Voting portal, you know, syndication that is can be popped and in you go as a customer to view or manipulate data. You know, all the different site that is can be popped as well. This is different from the web side of it. Its, you know, it doesnt take an act or sophistication to run simple tools to manipulate the sites or try to force their way into the site to maintain access. I think thats a really important point you just made as well. It doesnt take a nation state to be successful doing this. Think about the resources in the nation state that want to manipulate it to bear and manipulate these. It is not a high level of sophistication to compromise these systems. It gos down to getting into the website brute force sequel injection, getting into the network, stealing credentials, mapping the network, gaining intelligence. Yeah, i think this is arizona so, this is already happened. Some learn from whats already worked, so they will mimic this breach. Next wee move on to breaching stat
Voting portal, you know, syndication that is can be popped and in you go as a customer to view or manipulate data. You know, all the different site that is can be popped as well. This is different from the web side of it. Its, you know, it doesnt take an act or sophistication to run simple tools to manipulate the sites or try to force their way into the site to maintain access. I think thats a really important point you just made as well. It doesnt take a nation state to be successful doing this. Think about the resources in the nation state that want to manipulate it to bear and manipulate these. It is not a high level of sophistication to compromise these systems. It gos down to getting into the website brute force sequel injection, getting into the network, stealing credentials, mapping the network, gaining intelligence. Yeah, i think this is arizona so, this is already happened. Some learn from whats already worked, so they will mimic this breach. Next wee move on to breaching stat
Voting portal, you know, syndication that is can be popped and in you go as a customer to view or manipulate data. You know, all the different site that is can be popped as well. This is different from the web side of it. Its, you know, it doesnt take an act or sophistication to run simple tools to manipulate the sites or try to force their way into the site to maintain access. I think thats a really important point you just made as well. It doesnt take a nation state to be successful doing this. Think about the resources in the nation state that want to manipulate it to bear and manipulate these. It is not a high level of sophistication to compromise these systems. It gos down to getting into the website brute force sequel injection, getting into the network, stealing credentials, mapping the network, gaining intelligence. Yeah, i think this is arizona so, this is already happened. Some learn from whats already worked, so they will mimic this breach. Next wee move on to breaching stat
System or do a distributed Service Attack against somebodys system and knock it offline. Think about that. If somebody went after one of the states and distributed the service against one of those databases online. It knocks it off in the middle of the election. The next thing well talk about is poison updates at the manufacturer level. I think we already covered that. Okay. Spreading malware to state election systems. Sure. A lot of these methods are interchangeable. You can use them for local pc. But it comes down to, for me, if i were the adversary coming in, i would poison the update. I would start at the manufacturer level, also gain access to the state server, i would get access to the database, infiltrate, and the right packet size, and have some type of malicious payload that could bridge that air gap and have full functionality. I would also add a ransomware feature. Its something nobody is really talking about whether its the Voter Registration data or the final tabulation, t
System or do a distributed Service Attack against somebodys system and knock it offline. Think about that. If somebody went after one of the states and distributed the service against one of those databases online. It knocks it off in the middle of the election. The next thing well talk about is poison updates at the manufacturer level. I think we already covered that. Okay. Spreading malware to state election systems. Sure. A lot of these methods are interchangeable. You can use them for local pc. But it comes down to, for me, if i were the adversary coming in, i would poison the update. I would start at the manufacturer level, also gain access to the state server, i would get access to the database, infiltrate, and the right packet size, and have some type of malicious payload that could bridge that air gap and have full functionality. I would also add a ransomware feature. Its something nobody is really talking about whether its the Voter Registration data or the final tabulation, t