The RSA’s Red Team exercise highlights selection threats from deepfakes and fake news

1642010123 The RSAs Red Team exercise highlights selection threats from deepfakes

In the RSA 2022 simulation, the Red Team hacked email accounts, created in-depth videos and distributed disinfection on Election Day in Adversaria.

Bad actors who want to make a choice can do enough harm without obstructing voter registers or voting machines. Business email negotiation, social media takeovers, and even access to city cameras and traffic signals can cause a lot of trouble in influencing voters and election results.

At RSA 2022, Cybereason gathered a group of journalists and other conference attendees such as the Red Team, who were tasked with creating just enough anarchy to make the inhabitants of the fictional city of Adversaria skeptical of election results.

SEE: fiasco app caucus Iowa: How It Happened and Lessons Learned (Free PDF) (Technology Republic)


    Deepfake videos and social media takeovers

    Police and city officers led the Blue Team, defended the election, responded to in-depth videos and took over social media.

    The 90-minute session represented Election Day, with each round covering three hours of the day. The Red Team was given a list of abilities at the start of the game that included access to:

    In each five-minute round, the Red Team was able to take two actions and execute another action that could be a new attack vector.

    The Red Team summoned a bomb threat to a busy conference center, created in-depth videos of election workers throwing ballots, shut down the traffic control system in some areas, and sent false reports to the TV station about places voting closes.

    SEE: Glossary: ​​Measures against cybersecurity (TechRepublic Premium)

    Measuring the effect of selective inhibition

    During the simulation, the White Team reviewed actions from both sides and determined how these moves affected the situation. At the end of each round, the White Team told each side how effective their actions were and outlined any new situations in the situation.

    In the end, the Red Team created a bit of a mess but did not cause permanent damage. The White Team reports the final outcome of the actions taken by the attackers and defenders:

    • A local news channel was set up at the start of the match, falsely reporting that the government was trying to influence the election results.

    • The Red Team lost control of the city's Twitter account as the city regained control of all of their social media accounts.

    • A report was published on an investigation into election blocking and fake videos.

    • Buses have been set up between polling stations to deal with concerns about polling places.

    • A press release came from the mayor, police chief, and the election board dismissing misinformation leaked by the Red Team.

    READ  The best resources for your new PlayStation 5

    Overall, the Blue Team successfully defended the elections and reduced chaos.

    SEE: Employee political activity policy (TechRepublic Premium)

    How to strengthen emergency response plans

    Cybereason offered the following advice to governments preparing for the 2022 elections:

    Collaborate with other government agencies: Establish relationships with other cyber institutions and other government standards. Make sure the police department has a way to communicate with the rest of the government and already has relationships with the city communications office. The police department and city news officers should coordinate in the event of an incident.

    Coordination with the private sector: Coordinate with major infrastructure and transport providers in advance, including private companies that provide the technical aspects of that infrastructure. Understanding where components such as the power grid are vulnerable can help prevent attacks on resources.

    Develop playbooks: Run board-specific exercises for your city that outline situations specific to your community. Thinking about these concerns in advance will prevent this from happening in an emergency.

    Use multiple media channels: Have several other means of communication. Accept that mobile phones can be compromised, that social media is unreliable, and that radios have vulnerabilities such as jamming. Make sure you use communication outside of the organization, and that you have a standard setting to establish communication and central coordination.

    Pay attention to the area: Understand local nuances and concerns in the community to prepare for when they may be treated or challenged.

    Early implementation: Have a police presence prior to the incident as this will reduce the psychological impact on civilians if more officers have to be deployed, especially in areas where law enforcement is viewed with distrust.

    The Cybereason has made several table simulations over the past few months in Boston, New Hampshire and London. The next event is in Paris.

    See also


    At RSA 2022, members of the Red Team planned a disinfection campaign to prevent a selection in the fake city of Adversaria in a cybersecurity board exercise hosted by Cybereason.

    Image Credit: Veronica Combs

    Related Posts

    Deja una respuesta

    Tu dirección de correo electrónico no será publicada.


    We use cookies to ensure that we give the best user experience on our website. If you continue to use this site we will assume that you agree. More information