Sep 18, 2018

Cybersecurity firm hosts election hacking war games

Photo: Justin Sullivan/Getty Images

Cybersecurity firm Cybereason will host on Thursday a unique tabletop experiment on election security from its Boston headquarters. Some players will represent a hacker group trying to disrupt the election, while others will play city emergency responders trying to stop it. But these play-hackers won't be allowed to attack the election itself — they will have to disrupt it by disrupting the city, finding ways to keep people from voting.

Why it matters: There are dozens of ways to interfere with an election without touching voting equipment, ranging from causing traffic jams to blasting air conditioning in a polling place on an already cold day. Nearly all of our attention to election security has focused on attacks Russia has already tried or on the most obvious target — the voting machines themselves. But the next wave of attacks won't play by the rulebook we expect bad guys to use.

Tabletop exercises are group games that are sort of like a two-team Dungeons & Dragons — no computers, just paper and brains. It's an interesting scenario to play out in your head. What needs to happen ...

  • Voters need to know where and when to vote. A hacker could conceivably depress voter turnout by uploading false stories about polling place changes or extended hours for polls that plan to close on time.
  • Voters need to get to the polls. Hackers could close a major bridge, preventing people from getting to the polls. They could tie up transportation by informing bus drivers they've been given an extra day off.
  • Voters need to wait in line to cast a vote. False reports of gun violence near polling places or a nearby explosion might reduce the amount of time someone might be willing to wait.

Handicapping the race: These war games split players into a red team of attackers and a blue team of defenders. "I would say the blue team has a fighting chance, but I wouldn’t put it greater than 50%," says Ross Rustici, Cybereason's senior director of intelligence services.

  • The red team has an asymmetric advantage in agility. They get to pick the targets from an endless list of vulnerable systems. And they get to prepare in advance.
  • Defenders have an advantage in terms of nearby and on-the-ground resources from all levels of government, but they are forced to mobilize without preparation or planning. Ed Davis, the former Boston police commissioner known for his leadership during the Boston Marathon bombing, will head up the blue team.
  • "This might be a painful simulation for the blue team," said Rustici, "but if it's painful during the tabletop, they might start coming up with ways to make it less painful in November."

Go deeper

What we know: Deadly Storm Dennis whips at England, Wales and Ireland

Photo: OLI SCARFF/AFP via Getty Images.

At least two deaths are being attributed to Storm Dennis on Monday as it continues to strike at parts of England, Wales and Ireland, per AccuWeather.

The big picture: Dennis is the second-strongest nontropical storm ever recorded in the North Atlantic Ocean. Its hurricane-force winds and heavy rains have caused widespread flooding across the United Kingdom. The army has been deployed in the U.K. to help with flood relief.

Coronavirus cases rise as 14 American evacuees infected

Data: The Center for Systems Science and Engineering at Johns Hopkins, the CDC, and China's NHC; Note: China refers to mainland China and the Diamond Princess is the cruise ship offshore Yokohama, Japan. Map: Danielle Alberti/Axios

14 Americans evacuated from the Diamond Princess cruise ship tested positive for the novel coronavirus before being flown in a "specialist containment" on a plane repatriating U.S. citizens back home, the U.S. government said early Monday.

The big picture: COVID-19 has now killed at least 1,775 people and infected more than 70,000 others. Most cases and all but five of the deaths have occurred in mainland China.

Go deeperArrowUpdated 2 hours ago - Health

The cost of going after Bloomberg

Illustration: Eniola Odetunde/Axios

Here's the growing dilemma for 2020 Democrats vying for a one-on-one showdown with frontrunner Bernie Sanders: Do they have the guts — and the money — to first stop Mike Bloomberg?

Why it matters: Joe Biden, Pete Buttigieg, Amy Klobuchar and Elizabeth Warren all must weigh the costs of punching Bloomberg where he looks most vulnerable: stop-and-frisk, charges of sexism, billionaire entitlement. The more zealous the attacks, the greater the risk he turns his campaign ATM against them.