The Misinformation Highway

The EI-ISAC, under the Center for Internet Security (CIS), serves SLTT election offices by sharing information, offering virtual service reviews, and providing communication for election officials. Their mission is to improve cybersecurity through collaboration with DHS and federal partners.

• Cybersecurity
• Collaboration
• Election Offices
• Information Sharing
• Communication

ealy_yde Follow

Uploaded on Feb 15, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. The Misinformation Highway Marci Andino Sr. Director of the EI-ISAC September 22, 2022

2. Center for Internet Security (CIS) Community-driven non profit More than 300 employees Responsible for CIS Controls and CIS Benchmarks Home to the MS-ISAC and EI-ISAC Making the connected world a safer place Confidential & Proprietary TLP:WHITE

3. CIS is Home to the EI-ISAC CIS is a community-driven nonprofit Mission is to Create Confidence in the Connected World Develops security best practices CIS Critical Security Controls and CIS Benchmarks The CISA, CIS, and the EI-ISAC relationship Voluntary and collaborative effort based on a strong partnership Confidential & Proprietary TLP:WHITE

4. Who We Serve +3,457 Members 50 State Election Offices +2,950 Local Election Offices 6 Territorial Election Offices 10 Election Associations 46 Supporting Members 1 Tribe Confidential & Proprietary TLP:WHITE

5. What is the Mission of the EI-ISAC? To improve the overall cybersecurity posture of SLTT election offices, through collaboration and information sharing among members, the U.S. Department of Homeland Security (DHS) and other federal partners, and private sector partners are the keys to success. Confidential & Proprietary TLP:WHITE

6. Virtual Service Review Meet with the EI-ISAC team to review your organization s current status New Review Services Update Contacts Membership Offerings Contact us at: elections@cisecurity.org Confidential & Proprietary TLP:WHITE

7. Communication for Election Officials Content that put elections security topics into context for election officials Confidential & Proprietary TLP:WHITE

8. Malicious Domain Blocking and Reporting (MDBR) Security Focused DNS service: Blocks malicious domain requests before a connection is even established! Simple Implementation: No new hardware or software required Helps limit infections related to: Other cyber threats Known Malware Ransomware Phishing Confidential & Proprietary TLP:WHITE

9. Endpoint Detection and Response (EDR) Partnered with CrowdStrike to deliver endpoint protection services EDR quickly identifies and limits the spread of malicious activity No charge for election offices SOC monitors 24x7x365 Added functionality for additional protection Confidential & Proprietary

10. Malicious Code Analysis Platform (MCAP) A web based service used to submit and analyze suspicious files Documents URLs To request an account: mcap@cisecurity.org Archives Confidential & Proprietary TLP:WHITE

11. The Misinformation Highway

12. What is MDM? Misinformation, Disinformation and Mal-information Misinformation is false, but not created or shared with the intention of causing harm. Disinformation is deliberately created to mislead, harm, or manipulate a person, social group, organization or country. Mal-information is based on fact, but used out of context to mislead, harm, or manipulate. Confidential & Proprietary

13. Where does it come from? Misinformation, Disinformation and Mal-information Variety of sources across digital, social and traditional media Foreign actors Domestic sources Sow divisions Reduce national cohesion Confidential & Proprietary

14. Why do foreign and domestic actors use MDM? Misinformation, Disinformation and Mal-information Seeking to interfere with and undermine elections Cause anxiety, fear and confusion Confidential & Proprietary

15. How does MDM impact election security? Misinformation, Disinformation and Mal-information Procedural interference content related to election procedures that cause confusion and interfere with election officials ability to smoothly administer an election. Participation interference content that might intimidate or deter voters from participating. Confidential & Proprietary

16. How does MDM impact election security? Misinformation, Disinformation and Mal-information Delegitimization of election results content that delegitimizes election results or sows distrust in the integrity of the process based on false or misleading claims. Personnel security content that falsely claims election officials or poll workers are the bad actors attempting to interfere in election results or processes. Confidential & Proprietary

17. Insider Threats Individuals who are a part of an organization and use their access to steal information or otherwise cause damage to that organization. Seasonal employees such as temporary workers in your office and volunteer poll workers pose a potential cyber risk to election offices. 17 Confidential & Proprietary T

18. Insider Threats In election offices, what could insider threats do? Attempt to breach voting systems. Steal sensitive data on voters from internal databases. Use their access to let others into secured areas, bypassing controls that limit access to sensitive areas. Attackers could use information stolen from election offices to further mis/dis-information narratives or sell it to others seeking access to systems. Seek to damage and disrupt the electoral process. 18 Confidential & Proprietary

