Security experts have warned for years that hackers could penetrate electronic voting systems, and now, leaked national security documents suggest a concerted effort to do just that in the 2016 US election. An intelligence report revealed this week showed a cyberattack that targeted more than 100 local election officials and software vendors, raising the prospect of an attempt, possibly led by Russia, to manipulate votes. … Hacking elections “has always been thought of as a theoretical possibility, but now we know it is a real threat,” said Susan Greenhalgh, a researcher with the Verified Voting Foundation, an election systems monitor. “We need to ensure our voting systems are resilient going into 2018 and 2020” elections, she added.
An attempt by Russian hackers to infiltrate an obscure Florida elections technology company is igniting concerns about whether the small industry is vulnerable to attacks that could undermine confidence in election results. Russian hackers apparently targeted employees of Tallahassee, Fla.-based VR Systems with phishing attacks to swipe their computer log-in credentials, then impersonated the company’s workers by sending emails with nefarious attachments to local governmental officials, according to a National Security Agency document leaked to news site The Intercept. The NSA concluded it was “likely” that at least one of the employees’ accounts was compromised. “We have seen no reports of attacks against voting machine vendors and vendors that program ballots for those machines, but it would be naïve to think it’s not a possibility that there would be attempts to do that,” said Lawrence Norden, deputy director of New York University School of Law Brennan Center for Justice’s Democracy Program.
The Homeland Security Department may not wait for a legislative push before starting a bug bounty program, Secretary John Kelly told lawmakers Tuesday. Bug bounties are cash rewards organizations offer to ethical hackers who spot exploitable flaws in their systems. They’re common at major tech companies and have been done in pilot form at the Defense Department and several of the military services. … During Tuesday’s hearing, Kelly also told lawmakers he may reconsider a decision made late in the Obama administration to designate state and local election systems as critical infrastructure. Critical infrastructure is an official DHS designation that makes it easier for the department to provide resources and other aid. Kelly signaled early in his term he supported the designation. He may reconsider the designation, though, in light of “a large amount of pushback” from state-level officials and some members of Congress, he said. State officials consider the designation a federal power grab and worry it could undermine the nonpartisan image of election contests. The National Association of Secretaries of State called on DHS to rescind the designation in February.
Russian hacking of the 2016 U.S. election included sophisticated targeting of state officials responsible for voter rolls and voting procedures, according to a top secret U.S. intelligence document that was leaked and published this week, revealing another potential method of attempted interference in the vote. The month-old National Security Agency document outlined activities including impersonating an election software vendor to send trick emails to more than 100 state election officials. Analysts at the NSA believed the hackers were working for the Russian military’s General Staff Main Intelligence Directorate, or GRU, according to the document. The document’s publication on Monday by The Intercept, a news outlet that focuses on security issues, received particular attention because an intelligence contractor, Reality Leigh Winner, was charged the same day with leaking it.
Leaning back in his chair, Jonathan Mattingly swings his legs up onto his desk, presses a key on his laptop and changes the results of the 2012 elections in North Carolina. On the screen, flickering lines and dots outline a map of the state’s 13 congressional districts, each of which chooses one person to send to the US House of Representatives. By tweaking the borders of those election districts, but not changing a single vote, Mattingly’s maps show candidates from the Democratic Party winning six, seven or even eight seats in the race. In reality, they won only four — despite earning a majority of votes overall. Mattingly’s election simulations can’t rewrite history, but he hopes they will help to support democracy in the future — in his state and the nation as a whole. The mathematician, at Duke University in Durham, North Carolina, has designed an algorithm that pumps out random alternative versions of the state’s election maps — he’s created more than 24,000 so far — as part of an attempt to quantify the extent and impact of gerrymandering: when voting districts are drawn to favour or disfavour certain candidates or political parties.
Officials in some states are trying to figure out whether local election offices were targeted in an apparent effort by Russian military intelligence to hack into election software last fall. The efforts were detailed in a recently leaked report attributed to the U.S. National Security Agency. North Carolina is checking on whether any local systems were breached, while the revelation prompted an election security review in Virginia. Both are considered presidential battleground states. In Illinois, officials are trying to determine which election offices used software from the contractor that the report said was compromised.
A non-profit group is demanding that Fulton County use paper ballots during the sixth district runoff race. In a motion brought by Rocky Mountain Foundation and members of Georgians for Verified Voting, the organizations presented a case that the state’s touch screen-based voting system is “uncertified, unsafe and inaccurate” and that the county officials must instead use paper ballots in the election to have a verifiable transparent election. The group noted a FBI investigation of a cyber-attack on the Center for Election Systems (CES) at Kennesaw State University, the entity responsible for testing and programming voting machines across Georgia.
