India: Facebook is offering a ‘cyber threat crisis’ hotline to Indian politicians | Business Insider

Facebook, on Friday, introduced a “cyber threat crisis” email hotline for politicians and political parties in India. A top company official told TOI that the company is also working on an “election integrity” microsite for the country. With the new hotline, the compromised account and even the Computer Emergency Response Team (CERT), can write to “indiacyberthreats@fb.com”. A cybersecurity guide with basic security do’s and don’ts has also been released by the company. Facebook announced the efforts a day after submitting its responses to the Indian government over the Cambridge Analytica debacle.

Iraq: Shock election result may be turning point for Iran | The Guardian

The unexpectedly poor showing of Haider al-Abadi, Iraq’s prime minister, in parliamentary elections has dealt a blow to US influence in the country. It was a poor return for American backing for the Baghdad government’s drive to extirpate Islamic State and regain lost territory. But the bigger loser may be Iran, whose allies in Iraq’s Shia militias known as the Popular Mobilisation Forces were pushed into second place by Moqtada al-Sadr, the veteran nationalist. Put simply, Sadr believes Iraqis should run Iraqi affairs – not Washington, not Tehran and not their proxies.

Nigeria: Inside Nigeria’s first ever electronic voting exercise in Kaduna State | TechPoint

It is mid-afternoon on the Friday before the local government elections in Kaduna State. Dr. (Mrs.) Saratu Binta Dikko-Audu, chairman of the Kaduna State Independent Electoral Commission (KAD-SIECOM), has been on her feet for the most part of the day moving from one end of the commission’s premises to the other. The compound itself is buzzing with activities like a bee hive, marking a culmination of events that have taken place over the past 6 months. The Kaduna State local government elections were earlier slated for the 30th of December 2017 and subsequently cancelled. KAD-SIECOM suspended the elections because the State House of Assembly had not passed the Kaduna State Independent Electoral Commission Bill No. 10 of 2012 into law.

Spain: Catalonia’s lawmakers pick fervent separatist as new chief | Associated Press

Lawmakers in Catalonia elected a fervent separatist as the new chief of the restive region Monday, ending a leadership vacuum of more than six months and setting the scene for more confrontations with the Spanish government. Quim Torra, a former corporate lawyer who went on to lead a prominent pro-secession group, vowed to build an independent Catalan republic by working under the leadership of his fugitive predecessor, Carles Puigdemont. Puigdemont is in Germany fighting extradition to Spain, where he is wanted for allegedly using public funds and orchestrating an “insurrection” to get the wealthy northeastern region around Barcelona to break away from Spain. Torra was elected 66-65 in a second round vote after he failed to secure an absolute majority in the 135-strong Catalan Parliament over the weekend. Four lawmakers with the far-left anti-establishment CUP party abstained.

United Kingdom: Sturgeon pressed to allow prisoners to vote in Scottish elections | The Guardian

Nicola Sturgeon has been urged to allow all Scottish prison inmates to vote in the country’s elections by a majority of MSPs on Holyrood’s equalities committee. The committee said allowing prisoners to vote went to the heart of questions about a citizen’s responsibilities and the purpose of prison to rehabilitate offenders. Its conclusions, which were resisted by two Conservative MSPs but backed by its Scottish National party, Labour and Liberal Democrat members, will be seen a challenge to the first minister’s emphasis on her party’s progressive ideals.

Tennessee: Cyberattack on Knox County Election Website Preceded Outage | Associated Press

An intentional cyberattack and suspicious activity by foreign computers preceded the crash of a website that was reporting results in a Tennessee county’s primary elections, a cyber-security firm said Friday. The Knox County elections website suffered the attack, and “a suspiciously large number of foreign countries” accessed the site on May 1, according to the report by Sword & Shield Enterprise Security. The firm hired by the county said those actions were among the likely causes of the crash, which also included a large increase in errors and in overall traffic. Officials have said no voting data was affected, but the site was down for an hour after the polls closed – causing confusion among voters – before technicians fixed the problem.