19. Insider Threats What can you do? Limit access to only the systems employees need Implement network monitoring and logging Use layered security (Albert, EDR and MDBR) Install surveillance systems in sensitive areas Backup critical systems Properly vet new hires Temporary workers, poll workers Train your staff and poll workers about insider threats if you SEE something, SAY something 19 Confidential & Proprietary

20. Pre-Election Misinformation

21. Multiple ballots mailed to me Misinformation Multiple ballots were mailed to me Security around mail ballots is lacking Dead people receive ballots Truth Exaggerated claims Ballot requests instead of ballots Confidential & Proprietary

22. Absentee ballot fraud Misinformation Backdoor way of disenfranchising voters through online voter registration portal Truth The voter information that can be accessed online is publicly disclosable by law Can t change mailing address in the online portal without entering in Driver s License or state ID and the issuance date. Confidential & Proprietary

23. Early Results Misinformation falsified/photoshopped poll numbers to boost a particular candidate s write-in campaign Truth Results are not known/released before election night Ballots are not tabulated until after close of polls on election night Confidential & Proprietary

24. Election Day Misinformation

25. Ballot box security Misinformation Ballot boxes are being moved Ballot boxes thrown away Truth Claims are false Other Notes Use of photos and videos without knowing the context Confidential & Proprietary

26. I am the bad guy Misinformation I threw out ballots I voted multiple times Truth Claims are false Confidential & Proprietary

27. Provisional ballots aren t counted Misinformation Provisional ballot or ballots put in emergency ballot bins aren t counted Truth Provisional ballot rules vary by state they are processed and every single vote is reviewed for eligibility and, assuming they re eligible, counted consistent with state law. Ballots in emergency ballot bins are counted Confidential & Proprietary

28. Polling Place Conditions Misinformation Wrong polling place closing time or conditions Polling place was moved Truth Polling places close in Ohio @ 7:30pm local time @ approx. 4pm ET Confidential & Proprietary

29. Post Election Misinformation

30. Machine Vote Flipping Misinformation Machines were intentionally flipping votes from one candidate to another Truth Machines are rigorously tested and verified before use Machine counts were consistent with audited results Voters verify selections before casting ballot Confidential & Proprietary

31. Ballots > Registered Voters Misinformation There were more ballots than registered voters Truth Voter registration numbers being used were outdated and/or incorrect Confidential & Proprietary

32. Conclusions from 2020 Election infrastructuremis and disinformation isn t going away Central reporting is beneficial for election officials Need to improve efficiency and scale operation for future elections Confidential & Proprietary

33. Reporting Misinformation

34. What to report? Anything on social media that s about your jurisdiction or that pertains to the administration or security of an election that s inaccurate or misleading. Examples: Dates of an election Hours/days the polls are open for absentee/early voting or election day Mail ballot rules Ballot information Polling place locations and status Election night reporting procedures Confidential & Proprietary

35. How to report it? Send an email to misinformation@cisecurity.org Copy others in your state or locality who should see the information Include the following: A screenshot of the social media post and the link Your name, role, jurisdiction and work email address A description of why it is false Citing a law is best Confidential & Proprietary

36. What happens next? The EI-ISAC will: Verify the information You are an election official Forward the report to the social media platforms Forward the report to our partners for situational awareness Cybersecurity and Infrastructure Security Agency (CISA) Department of Homeland Security (DHS) National Association of Secretaries of State (NASS) and National Association of State Election Directors (NASED) Other federal agencies, as appropriate Provide updates Confidential & Proprietary

37. What you should do? Share the report the office of your state s chief election official While we will share it with the relevant social media platforms, you can also share it directly with them, but be clear that you have already reported it to the EI-ISAC. Confidential & Proprietary

38. What should you do if you receive attempts to threaten or intimidate? If you feel there is any change you are in immediate danger, call 911 Contact your FBI Elections Crime Coordinator or local FBI Field Office Contact your CISA Physical Security Advisor (PSA) Confidential & Proprietary

39. Who Do I Contact? EI-ISAC Team: elections@cisecurity.org EI-ISAC Registration https://learn.cisecurity.org/ei-isac-registration Mis-Dis- Information misinformation@cisecurity.org Marci Andino Marci.Andino@cisecurity.org Confidential & Proprietary TLP:WHITE

40. Thank You! Marci Andino 518-516-3132 Marci.andino@cisecurity.org elections@cisecurity.org