New York: Onondaga among 4 New York counties to use voting software targeted by Russian hackers | syracuse.com
Onondaga County is among four New York counties that used voting software provided by a U.S. company targeted in a cyber-attack by Russia before the 2016 presidential election, election officials said Wednesday. Onondaga, Cayuga, Cortland and Orange counties used the EVid software from a vendor that partnered with U.S. supplier VR Systems of Florida, said Thomas Connolly, speaking for the New York State Board of Elections. The company’s devices were used by the New York counties as electronic poll books to check voter registration, supplementing existing paper books at selected voting precincts in November as part of a state pilot program, Connolly said. The devices were never linked to live voter registration databases, and state elections officials have found no indication hackers compromised the state’s voting system, Connolly said.
Both chambers of the General Assembly have agreed that they want to move up North Carolina’s future primary elections for president and statewide offices, but they may have to come up with a compromise about when that change would start. The House on Tuesday voted nearly along party lines to approve a bill that would permanently move the primaries from May to March. But the 71-46 vote came after members agreed to delay the bill’s start date until 2020. Two months ago, the Senate unanimously approved the permanent change, starting in 2018. The measure now returns to the Senate, where lawmakers must decide whether they want to accept the House amendment or force negotiations on a compromise.
A new report released today by the Center for American Progress’ Liz Kennedy and Rob Griffin, along with voting experts Tova Wang and Professor Paul Gronke, provides a demographic and geographic portrait of how Oregon’s automatic voter registration system (AVR) — the first in the nation — has expanded the state’s electorate and registered hundreds of thousands of eligible citizens to vote. The findings of this exclusive new analysis provide strong evidence in favor of AVR, not only given the increase in people registered to vote and voters, but also how the program has succeeded in making Oregon’s voter rolls more representative of the state’s population by registering younger, less urban, lower-income, and more ethnically diverse individuals. The report is accompanied by a robust set of graphics and charts as well as a video and an interactive map that brings the story to life by showcasing the regions and communities that benefited the most from AVR, displaying both the percentage of AVR registrants in an area as well as their participation rates on election day.
Puerto Rico’s government is banking on a push for statehood to solve the structural issues that led to its financial crisis. Puerto Ricans will vote Sunday to decide the territory’s status. If statehood wins, as expected, the island will enact what’s known as the Tennessee Plan, an avenue to accession by which U.S. territories send a congressional delegation to demand to be seated in Washington. Puerto Rico will send two senators and five representatives, chosen by Gov. Ricardo Rosselló (D), later this year, once the plan is put into action. Statehood remains a long shot as many Republicans are wary of adding a 51st state that could add two Democratic senators and seven Democratic electors to the Electoral College.
Lawyers for minority voters and politicians asked a federal judge Wednesday to void the Texas voter ID law, saying it is the next logical step for a statute found to be discriminatory. The lawyers also said they will ask U.S. District Judge Nelva Gonzales Ramos to require Texas officials to get U.S. Justice Department approval for any future changes to election law or voting procedures to guard against additional attempts to discriminate against minority voters. Wednesday’s hearing was called to chart the next steps in the case after Ramos ruled in April that the state’s 2011 voter ID law was written by Republicans to intentionally discriminate against minority voters, who tend to favor Democrats.
Amid last-minute efforts to overhaul the state’s voter identification law in light of an ongoing legal fight, the Texas Legislature gaveled out without addressing another embattled election law that’s now moving forward in federal court. The U.S. 5th Circuit Court of Appeals on Thursday will take up a legal challenge to an obscure provision in the Texas Election Code that requires interpreters helping someone cast a ballot to also be registered to vote in the same county in which they are providing help. That state law has been on hold since last year after a federal district judge ruled it violated the federal Voting Rights Act under which any voter who needs assistance because of visual impairments, disabilities or literacy skills can be helped in casting a ballot by the person of their choice, as long as it’s not their employer or a union leader.
Julio Jimenez does not have much to get excited about in Pasadena politics. The 24-year-old said young voters like him feel ignored and disconnected. As he has grown up in the working class Houston suburb, he has seen investment in infrastructure pour into the city’s wealthier, whiter south side, miles from his home on the industrial north side. Now, faced with a runoff election between two Anglo mayoral candidates – John Moon Jr. and Jeff Wagner – who do not reflect his background, nor that of the city’s burgeoning Hispanic population, Jimenez said he is just “pissed off.” “I wanted to vote for a Hispanic,” Jimenez said outside Pasadena City Hall, after casting a vote for Moon.
Earlier this week, Vladimir Putin denied alleged Russian interference in the French presidential election. But evidence shows Russian state media used dubious opinion poll data in the run up to the French election to promote Francois Fillon, at a time when mainstream polls showed him trailing in third place. Shortly before the French election, France’s Polling Commission warned that a poll published by Sputnik, showing Francois Fillon in front, did not reflect public opinion and did not qualify as a “poll” under French law. The research was conducted for Sputnik by Brand Analytics, which previously had a joint project with the Russian state-owned WCIOM polling centre. WCIOM’s main client is Kremlin, which has veto of what they publish. Brand Analytics is a product owned by the Russian company PalitrumLab, which is in turn majority-owned by the IT infrastructure company I-Teco. This company’s clients include the FSB, Russia’s Ministry of Interior, and its Ministry of Defence.