Pennsylvania: Mailers attempt to ’embarrass people into voting’ by revealing voting history to neighbors | Lancaster Online

An apparent effort to pressure Pennsylvanians into voting in Tuesday’s primary is raising red flags in Lancaster County and across the state as polls prepare to open Tuesday morning. In mailed letters and emails, a group calling itself the “Pennsylvania State Voter Program” is targeting specific voters with publicly available information showing whether they and their neighbors voted in three recent elections — and then indicating it will send an updated list after the May 15 primary. “What if your friends, your neighbors, and your community knew whether you voted?” the letter starts. Titled “Pennsylvania State Voter Report,” the letter does not indicate who specifically is behind the effort. It features a symbol that could lead some people to believe it’s coming from an official government office, though it’s not from any county or state office. The envelopes, marked that they’re from a post office box in Harrisburg, contain a giant red arrow pointing to the line, “Important taxpayer information enclosed.”

National: The Facebook ad dump shows the true sophistication of Russia’s influence operation | The Washington Post

The massive trove of Facebook ads House Intelligence Committee Democrats released Tuesday provides a stunning look into the true sophistication of the Russian government’s digital operations during the presidential election. We’ve already heard a lot from the U.S. intelligence community about the hacking operation Russian intelligence services carried out against Democratic party computer networks to influence the election in favor of then-candidate Donald Trump. But this is the first time we have a swath of empirical and visual evidence of Russia’s disinformation campaign, in the form of more than 3,000 incredibly specific and inflammatory ads purchased by an Internet troll farm sponsored by the Kremlin.

Florida: Voting officials fire back at Marco Rubio’s criticism over cyber-threats | Miami Herald

As the threat of another attempted cyberattack hovers ominously over Florida’s 2018 election, voting officials in the state are livid at U.S. Sen. Marco Rubio for claiming they are “overconfident” and not taking the possibility seriously enough. “That’s just not the case,” said Clay County Supervisor of Elections Chris Chambless. “We are all deeply concerned about the threat and are taking steps to limit the exposure. I thought that his comments were very inaccurate.” Rubio made his remarks in mid-April at a Florida Association of Counties meeting in Washington. “I don’t think they fully understand the nature of the threat,” Rubio said. Taken aback by Rubio’s criticism, Chambless and a second supervisor, Dana Southerland of Taylor County, separately tried to speak to Rubio. Both told the Times/Herald they got no response from his office.

Idaho: State Legislature website hacked by Italian hacktivist group | East Idaho News

The websites for the Idaho Legislature and Idaho’s iCourt portal were hacked Friday morning by a hacktivist group called AnonPlus Italia. From about 11 to 11:10 a.m., both websites were replaced with a black screen, and a manifesto written in Italian about government and media slavery. (The entirety of the text is posted at the end of this article.) AnonPlus is a sporadically active branch of Anonymous, a loosely connected group of hackers, which claim responsibility for online hacks that take place around the globe. AnonPlus was originally associated with a social network for Anonymous, but that network was later hacked by another group and ultimately abandoned. The name “AnonPlus” has been used occasionally in association with others hacks since then. It appears the most recent iteration of the group began activity this year. Italian media reported this week that AnonPlus had performed a seemingly identical hack — with the same message — on the K-9 Web Protection website, which is part of the Symantec antivirus company. K-9 Web Protection filters internet content.

North Dakota: As settlement talks near, Heitkamp says voter ID laws ‘clearly target’ Native Americans, college students | West Fargo Pioneer

Heidi Heitkamp criticized North Dakota lawmakers this week for passing what she called unnecessary voter identification laws in the years after she was first elected to the U.S. Senate as a Democrat, drawing a rebuke from Republicans. In an interview Thursday, May 10, Heitkamp said the laws “clearly target” Native Americans and college students, two groups that tend to favor Democrats. She said there’s “absolutely no proof” of voter fraud in North Dakota.

South Carolina: State needs more money to replace old voting machines | The State

South Carolina is receiving federal funds to boost its election security — but not enough to make the changes state election officials say are really needed. The S.C. Election Commission will receive a $6 million grant from the U.S. Election Assistance Commission to improve the state’s election security ahead of the 2018 election, including replacing some of the state’s aging voting machines. The grant money, combined with $4 million lawmakers are expected spend this year and $1 million election officials have set aside, gives the state $11 million total to spend on updating the state’s 14-year-old voting machines. But election officials say the cost of replacing the more than 13,000 machines voters use to cast their ballots statewide could reach $50 million.

