Election interference: attacks on critical information systems
Speakers
- Andrii OKAEVICH, Head of SCIRT, Department of Cybersecurity, Security Service of Ukraine
- Merle MAIGRE, CybExer Technologies
- Matthew MOORHEAD, Commonwealth Secretariat – Commonwealth best practice Guide to cybersecurity in elections 2020
Moderator
- Giorgi JOKHADZE, Project Manager, Cybercrime Programme Office, Council of Europe (C-PROC)
This webinar is organized in the framework of the joint European Union and Council of Europe CyberEast project aiming to support cyber resilience of the Eastern Partnership countries.
Date and time
- Thursday, 4 June 2020 | 12:00 EEST (GMT+3)
Duration
- 1 h 30’ (50’ presentations + 40’ discussions)
Audience
- Particularly useful for officials from policy makers responsible for cybercrime and cybersecurity, criminal justice authorities (judges, prosecutors, law enforcement agencies), staff from the national CSIRTs, as well as researchers/academia having interest in the subject.
- This activity of the CyberEast project is open for participation to other beneficiary countries in different regions covered by the C-PROC.
Language: English only
- Andrii OKAEVICH, Security Service of Ukraine: Election-related Cyber Threats – Lessons Learned
- Merle MAIGRE, CybExer Technologies: Election Interference – Lessons Learned from Ukraine
- Matthew MOORHEAD, Commonwealth Secretariat: Cybersecurity for Elections – A Commonwealth Guide to Best Practice
Background
Attacks against information systems go beyond mere concepts of cybersecurity threats or cybercrime offences, but rather represent direct attacks on democracy as a principle, and threaten security and stability of the states in ways that are difficult to anticipate.
Moreover, in times of ongoing COVID-19 pandemic and remaining restrictions, as well as uncertainty about the application and extension of the latter, the use of ICT for the elections may become even more prevalent and thus critical in terms of cybercrime and cybersecurity threats.
At the same time, this presents an opportunity for cooperation for both cybersecurity community and criminal justice authorities alike, as there should be little doubt that information systems that support electoral process are a classic example of critical information infrastructure that needs proper protection.
Objectives
The purpose of this webinar is to identify the current threats to critical information systems which are used to organize, conduct or support election process.
Information will be provided on legal, organisational, technical and other aspects, pointing out current shortcomings and making recommendations to further ensure protection and deterrence against such attacks.
The webinar is designed to encourage an interactive participation and to facilitate information sharing among participants, discussing relevant experiences, good practices, challenges and opportunities.
Expected outcomes
- Identify and discuss threats to election systems in terms of cybersecurity and cybercrime;
- Discuss roles and responsibilities of various institutions and actors, including law enforcement, in deterring and handling of these threats;
- Present good practices of tackling election interference;
- Agree on basic principles for making elections more secure and safe in terms of cybersecurity and cybercrime.
Resources
- Commonwealth Secretariat, Cybersecurity for Elections: A Commonwealth Guide on Best Practice (2020)
- My Cyber Hygiene, Free cyber hygiene e-learning course in 13 languages (2020)
- ECEAP, Election Interference in Ukraine in the Digital Age (2019)
- ENISA, Training Resources (2020)
- ENISA, Election cybersecurity challenges and opportunities (2019)
- IDEA, Cybersecurity in elections (2019)
- Council of Europe, Resources of the 2019 Octopus Conference on Cooperation against Cybercrime, Workshop 5 (2019)
- Council of Europe, T-CY Guidance Note no. 9 on Aspects of election interference by means of computer systems covered by the Budapest Convention (2019)
- Council of Europe, Cybercrime and COVID-19 resouces page
- European Union, Directive on security of network and information systems - NIS Directive (2016)
- CyberEast project