Understanding Election Security

Training Modules

The Cyber Bytes Foundation, funded by a grant with FEMA, has compiled election security training geared towards State, Local, Election and Tribal government officials.

Cyber Bytes Foundation
FEMA Logo_4

Part I: Introduction to Election Security

Part I covers all the basic knowledge to ‘Understanding Election Security’ including:

  • History of Voting Systems
  • Voting Systems in the 50 States
  • Arriving on-site to county election HQ to support security operations
  • Typical election cycles inside the election office
  • Threat actor types, motivations & potential targets for different impacts
  • Exposed attack surfaces and vectors
  • Mitigating Potential Risks
  • Typical surprises and misconceptions around data governance
  • How to recover from incidents
  • And so much more!

Part II: Election Security Sceanarios

Part II of  ‘Understanding Election Security’ includes a review of two election security scenarios to highlight various risks and discuss lessons learned and how to navigate:

Scenario 1

Press contacts election officials about email being send from the election office about the withdraw of a major candidate from the ballot due to personal reasons.

  • A: These emails are not spoofed, but the result of election office backend systems being penetrated and the emails being sent by the adversary using election office systems.
  • These emails are spoofed, and all election office systems are clean, but the adversary uses this incident to spread a false claim that the election office has been compromised.

Scenario 2

The election office is contacted about a sample ballot on their website that has clearly modified language in one description of one of the races.

Part II: Election Security Sceanarios

Part III of  ‘Understanding Election Security’ includes a review of an additional final two election security scenarios to highlight various risks and discuss lessons learned and how to navigate:

Part II of  ‘Understanding Election Security’ includes a review of two election security scenarios to highlight various risks and discuss lessons learned and how to navigate:

Scenario 3

In Vote-by-Mail state advertising for rogue ballot drop-off locations are found/voters report dropping off their ballots to unofficial location.

Scenario 4

During Election Day the Election office telephone lines are blocked by robocalls, officials publicly listed mobile phones are similarly blocked and office website, epollbook reporting, and emails are blocked by DDOS attack.

Speaker Information

Dan Webber

Dan Webber

Chief Informational Officer, Election Integrity Foundation

Dan has served as Chief Information Officer, Security Officer, and Technology Officer for 25 years, 14 of those years have been spent in healthcare and biotech, 11 in manufacturing, technology and hospitality companies. He advises companies that provide artificial intelligence/machine learning, cybersecurity, innovation, design, analytics, advanced computing, wireless, biotech, and digital services to large private and public enterprises around the world.

Harri Hurst

Harri Hurst

Founding Partner and Hacker, Election Integrity Foundation

Mr. Harri Hursti is a world-renowned data security expert, internet visionary and serial entrepreneur. He began his career as the prodigy behind the first commercial, public email and online forum system in Scandinavia. He founded his first company at the age of 13 and went on to cofound EUnet-Finland in his mid- 20’s. Today, Harri continues to innovate and find solutions to the world’s most vexing problems. He is among the world’s leading authority in the areas of election voting security and critical infrastructure and network system security.