Tennessee: Global cyberassault caused Knox County election night server crash | Knox News

A surge of traffic from 65 foreign countries – including Albania, Taiwan, Ukraine and New Zealand – helped crash the Knox County Election Commission website in a “direct attack,” according to a security firm’s report made public Friday. Such an attack – which struck the night of the May 1 primary as voters, candidates and reporters watched for results – could only have been deliberate, aimed at a specific weak point on the web server, investigators for Sword & Shield Enterprise Security found. Sword & Shield recommended further testing to determine whether such an assault could crash the server again. Knox County Information and Technology Department staffers performed the tests this week and believe they’ve plugged the hole, Deputy IT Director David Ball said. “We essentially re-enacted the attack and believe we have fixed it,” he said.

Download the Sword & Shield Report on the Knox County Cyberattack

Texas: Many Electronic Voting Machines Are Insecure. One Texas County Is Trying To Fix That | NPR

Election administrators in Austin, Texas, are trying to put an electronic voting system in place before the 2020 presidential election that is more secure than anything else in the market right now. There are widespread concerns that many of these voting machines are vulnerable to hacking due to aging equipment and design flaws. Following reports of Russian interference in the 2016 election, lawmakers say local governments need to start switching to more secure technology.

Texas: Saying the state is violating a voter registration law, federal judge gives Texas until Thursday to propose a fix | The Texas Tribune

Texas has less than a week to tell a federal judge in San Antonio how it will begin complying with the National Voter Registration Act, a decades-old federal law aimed at making it easier for people to register to vote by forcing states to allow registration while drivers apply for or renew their driver’s licenses. U.S. District Judge Orlando Garcia ruled more than a month ago that Texas was violating the law, sometimes called the Motor Voter Act, by not allowing Texas drivers to register to vote when they update their driver’s license information online. But it wasn’t clear until this week what exactly state officials would have to do to address that — and by when they’d have to do it. Now, Texas and the Texas Civil Rights Project — which sued the state over the issue in 2016, saying Texas’ current system disenfranchised thousands of voters and violated the U.S. Constitution — have until Thursday to propose a detailed fix for the system. After that, Garcia will weigh the proposals and order a remedy.

Utah: How fair is the citizen initiative signature rescission process? | Deseret News

It’s nail-biting time for supporters and opponents of the four initiative proposals that citizens are trying to place on the 2018 November ballot. Tuesday, May 15, is the deadline for initiative opponents to turn in documents rescinding signatures. After Tuesday, the lieutenant governor’s office will total the number of signatures verified, the number of signatures rescinded, and will determine which initiatives qualify for the ballot. That likely won’t end the controversies, however. If passed, the initiatives would institutionalize Count My Vote, fully expand Medicaid, create a commission to propose political district boundaries and allow marijuana to be used for medical purposes. The rescind efforts have sparked accusations of deception and even bullying. What is going on here? Supporters and opponents of the initiative efforts are accusing the other of unfair tactics, misleading messaging, false representations, intimidating behavior and other outrageous activities. So the initiative campaigns have devolved into … resembling every political contest for the last 10,000 years of human history.

Virginia: Election officials assigned 26 voters to the wrong district. It might’ve cost Democrats a pivotal race. | The Washington Post

Last year’s race for state delegate in Newport News went down in Virginia history for its razor-thin margin. Republican David E. Yancey won on Election Day by 10 votes; Democrat Shelly Simonds beat him by a single vote in a recount. Then, a judicial panel declared a tie, so officials picked a name out of a bowl to determine a winner, and it was Yancey. Now, a review of voter registration records and district maps by The Washington Post has found more than two dozen voters — enough to swing the outcome of that race — cast ballots in the wrong district, because of errors by local elections officials. The misassigned voters lived in a predominantly African American precinct that heavily favored Democrats in the fall, raising the possibility that they would have delivered the district to Simonds had they voted in the proper race. The impact of a Simonds win would have been felt far beyond Newport News.

