Maricopa County CISO: Online Misinformation/Disinformation in 2020 Election a 'Gamechanger'Maricopa County CISO: Online Misinformation/Disinformation in 2020 Election a 'Gamechanger'
Custom playbooks played a key role in the Arizona election jurisdiction's security strategy.
May 21, 2021
RSA CONFERENCE 2021 - The CISO of Maricopa County – which is currently in the midst of a controversial and politically charged recount of the 2020 presidential election results – said the biggest security challenge in the past election year was disinformation campaigns, mostly on social media.
Lester Godsey, the top cybersecurity official for the Arizona county, said in a panel discussion here today that his county during the 2020 election cycle saw attackers attempt port scanning, DDoS attacks, and other cyber activity, but the primary threat they faced was adversaries hacking trust in the election and election systems.
"I would say for 2020, one of our biggest challenges was around misinformation/disinformation from a social media perspective. That in itself was a gamechanger" for the county, he said.
Maricopa County created specialized playbooks for how it would respond to cyberattacks or other disruptive events in the run-up to, and during, Election Day. "On the day of the election... we utilized portions of our playbook around social media monitoring, which we reported internally and passed along to our Fusion Center here," Godsey said.
He and his team spotted evidence of activity by an advanced persistent threat (APT) actor that the FBI also had been watching. According to Cynthia Kaiser, the FBI's section chief for cybersecurity, intelligence and federal officials saw evidence of Iranian and Russian nation-state groups waging disinformation campaigns online during the election year.
Kaiser, who spoke on the RSAC election security panel along with CISA senior cybersecurity advisor Geoff Hale, reiterated there was no evidence of threat actors seeking to hack or sabotage the actual vote counts. "We didn't see them go after the ballot box," she said. "We saw them go after our minds with an aim toward destabilizing society" by casting doubt on the election system, she said.
Maricopa County's Godsey said there "was no evidence whatsoever" of impropriety in the election, but misinformation and disinformation clouded perception for some of the integrity of the process.
He said his team will continue to "refine" their election playbooks, as well as their incident response playbooks, information gathering, and visibility, "improving the dashboard in our SIEM so we can more quickly pivot." They will also automate manual tasks, he said.
Watch the full panel, "Election Security: Lessons from the Front Lines," here.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks