How a fake town and real hackers battle test officials for Election Day 2020

In the fictional American town of “Adversaria," federal and local law enforcement officials battled against hackers who used a deep bag of tricks to disrupt election day.
Images of an immersive simulation of mock news events are displayed during an election hacking "tabletop" exercise.
Participants watch a mock news report during an election hacking "tabletop" exercise.Alex Wroblewski / for NBC News

Breaking News Emails

Get breaking news alerts and special reports. The news and stories that matter, delivered weekday mornings.
SUBSCRIBE
By Ben Popken

WASHINGTON — While millions of Americans went to the polls to vote Tuesday, teams of federal and local law enforcement officials huddled in a pair of conference rooms here with a peculiar goal: secure the Nov. 3, 2020, election in the fictional American town of “Adversaria.”

In one room, Yonatan Striem-Amit, a former hacker for the Israeli Army, had assembled a team to launch a variety of simulated cyberattacks on the town’s government. His “red team” worked to undermine the election, compromising and manipulating systems and pushing misinformation.

“Let’s make people know there was an attempt on the voting booth and create a scare, and start circulating pictures of unattended voting booths,” said Striem-Amit, now chief technology officer for the Boston-based cybersecurity firm Cybereason. “If you can get 50,000 people to change their vote or not show up, you can flip the vote.”

Cybereason CTO Yonatan Striem-Amit led the "red team," which was working to undermine the election.Alex Wroblewski / for NBC News

Across the hall, officials from Homeland Security, the FBI, the Secret Service and the Arlington, Virginia, Police Department were on the “blue team” working to stop them.

The event is what’s known as a tabletop exercise, where participants role-play their responses in an emergency scenario. The test, organized by Cybereason, is just one of many simulated attacks that have played out in conference rooms across the U.S. and are now becoming a common part of election security preparedness more than a year before the 2020 election.

Under the rules of the game, hacking the voting machines was off limits. Instead, all parts of the city were used against itself to create chaos on Election Day to disrupt and undermine the results. Its 911 call center was taken down by a flood of fake internet traffic. The traffic lights in the city were going haywire, causing accidents. A deep-fake video surfaced, showing one of the candidates committing racial and domestic violence.

Byers Market Newsletter

Get breaking news and insider analysis on the rapidly changing world of media and technology right to your inbox.
Local and federal officials teamed up on the “blue team.”Alex Wroblewski / for NBC News

The scenario was fake but the vulnerabilities were real, a scrimmage designed to test the abilities of federal and local law enforcement to work together and respond to a nation-state attack.

After Russians attempted to interfere with the last presidential election, the U.S. government and private sector have worked to shore up communications and cooperation and get ready for 2020.

“It’s really only since 2016 that these sort of real-time scenarios have been happening,” said Eddie Perez, global director of technology development for the Open Source Election Technology Institute (OSET), a nonprofit that conducts election technology research.

NBC News has collaborated with the OSET Institute since 2016 to monitor U.S. election technology and voting issues.

“Contingency planning and tabletop exercises that help state and local election officials to be more prepared for the unexpected are a good example of how they are ‘upping their game,’" Perez said in an email. “They’re an essential part of protecting public trust in the 2020 elections.”

Simulations like these have become more common among federal and local officials, but Tuesday’s event added the unique element of attacks on critical infrastructure.

The hackers even made fake voice calls to impersonate the local election officials’ superiors. Then they told the officials to reset the voting machines, focusing on those without paper backups, spreading chaos and confusion.

The simulation also included technology not currently available in the U.S. that could someday could become a target.

At one point, the hackers noticed the city was piloting a fleet of self-driving buses. They compromised the bus controls, commanding them to crash into lines of voters at polling sites, killing and wounding some of the fake town’s citizens.

During the gameplay, the “white team” debated the impact of the fictitious attacks and defenses and delivered the results to the teams in their rooms.Alex Wroblewski / for NBC News

The team of government officials was eventually declared the winner but not without disrupting the election, including a decision to reschedule the election. The hackers were caught and virtually arrested.

The law enforcement side was praised for its cooperation, communication and effective marshaling of resources, performing better than blue teams had in previous events. But the attackers of the red team had an innate advantage, forcing their opponents to react.

Cybereason plans on conducting more simulations before 2020. The company said demand is high.