Afghanistan: Deadline extended for voter registration amid violence | AFP

A deadline for Afghans to register to vote in the October 20 legislative elections has been extended, officials said Friday, as figures show hundreds of civilians have already been killed or wounded in poll-related violence. Enrolment for the long-delayed parliamentary and district council elections began on April 14 and was originally scheduled to finish in mid-June. By Thursday, just over 1.5 million adults had signed up to vote, a spokesman for the Independent Election Commission (IEC) told AFP — a fraction of the 14 million it had hoped to register during the two-month process. “The election commission of Afghanistan has extended the voting registration process for one month,” the IEC said in a statement, without explaining the reason for the decision.

Barbados: Barbados Electoral Office Sticks to Guns on Not Allowing Commonwealth Citizens to Vote | Caribbean360

The Electoral and Boundaries Commission (EBC) is holding firm to its position that Commonwealth citizens in Barbados are not eligible to vote in the May 24 general election unless they have permanent resident or immigrant status. And one of the lawyers representing four non-nationals embroiled in a legal battle with the EBC has warned the Commission that there will be hell to pay if it persists in “blatantly ignoring” the Court of Appeal ruling on the eligibility of qualified Commonwealth citizens to vote. Gregory Nicholls said yesterday that that the electoral management body was flirting with danger and would “suffer the consequences of their actions”.

Burundi: Burundi to vote in referendum to extend president’s term | The Guardian

Millions of voters in Burundi will go to the polls this week in a referendum that could allow president Pierre Nkurunziza to stay in power until 2034. After a campaign marked by allegations of widespread human rights abuses and hate speech, members of Burundi’s divided and weakened opposition see little chance of any serious resistance to Nkurunziza’s efforts to secure his future at the head of the impoverished state. Burundians are being asked to vote yes or no to a proposal to extend the president’s term from five years to seven, which would allow Nkurunziza, who has been in power since 2005, to rule for another 14 years when his term expires in 2020. Tensions have been running high in Burundi for months amid a wave of alleged detentions and killings of the government’s perceived opponents. At least 26 people were killed and seven others wounded in an attack in the north-western province of Cibitoke on Friday, though it is unclear if the massacre was politically motivated.

Iraq: Iraq holds first nationwide election since Islamic State group defeat | AFP

Iraq began voting Saturday in its first parliamentary election since declaring victory over the Islamic State group, with the country hoping to shore up a fragile peace and rebuild. Polling stations opened around the conflict-scarred nation under tight security as the jihadists still pose a major security threat despite a sharp fall in violence. The ballot comes with tensions surging between key players Iran and the United States over the nuclear deal, sparking fears of a destabilising power struggle over Iraq. Roughly 24.5 million voters face a fragmented political landscape five months after IS were ousted, with the dominant Shiites split, the Kurds in disarray and Sunnis sidelined.

Malaysia: Anger Broke the Fix in Malaysia’s Elections | Foreign Policy

At a rally on the southern outskirts of Kuala Lumpur Wednesday night, 92-year-old Mahathir Mohamad declared victory in Malaysia’s elections, a result confirmed the next morning. Mahathir’s victory brought an end to the six-decade dominance of the Barisan Nasional (BN), a coalition of parties led by the United Malays National Organization — a group that Mahathir himself once headed. Mahathir was celebrating in the capital, but his victory was forged in the countryside, where the United Malays National Organization has long had a powerful grip on rural voters, especially ethnic Malays, maintained through a decades-long web of favors, benefits, subsidies, and political appointments. But trust in that system has frayed thanks both to mismanagement at the top and incompetence at the bottom, leaving Malaysia’s rural poor turning away from the party they’d helped keep in power for decades.

Nigeria: Why millions may not vote in 2019 | New Telegraph

There are strong indications that millions of Nigerians of voting age might be disfranchised in next year’s general elections because their Permanent Voters Cards (PVCs) have either been lost or damaged. Majority of these people are currently in various internally displaced persons (IDPs) camps, especially in Northern and North Central parts of the country. Some have relocated because of insecurity in their area. In Borno and Yobe states, millions of Nigerians are in IDP camps due to the activities of the Boko Haram insurgents. And in the North Central states of Plateau, Benue, Nasarawa and Niger, Fulani herdsmen have sacked people from their homes and burnt their houses, forcing them to them to also take refuge in camps. Down South, Ebonyi State has also witnessed herdsmen attacks and communal clashes. Apart from loss of property and other personal belongings, some (if not most) of these people have also lost their PVCs. In all intent and purposes, they have been disenfranchised from voting in next year’s general elections.

