Saturday, July 27, 2024

Implications of the Crowdstrike Outage on our Election Infrastructure

Crowdstrike is a publicly traded American company, founded in 2011 and has headquarters in Austin, Texas.

The Center for Information Security has an agreement with Crowdstrike to provide endpoint security for all CIS managed endpoints.

It is a reasonable conclusion that Crowdstrike is running on the machines that are hosting the Albert sensors, because CIS has an agreement with Crowdstrike to provide EDR services.

Do South Carolina and county workstations/servers use Crowdstrike and is data from those computers being sent to the CIS Security Operation Center for analysis and alerting?

Epollbooks are not certified as part of the EAC certification process referenced in above, so is Crowdstrike running on the computers that are running the epollbook software or voter registration software? To wit, during the Crowdstrike outage, Arizona epollbooks and voter registration were taken offline.

The implications of this are concerning because Crowdstrike was at the center of this targeting of Donald Trump and potentially falsifying forensic reports and data to support this narrative.

Given what just happened, a Crowdstrike like outage could heavily impact election day voting.

If South Carolina election officials are using computers that are running Crowdstrike then they are running software with that immense power and surveillance capabilities.

What specific components of the ES&S election system utilize CrowdStrike? Our ES&S system has Windows servers which should utilize CrowdStrike.

Were the computers running the Albert sensors in the state/county environments impacted by the July 19th Crowdstrike outage? If so, has any forensic investigation been done to validate that there were no cyber-attacks during that time that could impact the state/county networks and potentially the election equipment?

If Crowdstrike is in the environment, is it set for automatic updates? Are Microsoft updates set to be deployed automatically? If updates are not being tested by the county or state IT departments before deployment into their environments, then this type of outage could happen again. 

https://scsafeelectionsgroup.substack.com/p/implications-of-the-crowdstrike-outage?utm_source=post-email-title&publication_id=783972&post_id=147038475&utm_campaign=email-post-title&isFreemail=true&r=1mr4m3&triedRedirect=true&utm_medium=email

No comments: