In a wide-ranging set of indictments handed down on July 13, 2018, the U.S. Department of Justice (DOJ) charged 12 Russian intelligence officers with brazenly attacking U.S. election infrastructure during the 2016 presidential election. On that same day, Director of National Intelligence Dan Coats sounded the alarm that Russia is continuing its cyberattacks on the United States, ominously stating that “the warning lights are blinking red again,” just as they were before the terrorist attacks of 9/11. Coats went on to say that the nation’s election systems and other digital infrastructure are “literally under attack.” Yet, in the face of overwhelming evidence, for more than a year-and-a-half, President Donald Trump has cast doubt on these consistent warnings. It now is incumbent on Congress, key members of the administration, state and local officials, and other stakeholders to take aggressive steps within their respective purviews to secure our election infrastructure.
The Senate could be headed for a showdown this week over funding for state election security. Democrats are pushing for a floor vote on an amendment that would set aside an additional $250 million in grants for states to upgrade their voting systems and make other improvements. But they face firm opposition from Republicans, who say the initial round of funding Congress provided states earlier this year is sufficient. A similar amendment was rejected by the House two weeks ago in a party-line vote. Election security funding is fast emerging as a political hill Democrats are willing to die on. Although the amendment is unlikely to pass in the GOP-controlled Senate, Democrats can use it to hammer President Trump at a time when the White House is frantically trying to patch up the damage from his recent flip-flopping on the threat from Russia. Democrats are also hoping that a floor fight over the merits of grant money could make Republicans look like they’re standing in the way of resources state officials say they need to protect the vote. Whether that will help Democrats come November is unclear, but public polling has showed strong majorities of Americans want to see more action from the administration on election security.
A citizenship question on the 2020 census has already drawn challenges from states that fear an undercount of immigrants and a loss of federal funds. But demographers say there could be even deeper consequences: The question could generate the data necessary to redefine how political power is apportioned in America. Republicans officials, red states and conservatives behind a series of recent court cases have argued that districts historically allotted based on total population unfairly favor states and big cities with more undocumented immigrants, tilting power from states like Louisiana and Montana to California and New York. Congressional seats and state legislative districts should equally represent citizens or eligible voters, they say, not everyone.
National: How the Russian government used disinformation and cyber warfare in 2016 election – an ethical hacker explains | phys.org
The Soviet Union and now Russia under Vladimir Putin have waged a political power struggle against the West for nearly a century. Spreading false and distorted information – called “dezinformatsiya” after the Russian word for “disinformation” – is an age-old strategy for coordinated and sustained influence campaigns that have interrupted the possibility of level-headed political discourse. Emerging reports that Russian hackers targeted a Democratic senator’s 2018 reelection campaign suggest that what happened in the lead-up to the 2016 presidential election may be set to recur. As an ethical hacker, security researcher and data analyst, I have seen firsthand how disinformation is becoming the new focus of cyberattacks. In a recent talk, I suggested that cyberwarfare is no longer just about the technical details of computer ports and protocols. Rather, disinformation and social media are rapidly becoming the best hacking tools. With social media, anyone – even Russian intelligence officers and professional trolls – can widely publish misleading content. As legendary hacker Kevin Mitnick put it, “it’s easier to manipulate people rather than technology.”
Last year, Defcon’s Voting Village made headlines for uncovering massive security issues in America’s electronic voting machines. Unsurprisingly, voting-machine makers are working to prevent a repeat performance at this year’s show. According to Voting Village organizers, they’re having a tough time getting their hands on machines for white-hat hackers to test at the next Defcon event in Las Vegas (held in August). That’s because voting-machine makers are scrambling to get the machines off eBay and keep them out of the hands of the “good guy” hackers. Village co-organizer Harri Hursti told attendees at the Shmoocon hacking conference this month they were having a hard time preparing for this year’s show, in part because voting machine manufacturers sent threatening letters to eBay resellers. The intimidating missives told auctioneers that selling the machines is illegal — which is false.