The Voting News Weekly: The Voting News Weekly for May 7-13 2018

A report from the Senate Intelligence Committee concluded that Russia was preparing to undermine confidence in the United States’ voting process when its hackers surveilled around 20 state election systems in the run-up to the 2016 elections. The report drew attention the lack of oversight of the cybersecurity practices of election technology vendors. As CyberScoop observes “[g]overnment agencies are not allowed to enter and defend private computer networks unless they’re given direct consent, which in turn limits the defensive support options immediately available to the election technology industry.”

NPR posted an extensive investigation into the continuing vulnerability of America’s elections infrastructure. At a meeting of election directors and secretaries of state at Harvard this Spring, cybersecurity expert Bruce Schneier laid out the problem, “[c]omputers are basically insecure. Voting systems are not magical in any way. They are computers. … This is the problem we always have in computer security — basically nobody has ever built a secure computer. … I want to build a robust system that is secure despite the fact that computers have vulnerabilities, rather than pretend that they don’t because no one has found them yet. And people will find them — whether it’s nation-states or teenagers on a weekend.”

 

The Department of Homeland Security has completed security reviews of election systems in only about half the states that have requested them so far. The government’s slow pace in conducting the reviews has raised concerns that the nation’s voting systems could be vulnerable to hacking.

In an oped in the Charleston Gazette-Mail, Audrey Malagon argues that West Virginia’s plans to allow internet voting for military voters puts their votes at risk. “Blockchain technology addresses only part of the security process currently used by those administering U.S. elections. It’s like installing a high-tech lock and alarm system in your home, and then leaving a front door key and the alarm pass code under the doormat. The alarm system may work perfectly, but until the keys and pass codes are also secure, your home won’t be secure, either.”

According to documents obtained by the Anchorage Daily News through a public records request, a hacker gained unauthorized access in 2016 to the server that hosts Alaska’s public elections website. The incident drew the attention of federal law enforcement but had not been publicly revealed by Alaska election officials.

The Washington Post lauded Colorado’s effort to secure their voting system through risk limiting audits. “In Colorado, even if something happens, I don’t have to worry about it because there’s a process in place,” said Marian Schneider, president of the nonprofit organization Verified Voting. “It’s almost like a disaster recovery plan for elections — that if a disaster were to befall the vote count, we could recover from it.”

Following a similar (successful) legal effort in New York, an expedited lawsuit argues that Ohio counties violate federal law when they destroy ballot images shortly after election.“You may have the original ballot, but that’s not what the machine counted: it counted the picture,” John Brakey, director of AUDIT-USA, a nonpartisan advocacy group involved in the Ohio case, told WhoWhatWhy. “How can you destroy the evidence that you used to count the votes?”

Cyber-security experts hired by Knox County Tennessee to analyze the denial of service cyberattack on election night, found evidence of a “malicious intrusion” into the county’s elections website from a computer in Ukraine during a concerted cyberattack, which likely caused the site to crash just as it was reporting vote totals in this month’s primary. They noted “a suspiciously large number of foreign countries” accessed the site as votes were being reported on May 1.

Amid fears of overseas organizations taking advantage of loopholes in campaign funding laws to target voters before polling day, Google has banned all as relating to the Irish abortion referendum from its platform. The decision will mean an end to advertisements relating to the referendum appearing alongside Google results and on YouTube in the last two weeks of the campaign.

Pakistan’s Supreme Court ruled that it is impossible to incorporate an electronic voting system for the upcoming general elections in the country. The justices stressed that an experimental phase to test the system was necessary, to which the counsel for PTI suggested that the top court seek a written report from the concerned authorities.

National: Senate report on Russian hacking highlights threats to election tech vendors | CyberScoop

Lawmakers are concerned about a major blind spot in the government’s ongoing effort to protect U.S. elections from hackers. Agencies like the Homeland Security Department have little insight into the cybersecurity practices of election technology vendors. This lack of visibility opens the door to supply chain attacks, according to the Senate Intelligence Committee, which could be otherwise potentially detected or stopped by government cybersecurity experts. The Senate committee’s first installment of a larger report on Russian targeting of the 2016 presidential election was released late Tuesday night. It focuses on assessing the federal government’s response to security threats and provides recommendations for future elections.

