of the police on staff.
Red Team just posted news stories about one candidate having a history of abuse and racial comments.
The Blue Team's deployment of police has caused problems in the city. Deploying SWAT units in advance of problems, mixed with heightened tensions around the city has lead to violent protestor clashes with police.
Red Team has also hacked autonomous vehicles, creating even more traffic.
I really like this traffic approach. I think that increasing the perceived amount of time it would take to vote would dramatically eliminate casual voters.
In past games, other ways of dampening votes included causing gas leaks or faking natural disasters.
In past games, other ways of dampening votes included causing gas leaks or faking natural disasters.
Red Team has a real next-level move coming up.
These games often resemble the Die Hard movie about hacking more than real life instances of hacking - there is more chaos and more hacking going on during the game than would happen in a real 12 hour day.
But scale things back, and you can still see how the impact would work.
But scale things back, and you can still see how the impact would work.
Good turnout by media and other observers today - I've seen at least one congressional aide, as well as several other media outlets.
Red team did this interesting sequence:
They intercepted phone transmissions near the voting machines.
Using the audio of voting supervisors, they used deep fake audio to phish voting officials to get them to reset voting machines with no paper backup
They intercepted phone transmissions near the voting machines.
Using the audio of voting supervisors, they used deep fake audio to phish voting officials to get them to reset voting machines with no paper backup
In reality, you might not need to go through the effort of creating a deep fake to pull this off. But, jeepers, this is really clever.
Red Team just steered a bunch of autonomous vehicles into voting lines.
That's...dark.
That's...dark.
In a previous Cybereason event I'd attended, there was a no murdering rule.
I suppose there's no reason to assume someone trying to tamper with an election would show restraint.
I suppose there's no reason to assume someone trying to tamper with an election would show restraint.
I should note that this event is taking place at Venable's offices. Some of the Venable people with natsec experience are taking part.
Venable has good taste in bagels, but it's tough to find their men's room, even with signs pointing to it.
Venable has good taste in bagels, but it's tough to find their men's room, even with signs pointing to it.
Interesting note: Red Team may have overdone it with the murdering. There's a certain point where the city will call for a new election.
So maybe, just maybe, there's a downside to murder.
That's only really a downside if the goal was to throw the election for a single candidate. If the goal was to force people to question the structure of American democracy, I think they would succeed.
If ESPN needs a play by play announcer for future cyberwar games, I'm available.
Red also called in fake bomb threats using deep fakes. Also might not need the deep fake to do that.
I'm being told Red Team believes it is a terrorist group which, unlike a nation-state, is not concerned about creating an unwanted international incident.
Also, they are not aiming to bolster a candidate, so a new election isn't a problem.
Also, they are not aiming to bolster a candidate, so a new election isn't a problem.
If you take away the murder, this would have been a perfectly good nation-state strategy - they kept people who wanted to vote from voting, which both created distrust in an election and could have swayed an election
Blue Team called off the election.
Game is over
“Congratulations on the highest body count of any time we’ve done this” — Sam Curry
Final results:
“Congratulations on the highest body count of any time we’ve done this” — Sam Curry
Final results:
