Sep 18, 2018

Cybersecurity firm hosts election hacking war games

Photo: Justin Sullivan/Getty Images

Cybersecurity firm Cybereason will host on Thursday a unique tabletop experiment on election security from its Boston headquarters. Some players will represent a hacker group trying to disrupt the election, while others will play city emergency responders trying to stop it. But these play-hackers won't be allowed to attack the election itself — they will have to disrupt it by disrupting the city, finding ways to keep people from voting.

Why it matters: There are dozens of ways to interfere with an election without touching voting equipment, ranging from causing traffic jams to blasting air conditioning in a polling place on an already cold day. Nearly all of our attention to election security has focused on attacks Russia has already tried or on the most obvious target — the voting machines themselves. But the next wave of attacks won't play by the rulebook we expect bad guys to use.

Tabletop exercises are group games that are sort of like a two-team Dungeons & Dragons — no computers, just paper and brains. It's an interesting scenario to play out in your head. What needs to happen ...

  • Voters need to know where and when to vote. A hacker could conceivably depress voter turnout by uploading false stories about polling place changes or extended hours for polls that plan to close on time.
  • Voters need to get to the polls. Hackers could close a major bridge, preventing people from getting to the polls. They could tie up transportation by informing bus drivers they've been given an extra day off.
  • Voters need to wait in line to cast a vote. False reports of gun violence near polling places or a nearby explosion might reduce the amount of time someone might be willing to wait.

Handicapping the race: These war games split players into a red team of attackers and a blue team of defenders. "I would say the blue team has a fighting chance, but I wouldn’t put it greater than 50%," says Ross Rustici, Cybereason's senior director of intelligence services.

  • The red team has an asymmetric advantage in agility. They get to pick the targets from an endless list of vulnerable systems. And they get to prepare in advance.
  • Defenders have an advantage in terms of nearby and on-the-ground resources from all levels of government, but they are forced to mobilize without preparation or planning. Ed Davis, the former Boston police commissioner known for his leadership during the Boston Marathon bombing, will head up the blue team.
  • "This might be a painful simulation for the blue team," said Rustici, "but if it's painful during the tabletop, they might start coming up with ways to make it less painful in November."

Go deeper

Updated 11 mins ago - Politics & Policy

Gov. Tim Walz to mobilize Minnesota's full National Guard

Photo: Steel Brooks/Anadolu Agency via Getty Images

Minnesota Gov. Tim Walz announced on Saturday he is activating the full National Guard to respond to street violence in Minneapolis that broke out during protests of a police encounter that left a black man, George Floyd, dead.

Why it matters: This is the first time the state has activated the full National Guard since World War II. " The Minnesota National Guard told Axios in an email that up to 10,000 soldiers and airmen would be deployed after all activations and processing are complete.

Updated 26 mins ago - Science

Live updates: SpaceX attempts to launch NASA astronauts Saturday

SpaceX's Falcon 9 rocket on the launch pad. Photo: NASA/Joel Kowsky

At 3:22 p.m. ET today, SpaceX is expected to launch NASA astronauts Bob Behnken and Doug Hurley to the International Space Station for the first time.

Why it matters: The liftoff — should it go off without a hitch — will be the first time a private company has launched people to orbit. It will also bring crewed launches back to the U.S. for the first time in nine years, since the end of the space shuttle program.

Follow along below for live updates throughout the day...

Updated 41 mins ago - Politics & Policy

Coronavirus dashboard

Illustration: Aïda Amer/Axios

  1. Global: Total confirmed cases as of 1 p.m. ET: 5,974,938— Total deaths: 365,976 — Total recoveries — 2,529,761Map.
  2. U.S.: Total confirmed cases as of 1 p.m. ET: 1,750,203 — Total deaths: 102,906 — Total recoveries: 406,446 — Total tested: 16,099,515Map.
  3. Economy: What U.S. workplaces may look like next — George Floyd's killing and economic calamity are both part of America's unfinished business — The future of mobility in the post-pandemic world.
  4. Public health: CDC pares down guidance on how to reopen houses of worship —  The coronavirus could give bioterrorists ideas, security group warns.
  5. States: New York City will reopen June 8, Cuomo says.
  6. Supreme Court: Chief Justice Roberts sides with liberals in denying challenge to California's pandemic worship rules.