Download Testimony as a PDF Honorable Members of the Commission: I serve as Senior Advisor to Verified Voting, a national non-partisan non-profit educational and advocacy organization committed to safeguarding elections in the digital age. Verified Voting advocates for the responsible use of emerging technologies to ensure that Americans can be confident their votes will be…
Editorials: Replace Georgia’s risky touchscreen voting machines | Richard DeMillo/Atlanta Journal Constitution
s the 2016 cyber-attacks on U.S. elections continue unabated this election year, most everyone agrees that Georgia’s aging, insecure voting machines must be replaced with a new system to increase public confidence. Georgia legislators tried this spring to authorize purchase of a new system, but the flawed legislation failed. That’s a good thing. It would have made the situation worse, not better. In the wake of this failure, Secretary of State Brian Kemp formed a blue-ribbon Commission on Secure, Accessible and Fair Elections (SAFE) to study the options for Georgia’s next voting system. In short, the Secretary set up a way for Georgia to dig itself out of its election integrity hole and leapfrog to the front of the pack nationwide. At SAFE’s first meeting, Mr. Kemp sabotaged his own commission. The laudable goal of that meeting was to describe Georgia’s current system. Briefing slides are available online. Not apparent in the published material is a disturbing pattern of giving SAFE false and misleading information. If not corrected, the Commission’s recommendations will be as flawed as other efforts to fix the current system. Here are five egregious examples of such misinformation.
The Legislature on Monday sent to Gov. Charlie Baker a bill that would institute automatic voter registration in Massachusetts. Under the bill, an eligible voter who applies for a license or identification card at the Registry of Motor Vehicles or completes a transaction at MassHealth or the Health Connector would be automatically registered to vote. “We think it is one of the strongest automatic voter registration bills in the country,” said Pam Wilmot, executive director of Common Cause Massachusetts. “If signed by the governor, it will make voting more accurate, secure and participatory.”
Lawrence County government officials plan to buy new voting machines before the 2019 elections season. That will give the county some assurance that the system works before the next presidential election in 2020. But the price tag that comes with mandated machines with a paper trail is one that the taxpayers locally may have to eat, unless the state and federal governments come through with funding to back up their mandate. Ed Allison, county director of elections and voting, estimated that the cost for Lawrence County to meet the mandates with a new voting system could range between $750,000 to $1.5 million. Statewide, the cost is expected to be about $150 million for all 67 counties to comply, he said.
Texas election officials have been removing more people from the state’s voter rolls ever since the Supreme Court struck down a part of the Voting Rights Act in 2013, according to a new report from the Brennan Center for Justice. The group says the court’s decision to specifically strike down one provision of the law led to the rise in voter purges. The preclearance provision, also known as Section 5, required several states – including Texas – to get an OK from the federal government before enacting voting laws, changing election procedures or taking people off voter rolls. States purge their voter rolls periodically to remove people who have died or committed a felony.
Visiting Wisconsin on June 28, President Donald Trump tweeted “Russia continues to say they had nothing to do with meddling in our Election!” It was not the first time the president cast doubt on Russian interference in the 2016 election, contradicting conclusions of the FBI, CIA and National Security Agency, as well as reports by bipartisan committees in both chambers of Congress. But Russians have been testing the vulnerability of elections in Wisconsin and other states for years, and top U.S. intelligence officials have warned the 2018 midterm elections are a potential target of Russian cyber attacks and disinformation. A key swing state, Wisconsin was the scene of Russian measures in 2016 that utilized social media and also probed the websites of government agencies.
