The NESSP is a set of capabilities that can produce bespoke one off or regular and continuous vulnerability reports for the Critical Electoral Infrastructure (CEI) of nation states. The simple to use dashboard presents data across a broad definition of CEI that can encompass standard areas, for example web sites, polling stations, communications systems, registers, voting machines, electronic ballets, result communications etc. It can be tailored to individual country needs, to reflect electoral security priorities, for fake news and communications hacking. The presentation of these vulnerabilities can be used as a tool to support those who are working within these states on the enhancement of the protection of Critical Electoral Infrastructure or to inform a national electoral security strategy. We can also provide training and capacity building in the operation of these software.
NESSP is, in effect, a nation-wide cyber security penetration test for an electoral system. It can create a DNS (Domain Name System) zone file for all specific entities involved in the electoral system, gov.uk for example. From there it can scan any websites on that specific domain extension and provide a report on threats and areas for improving cyber defences. This is presented in a user-friendly graphical interface that will also produce reports and critical assessments of risk.
The system will also assess breached data and monitor this to discover if an account is vulnerable. NESSP collects open source data from websites that have been hacked in the past. This data is placed into a searchable database to allow checks on email addresses and domain names for breached data. We have over 4 billion accounts so far and are able to return data for most searches.
The sub-national level entities which are part of CE can be checked by the performance of automated penetration testing across any region. This operates an online vulnerability scanner. Any user can enter the website address and a report will be produced recommending changes to secure the website against 99% of hacking vulnerabilities. NESSP can tailor this automated system for each country and help to secure any entity or sector of critical important.
The Election Protection System (EPS)
The EPS builds on the NESSP to more deeply investigate current vulnerabilities and threats targeting network-centric based electoral processes and delivers appropriate countermeasures. It will then deploy the strategy outlined below to collect, process and disseminate information on the election. This will reduce effectiveness of attack vectors and increase public awareness. EPS assists clients develop risk assessment tools to proactively manage potential electoral security challenges. Elections are influenced by a range of cyberattack vectors, including Twitter robots, fake news website, targeted advertising and the manipulation of trending topics. The EPS aims to defend against this by monitoring elections online and providing intelligence to decision makers. The attack vectors can be defended against and this includes the removal and takedown of fake news sites, blocking and takedown of twitter robots, reporting of false advertising to media owners. Trusted and balanced news sources could be promoted if agreed up by stakeholders. The EPS is deployed using the four stages of the intelligence cycle, the UK intelligence management methodology to produce intelligence to support decision makers.
• Direction: Define the intelligence requirement and prioritise business and mission objectives. This will form the requirements for the intelligence collection plan. Election example; monitor all candidates social media.
• Collection: Setup of Avatar profiles to monitor and possibly engage with groups. Election example; Anonymous profile is setup to join a Facebook group.
• Processing: The current off the shelf system has substantial capabilities which will be augmented with additional features to further meet the election defence requirements.
• Dissemination: Reports covering all aspects of the election on social media and online can be generated as regularly as required. It would be recommended that intelligence analysts produce a summary cover sheet drawing conclusion from the data.
Social Media & Online monitoring capabilities
• OSINT platform with additional capabilities if requested by stakeholder
• 187 languages
• Global data collection – 150 million websites, 10 social media sites, print news, online news, blogs, forums, broadcast tv, broadcast radio.
• Ability to store data for 2 years
• 2 years of historical data for time machine capability
• AI sentiment analysis
• Key influences identification
• Data export ability
• SearX platform for real-time alerts from hacks, data breach in principle country.
• Project acceptance/approval
• Development of terms of reference & expected deliverables
• Project inception
• Presentation of study/research with recommendations
• Development of risk management framework (RMF) to manage potential cyber risks to electoral processes
• Deployment of RMF/ to a target country or target countries (pilot)