From 34042abe231ba853d120f853729b11dcf83a7cb4 Mon Sep 17 00:00:00 2001 From: mokaddem Date: Fri, 15 Feb 2019 08:44:33 +0100 Subject: [PATCH] new: Added draft of the election guildelines galaxy --- clusters/election-guidelines.json | 336 ++++++++++++++++++++++++++++++ galaxies/election-guidelines.json | 19 ++ 2 files changed, 355 insertions(+) create mode 100644 clusters/election-guidelines.json create mode 100644 galaxies/election-guidelines.json diff --git a/clusters/election-guidelines.json b/clusters/election-guidelines.json new file mode 100644 index 0000000..9e62d16 --- /dev/null +++ b/clusters/election-guidelines.json @@ -0,0 +1,336 @@ +{ + "authors": [ + "NIS Cooperation Group" + ], + "category": "guidelines", + "description": "Universal Development and Security Guidelines as Applicable to Election Technology.", + "name": "Election guidelines", + "source": "Open Sources", + "type": "guidelines", + "uuid": "c1dc03b2-89b3-42a5-9d41-782ef726435a", + "values": [ + { + "description": "Tampering with registrations", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:setup | party/candidate-registration" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "32b3ce0a-0427-452c-9e35-26bf5a682786", + "value": "Tampering with registrations" + }, + { + "description": "DoS or overload of party/campaign registration, causing them to miss the deadline", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:setup | party/candidate-registration" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "154c6186-a007-4460-a029-ea23163448fe", + "value": "DoS or overload of party/campaign registration, causing them to miss the deadline" + }, + { + "description": "Fabricated signatures from sponsor", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:setup | party/candidate-registration" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "f4f1ddcb-f067-4136-ba4d-f1d1a2707485", + "value": "Fabricated signatures from sponsor" + }, + { + "description": "Identity fraud during voter registration", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:setup | electoral-rolls" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "23dbb998-db8a-4cd4-90ab-ce6e8a9abe4b", + "value": "Identity fraud during voter registration" + }, + { + "description": "Deleting or tampering with voter data", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:setup | electoral-rolls" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "12677906-eec5-42ff-b785-db4097115648", + "value": "Deleting or tampering with voter data" + }, + { + "description": "DoS or overload of voter registration system, suppressing voters", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:setup | electoral-rolls" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "ad67f547-7b8b-44c6-9710-93261447b6b2", + "value": "DoS or overload of voter registration system, suppressing voters" + }, + { + "description": "Hacking candidate laptops or email accounts", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:campaign | campaign-IT" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "bbcb7b9c-2660-4d6e-ae96-b19de3e1d107", + "value": "Hacking candidate laptops or email accounts" + }, + { + "description": "Hacking campaign websites (defacement, DoS)", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:campaign | campaign-IT" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "afe23cd3-161f-46a1-88a0-0cae3431b883", + "value": "Hacking campaign websites (defacement, DoS)" + }, + { + "description": "Misconfiguration of a website", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:campaign | campaign-IT" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "2da90b56-572f-4a24-a32b-3875bca63b3c", + "value": "Misconfiguration of a website" + }, + { + "description": "Leak of confidential information", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:campaign | campaign-IT" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "650642c7-ab31-4844-a69f-22294925edeb", + "value": "Leak of confidential information" + }, + { + "description": "Hacking/misconfiguration of government servers, communication networks, or endpoints", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:all-phases | governement-IT" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "54976d3e-7e6f-4863-9338-bc9e5041b9f2", + "value": "Hacking candidate laptops or email accounts" + }, + { + "description": "Hacking government websites, spreading misinformation on the election process, registered parties/candidates, or results", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:all-phases | governement-IT" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "aba7358c-d37c-4be4-940c-5b6196140651", + "value": "Hacking campaign websites, spreading misinformation on the election process, registered parties/candidates, or results" + }, + { + "description": "DoS or overload of government websites", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:all-phases | governement-IT" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "b7eef207-ae5d-472d-bf7c-9f539c2c4bbc", + "value": "DoS or overload of government websites" + }, + { + "description": "Tampering or DoS of voting and/or vote confidentiality during or after the elections", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:voting | election-technology" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "c45378f1-e5f9-47f0-a54f-e87e3310683b", + "value": "Tampering or DoS of voting and/or vote confidentiality during or after the elections" + }, + { + "description": "Software bug altering results", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:voting | election-technology" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "dccd4b3e-4b5a-4bde-9c1f-c0101d957b97", + "value": "Software bug altering results" + }, + { + "description": "Tampering with logs/journals", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:voting | election-technology" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "86790180-cd62-4746-a93a-9f0cecaa4195", + "value": "Tampering with logs/journals" + }, + { + "description": "Breach of voters privacy during the casting of votes", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:voting | election-technology" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "ad1dd7ae-4022-4291-8cb5-27797c97ebfa", + "value": "Breach of voters privacy during the casting of votes" + }, + { + "description": "Tampering, DoS or overload of the systems used for counting or aggregating results", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:voting | election-technology" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "749a1893-a205-4623-90c1-fd7c1ba0135b", + "value": "Tampering, DoS or overload of the systems used for counting or aggregating results" + }, + { + "description": "Tampering or DoS of communication links uesd to transfer (interim) results", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:voting | election-technology" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "3c817f6f-08f3-4e8c-8d94-e23b823beb8f", + "value": "Tampering or DoS of communication links uesd to transfer (interim) results" + }, + { + "description": "Tampering with supply chain involved in the movement or transfer data", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:voting | election-technology" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "c9abc629-e87a-4bed-be52-11e96ea3803a", + "value": "Tampering with supply chain involved in the movement or transfer data" + }, + { + "description": "Hacking of internal systems used by media or press", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:campaign/public-communication | media/press" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "e84d963f-f7e0-4c3b-acb9-242ec73ef7c0", + "value": "Hacking of internal systems used by media or press" + }, + { + "description": "Tampering, DoS, or overload of media communication links", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:campaign/public-communication | media/press" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "b0577662-bcb6-45ac-b7a0-cb7ec560aff5", + "value": "Tampering, DoS, or overload of media communication links" + }, + { + "description": "Defacement, DoS or overload of websites or other systems used for publication of the results", + "meta": { + "date": "March 2018.", + "kill_chain": [ + "example-of-threats:campaign/public-communication | media/press" + ], + "refs": [ + "https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf" + ] + }, + "uuid": "5079fa10-1df3-43f8-b0bf-cea7d342f5e1", + "value": "Defacement, DoS or overload of websites or other systems used for publication of the results" + } + ], + "version": 1 +} diff --git a/galaxies/election-guidelines.json b/galaxies/election-guidelines.json new file mode 100644 index 0000000..bea8478 --- /dev/null +++ b/galaxies/election-guidelines.json @@ -0,0 +1,19 @@ +{ + "description": "Universal Development and Security Guidelines as Applicable to Election Technology.", + "icon": "map", + "name": "Election guidelines", + "namespace": "misp", + "type": "guidelines", + "uuid": "c1dc03b2-89b3-42a5-9d41-782ef726435a", + "kill_chain_order" : { + "example-of-threats": [ + "setup | party/candidate-registration", + "setup | electoral-rolls", + "campaign | campaign-IT", + "all-phases | governement-IT", + "voting | election-technology", + "campaign/public-communication | media/press" + ] + }, + "version": 1 +}