Cambodians went to the polls last weekend, but it was a sham of an election, dominated by Hun Sen, the country’s aging autocrat. With the opposition party banned and soldiers at polling booths to ensure the outcome went only one way, no credible organization signed off on the election’s validity—but quite a few fake organizations did. Election observation in authoritarian regimes is a relatively new phenomenon. Beginning in the late 1980s, the number of elections monitored by intergovernmental organizations, nongovernmental organizations, and sovereign states increased substantially. This brought increased criticism of the behavior of authoritarian regimes, which signaled their compliance to the norm of external observation in exchange for certain benefits, such as legitimacy, foreign direct investment, and membership in international organizations. This gave democracy promotion actors, which coordinated a majority of election-monitoring missions, newfound leverage over the behavior of authoritarian regimes. In the last decade, however, dictators have fought back.
Counting was under way on Monday in Mali following a key presidential election that saw balloting halted at hundreds of polling stations because of violence in restive regions of the poor Sahel country. Despite the violence, candidates and authorities praised Sunday’s first round of voting, relieved that the violence – which included the torching of polling stations and assaults on electoral officials – caused no casualties. Security was a central issue during the campaign, in which 73-year-old President Ibrahim Boubacar Keita is seeking re-election with the international community hoping the poll will strengthen a 2015 peace accord.
Britain on Friday said it shared concern expressed by international observer missions over reports of pressure on the media in Pakistan and the number of parties with links to proscribed groups who preach violence and intolerance during the Wednesday elections in the country. Noting that Jinnah’s vision of a tolerant, pluralist Pakistan remained central to a stable and cohesive Pakistani society, foreign secretary Jeremy Hunt said the election marked an “unprecedented second successive transfer of power from one full-term civilian government to another”.
Last month, an election in Turkey kept President Recep Tayyip Erdogan and his coalition in power. But experts are puzzled by the results — and caution that the election was not free and fair. Videos of ballot stuffing — mostly in eastern Turkey — in favor of pro-Erdogan parties went viral after they were posted online on election day. And both partisan and nonpartisan reports showed that allegations of electoral irregularity came primarily from eastern Turkey. An opposition-written report stated that 68 percent of the election day violations took place in the east — areas where Erdogan’s Justice and Development Party (AKP) and the far-right Nationalist Movement Party (MHP) experienced significant gains. A report published by an independent fact-checking organization largely supports these claims.
Counting has begun in Zimbabwe’s first election since the removal of Robert Mugabe, with the result determining the former British colony’s future for decades. Millions of people voted peacefully across the county on Monday and turnout appeared extremely high, with long lines of voters forming outside polling stations across the country when they opened at 7am (0600 BST). By early afternoon, polling officials in the capital, Harare, and surrounding towns were reporting that between 75% and 85% of registered voters had cast their ballots. Full results are not due until much later in the week, and possibly as late as the weekend. Speaking as he queued at a primary school on the outskirts of Harare – an opposition stronghold – Tinashe Musuwo, 20, said: “I am very optimistic this morning. Things will get better now.”
National: Russians Are Targeting Private Election Companies, Too — And States Aren’t Doing Much About It | FiveThirtyEight
The American election system is a textbook example of federalism at work. States administer elections, and the federal government doesn’t have much say in how they do it. While this decentralized system has its benefits, it also means that there’s no across-the-board standard for election system cybersecurity practices. This lack of standardization has become all the more apparent over the past two years: Hackers probed 21 state systems during the lead-up to the 2016 election and gained access to one. But the federal government and states don’t appear to have made great strides to ensure that this doesn’t happen again. To do so, they’d need to deal with not only their own cybersecurity deficits but also those of the private companies that help states administer elections.
After nearly two years of calling Russian election interference a hoax and its investigation a witch hunt, President Donald Trump on Friday presided over the first National Security Council meeting devoted to defending American democracy from foreign manipulation. “The President has made it clear that his administration will not tolerate foreign interference in our elections from any nation state or other malicious actors,” the White House said in a statement afterward. But current and former officials tell NBC News that 19 months into his presidency, there is no coherent Trump administration strategy to combat foreign election interference — and no single person or agency in charge.