Lawrence Dodd lives in one of Britain’s most fiercely fought voting districts, and he has been peppered almost daily with ads from the country’s major political parties on Facebook. About a month ago, he tried to find out why. Mr. Dodd, a maker of musical instruments in northern England, joined an experiment. He and around 10,000 others volunteered their data, allowing researchers to monitor in real time which political ads were showing up in their Facebook news feeds as Britain’s election approached. Their goal: to shed more light on how political campaigns are using Facebook and other digital services — technologies that are quickly reshaping the democratic process, but which often offer few details about their outsize roles in elections worldwide.
Former Conservative leadership candidate Kevin O’Leary is calling on the federal party to recount the digital imprints of its ballots so that newly elected Leader Andrew Scheer doesn’t start his job with a “cloud” hanging over his head. Mr. O’Leary, who dropped out of the leadership race in April and endorsed then-front-runner Maxime Bernier, told The Globe and Mail that he sees “no reason why a recount shouldn’t occur.” “As a member and a former candidate, I would prefer that a recount be done because I think it clears a cloud that is obviously brewing at this point,” Mr. O’Leary said in an interview. … Conservative Party spokesman Cory Hann, however, said there will be no review. “The rules clearly state that once the vote is verified by the Chief Returning Officer and by the independent auditor, they are final and binding,” he said in an e-mail.
Iraq’s autonomous Kurdish region on Wednesday announced it would hold a referendum on independence, in a move the central government in Baghdad is likely to oppose strongly. “I am pleased to announce that the date for the independence referendum has been set for Monday, Sept. 25, 2017,” Kurdish leader Massoud Barzani said on Twitter. Barzani’s assistant Hemin Hawrami tweeted that voting would take place in the disputed region of Kirkuk and three other areas also claimed by the central government; Makhmour in the north, Sinjar in the northwest and Khanaqin in the east. The president of Iraq’s ruling Shi’ite coalition told Reuters in April it would oppose a Kurdish referendum. Ammar al-Hakim especially warned the Kurds against any move to annex oil-rich Kirkuk. The referendum date was set after a meeting of Kurdish political parties chaired by Barzani, who heads the autonomous Kurdistan Regional Government (KRG).
We do our banking, our shopping and manage our relationships online. But our democracy remains decidedly analogue: in 2017, the simple act of casting a vote requires citizens to trudge down to a polling booth, queue up, and tick a box on a voting slip. … The most clear threat to online voting is the prospect of a cyber attack. If malicious actors were able to hack into the voting system, they might be able to manipulate the result. The threat of this has grown in recent years. Russian hackers are said to have interfered in last year’s US election by stealing information from US Democrats. Being able to target the voting system itself would be a much bigger prize. Hackers might not even have to gain access to the voting system. Launching a distributed denial of service (DDos) attack, in which a system is flooded with internet traffic to the extent that legitimate attempts to access it cannot get through, could hamper the online voting process.
United Kingdom: On the Campaign Trail with Cornelia Parker, the U.K.’s Official Election Artist | The New Yorker
Like many things in British politics, the job of the official U.K. election artist is a bit make-it-up-as-you-go. Dreamed up by the maverick former sports minister Tony Banks, in the early two-thousands, the post was one of the feel-good innovations of Tony Blair’s first term in office. “It just occurred to me that we have war artists, so why not have an election artist?” Banks said at the time. Each election cycle, an artist joins politicians, pundits, and news photographers on the campaign trail and produces his or her own interpretation of events. The only requirement is that the artists betray no political bias and that, upon completion, the works they create go on display in the Houses of Parliament. The painter Jonathan Yeo, the first artist appointed, in 2001, produced respectful oil portraits of Blair and his rival party leaders. Most recently, in 2015, the illustrator Adam Dant made a fantastical pen-and-ink drawing, “The Government Stable,” which crowded many of the events that he’d witnessed in the course of the campaign onto a single “Where’s Waldo?”-ish canvas more than six feet wide.
This Monday, The Intercept broke the story of a leaked classified NSA report [pdf link] on an email-based attack on a various US election systems just before the 2016 US general election. The NSA report, dated May 5, 2017, details what I would assume is only a small part of a more comprehensive investigation into Russian intelligence services’ “cyber operations” to influence the US presidential race. The report analyzes several relatively small-scale targeted email operations that occurred in August and October of last year. One campaign used “spearphishing” techniques against employees of third-party election support vendors (which manage voter registration databases for county election offices). Another — our focus here — targeted 112 unidentified county election officials with “trojan horse” malware disguised inside plausibly innocuous-looking Microsoft Word attachments. The NSA report does not say whether these attacks were successful in compromising any county voting offices or what even what the malware actually tried to do.