misp-galaxy/clusters/election-guidelines.json

337 lines
12 KiB
JSON

{
"authors": [
"NIS Cooperation Group"
],
"category": "guidelines",
"description": "Universal Development and Security Guidelines as Applicable to Election Technology.",
"name": "Election guidelines",
"source": "Open Sources",
"type": "guidelines",
"uuid": "c1dc03b2-89b3-42a5-9d41-782ef726435a",
"values": [
{
"description": "Tampering with registrations",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:setup | party/candidate-registration"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "32b3ce0a-0427-452c-9e35-26bf5a682786",
"value": "Tampering with registrations"
},
{
"description": "DoS or overload of party/campaign registration, causing them to miss the deadline",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:setup | party/candidate-registration"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "154c6186-a007-4460-a029-ea23163448fe",
"value": "DoS or overload of party/campaign registration, causing them to miss the deadline"
},
{
"description": "Fabricated signatures from sponsor",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:setup | party/candidate-registration"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "f4f1ddcb-f067-4136-ba4d-f1d1a2707485",
"value": "Fabricated signatures from sponsor"
},
{
"description": "Identity fraud during voter registration",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:setup | electoral-rolls"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "23dbb998-db8a-4cd4-90ab-ce6e8a9abe4b",
"value": "Identity fraud during voter registration"
},
{
"description": "Deleting or tampering with voter data",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:setup | electoral-rolls"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "12677906-eec5-42ff-b785-db4097115648",
"value": "Deleting or tampering with voter data"
},
{
"description": "DoS or overload of voter registration system, suppressing voters",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:setup | electoral-rolls"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "ad67f547-7b8b-44c6-9710-93261447b6b2",
"value": "DoS or overload of voter registration system, suppressing voters"
},
{
"description": "Hacking candidate laptops or email accounts",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:campaign | campaign-IT"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "bbcb7b9c-2660-4d6e-ae96-b19de3e1d107",
"value": "Hacking candidate laptops or email accounts"
},
{
"description": "Hacking campaign websites (defacement, DoS)",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:campaign | campaign-IT"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "afe23cd3-161f-46a1-88a0-0cae3431b883",
"value": "Hacking campaign websites (defacement, DoS)"
},
{
"description": "Misconfiguration of a website",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:campaign | campaign-IT"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "2da90b56-572f-4a24-a32b-3875bca63b3c",
"value": "Misconfiguration of a website"
},
{
"description": "Leak of confidential information",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:campaign | campaign-IT"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "650642c7-ab31-4844-a69f-22294925edeb",
"value": "Leak of confidential information"
},
{
"description": "Hacking/misconfiguration of government servers, communication networks, or endpoints",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:all-phases | governement-IT"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "54976d3e-7e6f-4863-9338-bc9e5041b9f2",
"value": "Hacking/misconfiguration of government servers, communication networks, or endpoints"
},
{
"description": "Hacking government websites, spreading misinformation on the election process, registered parties/candidates, or results",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:all-phases | governement-IT"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "aba7358c-d37c-4be4-940c-5b6196140651",
"value": "Hacking campaign websites, spreading misinformation on the election process, registered parties/candidates, or results"
},
{
"description": "DoS or overload of government websites",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:all-phases | governement-IT"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "b7eef207-ae5d-472d-bf7c-9f539c2c4bbc",
"value": "DoS or overload of government websites"
},
{
"description": "Tampering or DoS of voting and/or vote confidentiality during or after the elections",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:voting | election-technology"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "c45378f1-e5f9-47f0-a54f-e87e3310683b",
"value": "Tampering or DoS of voting and/or vote confidentiality during or after the elections"
},
{
"description": "Software bug altering results",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:voting | election-technology"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "dccd4b3e-4b5a-4bde-9c1f-c0101d957b97",
"value": "Software bug altering results"
},
{
"description": "Tampering with logs/journals",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:voting | election-technology"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "86790180-cd62-4746-a93a-9f0cecaa4195",
"value": "Tampering with logs/journals"
},
{
"description": "Breach of voters privacy during the casting of votes",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:voting | election-technology"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "ad1dd7ae-4022-4291-8cb5-27797c97ebfa",
"value": "Breach of voters privacy during the casting of votes"
},
{
"description": "Tampering, DoS or overload of the systems used for counting or aggregating results",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:voting | election-technology"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "749a1893-a205-4623-90c1-fd7c1ba0135b",
"value": "Tampering, DoS or overload of the systems used for counting or aggregating results"
},
{
"description": "Tampering or DoS of communication links uesd to transfer (interim) results",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:voting | election-technology"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "3c817f6f-08f3-4e8c-8d94-e23b823beb8f",
"value": "Tampering or DoS of communication links uesd to transfer (interim) results"
},
{
"description": "Tampering with supply chain involved in the movement or transfer data",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:voting | election-technology"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "c9abc629-e87a-4bed-be52-11e96ea3803a",
"value": "Tampering with supply chain involved in the movement or transfer data"
},
{
"description": "Hacking of internal systems used by media or press",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:campaign/public-communication | media/press"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "e84d963f-f7e0-4c3b-acb9-242ec73ef7c0",
"value": "Hacking of internal systems used by media or press"
},
{
"description": "Tampering, DoS, or overload of media communication links",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:campaign/public-communication | media/press"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "b0577662-bcb6-45ac-b7a0-cb7ec560aff5",
"value": "Tampering, DoS, or overload of media communication links"
},
{
"description": "Defacement, DoS or overload of websites or other systems used for publication of the results",
"meta": {
"date": "March 2018.",
"kill_chain": [
"example-of-threats:campaign/public-communication | media/press"
],
"refs": [
"https://www.ria.ee/sites/default/files/content-editors/kuberturve/cyber_security_of_election_technology.pdf"
]
},
"uuid": "5079fa10-1df3-43f8-b0bf-cea7d342f5e1",
"value": "Defacement, DoS or overload of websites or other systems used for publication of the results"
}
],
"version": 2
}