When Russian hackers targeted the staff of Sen. Claire McCaskill, D-Mo., they took aim at maybe the most vulnerable sector of U.S. elections: campaigns. McCaskill’s Senate staff received fake emails, as first reported by The Daily Beast, in an apparent attempt by Russia’s GRU intelligence agency to gain access to passwords. McCaskill released a statement confirming the attack but said there is no indication the attack was successful. “Russia continues to engage in cyber warfare against our democracy. I will continue to speak out and press to hold them accountable,” McCaskill said. “I will not be intimidated. I’ve said it before and I will say it again, Putin is a thug and a bully.”
Amid ongoing concern over continued efforts by Russian hackers to infiltrate U.S. election systems, Democratic Sen. Jeanne Shaheen of New Hampshire says that her office has been the subject of at least one phishing attack targeting email accounts and social media profiles. Shaheen’s experience comes after fellow Democratic Sen. Claire McCaskill of Missouri said that Russian hackers tried unsuccessfully to infiltrate her office’s computer network. Shaheen worries that the issue is more widespread than many think. “There has been one situation that we have turned over to authorities to look into, and we’re hearing that this is widespread, with political parties across the country, as well as with members of the Senate,” Shaheen told “Face the Nation” on Sunday.
In a press briefing just two weeks ago, Deputy Attorney General Rod Rosenstein announced that the grand jury assembled by Special Counsel Robert Mueller had returned an indictment against 12 officers of Russia’s Main Intelligence Directorate of the Russian General Staff (better known as Glavnoye razvedyvatel’noye upravleniye, or GRU). The indictment was for conducting “active cyber operations with the intent of interfering in the 2016 presidential election.” The filing [PDF] spells out the Justice Department’s first official, public accounting of the most high-profile information operations against the US presidential election to date. It provides details down to the names of those alleged to be behind the intrusions into the networks of the Democratic National Committee and the Democratic Congressional Campaign Committee, the theft of emails of members of former Secretary of State Hillary Clinton’s presidential campaign team, and various efforts to steal voter data and undermine faith in voting systems across multiple states in the run-up to the 2016 election.
President Donald Trump on Friday promised an intense, “whole-of-government” focus on securing the nation’s elections from cyberattacks — but a POLITICO survey of states finds ample reasons to worry about both this year’s midterms and 2020. Only 14 states plus Washington, D.C., say they plan to replace their voting machines in time for the next presidential election using their shares of the $380 million in election technology funding that Congress approved in March, according to POLITICO’s survey of election agencies nationwide. At least seven other states have paid for new voting equipment with other money. But 21 states either have decided not to upgrade their machines or are unsure of their plans — with some saying they would need much more federal aid to swap out their equipment.
National: Lacking direction from White House, intelligence agencies scramble to protect midterm elections from hackers | CNN
With the midterm election only a few months away, government officials working to counter election interference from Russia have been operating with no strategy from the top, including from President Donald Trump’s fractured National Security Council, leaving each agency to fend for itself without White House support or direction, according to lawmakers and national security officials who spoke with CNN. On Friday, following bipartisan criticism about the White House’s focus on pressuring Russia on election interference, Trump is expected to convene a meeting of the NSC to discuss election interference efforts where high-ranking officials including Secretary of State Mike Pompeo are expected to attend. Further details, including Trump’s planned remarks, weren’t available.
Defense of America’s electoral system has traditionally centered around the security of election infrastructure, like voting machines and voter rolls. However, as indictments from special counsel Robert Mueller allege, Russian operatives also seek to exploit weaknesses in the cyber infrastructure of individual political campaigns, while weaponizing social media platforms to spread targeted disinformation.
