new: Added draft of the election guildelines galaxy

2019-02-15 08:44:33 +01:00 · 2019-02-15 08:44:33 +01:00 · 34042abe23
parent 36afb81f07
commit 34042abe23
2 changed files with 355 additions and 0 deletions
--- a/clusters/election-guidelines.json
+++ b/clusters/election-guidelines.json
@ -0,0 +1,336 @@
+{
+  "authors": [
+    "NIS Cooperation Group"
+  ],
+  "category": "guidelines",
+  "description": "Universal Development and Security Guidelines as Applicable to Election Technology.",
+  "name": "Election guidelines",
+  "source": "Open Sources",
+  "type": "guidelines",
+  "uuid": "c1dc03b2-89b3-42a5-9d41-782ef726435a",
+  "values": [
+    {
+      "description": "Tampering with registrations",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:setup | party/candidate-registration"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "32b3ce0a-0427-452c-9e35-26bf5a682786",
+      "value": "Tampering with registrations"
+    },
+    {
+      "description": "DoS or overload of party/campaign registration, causing them to miss the deadline",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:setup | party/candidate-registration"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "154c6186-a007-4460-a029-ea23163448fe",
+      "value": "DoS or overload of party/campaign registration, causing them to miss the deadline"
+    },
+    {
+      "description": "Fabricated signatures from sponsor",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:setup | party/candidate-registration"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "f4f1ddcb-f067-4136-ba4d-f1d1a2707485",
+      "value": "Fabricated signatures from sponsor"
+    },
+    {
+      "description": "Identity fraud during voter registration",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:setup | electoral-rolls"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "23dbb998-db8a-4cd4-90ab-ce6e8a9abe4b",
+      "value": "Identity fraud during voter registration"
+    },
+    {
+      "description": "Deleting or tampering with voter data",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:setup | electoral-rolls"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "12677906-eec5-42ff-b785-db4097115648",
+      "value": "Deleting or tampering with voter data"
+    },
+    {
+      "description": "DoS or overload of voter registration system, suppressing voters",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:setup | electoral-rolls"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "ad67f547-7b8b-44c6-9710-93261447b6b2",
+      "value": "DoS or overload of voter registration system, suppressing voters"
+    },
+    {
+      "description": "Hacking candidate laptops or email accounts",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:campaign | campaign-IT"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "bbcb7b9c-2660-4d6e-ae96-b19de3e1d107",
+      "value": "Hacking candidate laptops or email accounts"
+    },
+    {
+      "description": "Hacking campaign websites (defacement, DoS)",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:campaign | campaign-IT"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "afe23cd3-161f-46a1-88a0-0cae3431b883",
+      "value": "Hacking campaign websites (defacement, DoS)"
+    },
+    {
+      "description": "Misconfiguration of a website",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:campaign | campaign-IT"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "2da90b56-572f-4a24-a32b-3875bca63b3c",
+      "value": "Misconfiguration of a website"
+    },
+    {
+      "description": "Leak of confidential information",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:campaign | campaign-IT"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "650642c7-ab31-4844-a69f-22294925edeb",
+      "value": "Leak of confidential information"
+    },
+    {
+      "description": "Hacking/misconfiguration of government servers, communication networks, or endpoints",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:all-phases | governement-IT"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "54976d3e-7e6f-4863-9338-bc9e5041b9f2",
+      "value": "Hacking candidate laptops or email accounts"
+    },
+    {
+      "description": "Hacking government websites, spreading misinformation on the election process, registered parties/candidates, or results",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:all-phases | governement-IT"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "aba7358c-d37c-4be4-940c-5b6196140651",
+      "value": "Hacking campaign websites, spreading misinformation on the election process, registered parties/candidates, or results"
+    },
+    {
+      "description": "DoS or overload of government websites",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:all-phases | governement-IT"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "b7eef207-ae5d-472d-bf7c-9f539c2c4bbc",
+      "value": "DoS or overload of government websites"
+    },
+    {
+      "description": "Tampering or DoS of voting and/or vote confidentiality during or after the elections",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:voting | election-technology"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "c45378f1-e5f9-47f0-a54f-e87e3310683b",
+      "value": "Tampering or DoS of voting and/or vote confidentiality during or after the elections"
+    },
+    {
+      "description": "Software bug altering results",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:voting | election-technology"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "dccd4b3e-4b5a-4bde-9c1f-c0101d957b97",
+      "value": "Software bug altering results"
+    },
+    {
+      "description": "Tampering with logs/journals",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:voting | election-technology"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "86790180-cd62-4746-a93a-9f0cecaa4195",
+      "value": "Tampering with logs/journals"
+    },
+    {
+      "description": "Breach of voters privacy during the casting of votes",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:voting | election-technology"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "ad1dd7ae-4022-4291-8cb5-27797c97ebfa",
+      "value": "Breach of voters privacy during the casting of votes"
+    },
+    {
+      "description": "Tampering, DoS or overload of the systems used for counting or aggregating results",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:voting | election-technology"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "749a1893-a205-4623-90c1-fd7c1ba0135b",
+      "value": "Tampering, DoS or overload of the systems used for counting or aggregating results"
+    },
+    {
+      "description": "Tampering or DoS of communication links uesd to transfer (interim) results",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:voting | election-technology"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "3c817f6f-08f3-4e8c-8d94-e23b823beb8f",
+      "value": "Tampering or DoS of communication links uesd to transfer (interim) results"
+    },
+    {
+      "description": "Tampering with supply chain involved in the movement or transfer data",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:voting | election-technology"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "c9abc629-e87a-4bed-be52-11e96ea3803a",
+      "value": "Tampering with supply chain involved in the movement or transfer data"
+    },
+    {
+      "description": "Hacking of internal systems used by media or press",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:campaign/public-communication | media/press"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "e84d963f-f7e0-4c3b-acb9-242ec73ef7c0",
+      "value": "Hacking of internal systems used by media or press"
+    },
+    {
+      "description": "Tampering, DoS, or overload of media communication links",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:campaign/public-communication | media/press"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "b0577662-bcb6-45ac-b7a0-cb7ec560aff5",
+      "value": "Tampering, DoS, or overload of media communication links"
+    },
+    {
+      "description": "Defacement, DoS or overload of websites or other systems used for publication of the results",
+      "meta": {
+        "date": "March 2018.",
+        "kill_chain": [
+          "example-of-threats:campaign/public-communication | media/press"
+        ],
+        "refs": [
+          "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
+        ]
+      },
+      "uuid": "5079fa10-1df3-43f8-b0bf-cea7d342f5e1",
+      "value": "Defacement, DoS or overload of websites or other systems used for publication of the results"
+    }
+  ],
+  "version": 1
+}
--- a/galaxies/election-guidelines.json
+++ b/galaxies/election-guidelines.json
@ -0,0 +1,19 @@
+{
+  "description": "Universal Development and Security Guidelines as Applicable to Election Technology.",
+  "icon": "map",
+  "name": "Election guidelines",
+  "namespace": "misp",
+  "type": "guidelines",
+  "uuid": "c1dc03b2-89b3-42a5-9d41-782ef726435a",
+  "kill_chain_order" : {
+    "example-of-threats": [
+        "setup | party/candidate-registration",
+        "setup | electoral-rolls",
+        "campaign | campaign-IT",
+        "all-phases | governement-IT",
+        "voting | election-technology",
+        "campaign/public-communication | media/press"
+    ]
+  },
+  "version": 1
+}