With concerns over security for the midterms persisting, the U.S. Department of Homeland Security (DHS) hosted a three-day exercise meant to help various agencies identify ways to improve cybersecurity, preparedness, identification, response, and recovery during elections.
The program, called “Tabletop the Vote 2018,” used tabletop simulations of a potential attack scenario to give participants a chance for discussion and potential impacts to voter confidence, voting, and overall election integrity. The exercise addressed news and social media manipulation, phishing campaigns directed at elections officials and personnel, disruption of voter registration information systems, attacks on board of election websites, malware infections of voting machines and the exploitation of state and county board of election networks.
“Today’s exercise brought together our partners from all levels of government and the private sector in order to test our ability to respond to cyber incidents that could potentially affect an election, and build strong communication and incident response plans across the election community,” DHS Secretary Kirstjen Nielsen said. “The response we have received from this week’s participants has been overwhelmingly positive, and we’ve identified areas we need to collectively focus on ahead of the midterm elections. In this environment, if we prepare individually, then we fail collectively, and I am grateful for everyone’s participation and partnership this week.”
In turn, DHS showed partners how to share cyber threat info and how the federal government helps defend networks. They also elaborated on the process behind the identification of cybersecurity threats and incidents, as well as procedures for requesting state and federal incident response resources in the face of exhausted county or state resources, among others.
In all, partners from 44 states and the District of Columbia participated, along with representatives of the Election Assistance Commission; Department of Defense; Department of Justice; Federal Bureau of Investigation; Office of the Director of National Intelligence; National Institute of Standards and Technology; National Security Agency; and the U.S. Cyber Command.