In the weeks before the 2016 election, memes proliferated on Twitter bearing instructions on how to vote by phone or text message. The images were stylized to resemble Hillary Clinton’s campaign materials, and targeted her supporters in both English and Spanish. “Save time. Avoid the line. Vote from home,” they read. But no state allows either method for casting a ballot. It’s unclear who crafted this low-budget bid at voter suppression. Far-right Twitter accounts helped spread them in an apparent attempt to reduce Clinton voters’ actual participation on Election Day. Similar ads on Facebook that falsely told voters they could vote by tweet were later found to be part of a Russian influence campaign that sought to damage Clinton’s candidacy. While their efficacy is uncertain, the ads and memes fit within a broader pattern of spreading false and misleading information to confuse and deter voters.
Attorneys representing a state NAACP chapter asked the 11th Circuit on Friday to throw out a district court ruling which dismissed their challenge to Alabama’s voter ID law without a trial. The Alabama NAACP, joined by Interfaith group Greater Birmingham Ministries and three individual voters, claims that the state’s photo voter identification law was specifically crafted by lawmakers to discriminate against thousands of black and Latino voters. In January, U.S. District Judge L. Scott Coogler ruled that the 2011 law, which requires absentee and in-person voters to show photo ID in order to cast a ballot, is constitutional.
A ballot initiative to change state legislative and U.S. Congressional redistricting in Arkansas has been approved by the Attorney General. The Arkansas Citizens Redistricting Amendment would establish a seven-member citizens redistricting commission to replace the state Board of Apportionment, a committee made up of the governor, attorney general and secretary of state that currently draws state legislative redistricting lines. “Things are a little different in Arkansas than in other states in that it is this three statewide elected officials who have the power, rather than the legislature itself, over the drawing of state legislative district lines,” explains Jay Barth, a political scientist at Hendrix College.
A pilot program in San Francisco aims to make the voting process easier both on casting a vote and how that vote is counted. San Francisco residents have until Tuesday to test the pilot program out, which includes electronic voting on large tablets. “It’s absolutely amazing,” voter Charles Esler said of trying out the pilot. “It’s a lot more user friendly.” San Francisco’s Department of Elections is hoping voters will offer plenty of opinions after they come test them out. The machines being used in the new voting process are built by Dominion Voting Systems.
A business that for years provided key election services to San Luis Obispo County is barred from doing business in California and has a federal tax lien of $270,000, records show. Now, San Luis Obispo County and five other California counties have contracted for the same election services with what business executives assert is a new company. But there’s evidence the two are related — if not the same business. The new business, Integrated Voting Systems, shares a working name, address and other details with the original business: Integrated Voting Solutions. And for nearly two years, Integrated Voting Systems has done business as Integrated Voting Solutions. In June, that company caused a critical ballot error that required a recount in a Colorado county, leading to news stories that linked the company to the one in “hot water” in California.
With new voting machines and millions of dollars in new funding for enhanced security, Nevada officials had hoped for hiccup-free elections this year. But hiccups were exactly what they got. The combination of problematic new software and human error allowed up to 43 Clark County voters to cast two ballots in the June 12 primary. Six of those people, it was revealed last week, are being investigated by the state for potential voter fraud. Two of those being investigated are Republican, two are Democrat, and two are independents, Clark County Registrar of Voters Joe Gloria said. The Nevada secretary of state’s office confirmed that an investigation has been launched, but did not provide details.
Editorials: Democracy is under threat from the malicious use of technology. The EU is fighting back | Julian King/The Guardian
Alongside traditional canvassing, political parties can now get their messages across using the internet and social media, tools that have not only made it possible to reach large numbers of people but also, increasingly, to micro-target individuals with tailormade messages. This should, in theory, mean an electorate better informed than ever before. But those same tools can easily be hijacked by malicious actors – both state and non-state – to subvert our democratic systems and be used as a weapon against us. And unfortunately, such interference has become increasingly common in the past few years, be it regarding a referendum on an EU agreement with Ukraine or a US presidential election. Preventing our democratic processes, the very building blocks of our society, from being affected is not a concern for the future. It is a task of the utmost importance now, one that requires immediate action. Indeed, we have been working on addressing this threat for a while and are looking to step up our response, together with our member states.