National: U.S. Voting System Still Vulnerable To Cyberattacks 6 Months Before Election Day | NPR

As America heads toward the 2018 midterms, there is an 800-pound gorilla in the voting booth. Despite improvements since Russia’s attack on the 2016 presidential race, the U.S. elections infrastructure is vulnerable — and will remain so in November. Cybersecurity expert Bruce Schneier laid out the problem to an overflowing room full of election directors and secretaries of state — people charged with running and securing elections — at a conference at Harvard University this spring. “Computers are basically insecure,” said Schneier. “Voting systems are not magical in any way. They are computers.” Even though most states have moved away from voting equipment that does not produce a paper trail, when experts talk about “voting systems,” that phrase encompasses the entire process of voting: how citizens register, how they find their polling places, how they check in, how they cast their ballots and, ultimately, how they find out who won. Much of that process is digital.

National: States Await Election Security Reviews as Primaries Heat Up | Associated Press

With the midterm congressional primaries about to go into full swing, the Department of Homeland Security has completed security reviews of election systems in only about half the states that have requested them so far. The government’s slow pace in conducting the reviews has raised concerns that the nation’s voting systems could be vulnerable to hacking, especially after U.S. intelligence agencies warned that Russia plans to continue meddling in the country’s elections. Among those still waiting for Homeland Security to conduct a risk assessment is Indiana, one of four states with primaries on Tuesday. Its ballot includes several hotly contested races, including a Republican primary for U.S. Senate. Indiana Secretary of State Connie Lawson said she is confident state officials have done what they can to safeguard Tuesday’s voting, but acknowledged: “I’ll probably be chewing my fingernails during the entire day on Election Day.”

Editorials: Our soldiers deserve secure votes | Audrey Malagon/Gazette Mail

Amid suspicions of interference in the 2016 elections, states must be more careful than ever to provide heightened security in this year’s primaries. Yet, West Virginia has just introduced a more vulnerable form of voting for deployed military personnel. West Virginia is now the first state to pilot blockchain technology, to allow some deployed soldiers to vote through mobile phones. Yet cyber security experts warn that this technology, also used for cryptocurrencies, poses dangers for voting. Instead of pioneering voting’s future, West Virginia is paving the way for future election hacking. Blockchain technology addresses only part of the security process currently used by those administering U.S. elections. It’s like installing a high-tech lock and alarm system in your home, and then leaving a front door key and the alarm pass code under the doormat. The alarm system may work perfectly, but until the keys and pass codes are also secure, your home won’t be secure, either.

Alaska: Election officials respond to revealed hack attempt | Juneau Empire

As the Alaska Legislature held a Thursday hearing examining the security state’s election system, the Alaska Division of Elections responded to claims that a hacker penetrated its systems on Election Day 2016. Earlier this week, the Anchorage Daily News published details of a previously undisclosed penetration of the division’s computer systems. The division has previously said Alaska was among the 21 states identified by the Department of Homeland Security as targets of Russian vulnerability scans, but it had not discussed an event on the morning of Election Day itself. In that event, exposed by emails first obtained by the ADN (and subsequently obtained by the Associated Press and the Empire), a hacker identified on Twitter as @cyberzeist published pictures of the administrative tools the division uses to share election results with the public.

Colorado: How Colorado became the safest state to cast a vote | The Washington Post

As local officials across the country scramble to hack-proof their voting systems ahead of the midterm elections, there’s one state that is paving the way as a leader in election security. Colorado has done virtually everything election experts recommend states do to stave off a repeat of 2016, when Russian hackers targeted 21 states as part of the Russian government’s massive election interference campaign. The state records every vote on a paper ballot. It conducts rigorous post-election audits favored by voting researchers. Nearly every county is equipped with up-to-date voting machines. Election officials take part in security trainings and IT workers test computer networks for weaknesses. Secretary of State Wayne Williams told me the state benefited from having some of those measures in place before 2016. Once the extent of Russia’s digital campaign in the presidential election became clear, he made it a priority to invest more in them, he said. “If people perceive a risk, they’re less likely to participate in voting,” Williams said. “We want to protect people from that threat, and we want to people to perceive that they are protected from that threat.”