Archives

National: How Vulnerable Are Electronic Voting Machines? | WBUR

A federal judge ruled this week that Georgia does not have to replace its electronic voting machines with machines that create paper records before the election in November. In her ruling, though, the judge noted she’s “gravely concerned” about Georgia’s slow pace in addressing electronic voting vulnerabilities. Here & Now’s Jeremy Hobson talks with Marian Schneider, president of Verified Voting, a nonpartisan nonprofit that advocates for accurate and verifiable elections, about those vulnerabilities and how secure electronic voting machines are.

On her opinion of the judge’s ruling in Georgia: “I do think that it’s a significant decision, but I think that the judge was concerned about the amount of time before the election, that there wasn’t enough time to smoothly implement paper ballots. “There’s only seven weeks between now and the election, and the early voting would start soon, too. So I think that was a greater concern for the court, but I think the judge made a lot of very significant findings about the vulnerabilities that are present in paperless computer systems that count our votes.” Read More

National: The Plot to Subvert an Election: Unraveling the Russia Story So Far | The New York Times

On an October afternoon before the 2016 election, a huge banner was unfurled from the Manhattan Bridge in New York City: Vladimir V. Putin against a Russian-flag background, and the unlikely word “Peacemaker” below. It was a daredevil happy birthday to the Russian president, who was turning 64. In November, shortly after Donald J. Trump eked out a victory that Moscow had worked to assist, an even bigger banner appeared, this time on the Arlington Memorial Bridge in Washington: the face of President Barack Obama and “Goodbye Murderer” in big red letters. Police never identified who had hung the banners, but there were clues. The earliest promoters of the images on Twitter were American-sounding accounts, including @LeroyLovesUSA, later exposed as Russian fakes operated from St. Petersburg to influence American voters. The Kremlin, it appeared, had reached onto United States soil in New York and Washington. The banners may well have been intended as visual victory laps for the most effective foreign interference in an American election in history. Read More

National: State Elections Agencies Focus on Voting Security Ahead of Midterms | StateTech

During the last election, Russian cyberattackers looking for vulnerabilities scanned 21 state election systems, including those in Illinois, over the 2016 campaigns. While the Department of Homeland Security says the scanning activity did not necessarily breach systems, some individual states have reported compromised data. This year, for instance, the Illinois State Board of Elections reported a 2016 breach of its voter registration system, detailing a SQL injection attack of unknown origin that exposed records in the state’s voter registration database. Since the attack, the Illinois board has worked with state IT experts as well as DHS cybersecurity professionals to keep the database of 18 million records and the servers on which it resides safe from attackers, says Matt Emmons, the agency’s IT director. And there are plenty of hackers out there. Read More

National: DOD’s new cyber strategy stresses election security | FCW

The Defense Department’s newly released cyber strategy draws attention to election meddling, infrastructure protection and greater reliance on commercial technology to get ahead of the curve. A summary of the DOD’s cyber strategy released Sept. 18 boasted an assertive stance on election meddling and attribution, calling out cyber “challenges to [U.S.] democratic processes” as a means for Russia, China, North Korea and Iran to inflict damage without engaging in armed conflict. However, the Pentagon remained firm in its infrastructure protection role. DOD will partner with the private sector and other agencies on improved information sharing “to reduce the risk that malicious cyber activity targeting U.S. critical infrastructure could have catastrophic or cascading consequences,”  the document indicated. Read More

National: Cleanup time for tech firms as midterm elections approach | AlphaStreet

Investigations carried out by federal agencies showed that hackers exploited seemingly minor flaws in the electronic voting system to manipulate the vote tally in the last presidential election. The findings might not surprise Americans as much as it would have done a few years ago, because now we know a bigger threat is hanging over the election process. Skeletons of the illegal online campaign launched by Russian agencies a couple of years ago to rig the presidential election are still tumbling out of the closets of technology companies like Facebook (FB) and Google (GOOG). With the midterm polls around the corner, the security agencies are busy plugging all the loopholes in the system to ensure a free and fair election. That the attackers managed to hack important government websites and breached huge volumes of voter data show the severity of the campaign, and that justifies the extra alert this time. Reports show that hackers, with possible Russia connections, are already doing the groundwork to interfere in the November election. Read More

National: Could white hat hackers boost security of voting machines? | Fifth Domain

Government officials and cybersecurity experts are arguing that companies need to embrace vulnerability disclosure programs to guard against hacking amid pushback from the largest voting machine company in the United States, which has portrayed efforts to test their systems as a tactic of foreign spy-craft. Vulnerability disclosure programs that invite hackers to test computer systems are a show of strength, participants in a Sept. 18 event at the Atlantic Council argued. “Not having a vulnerability disclosure program amounts to cybersecurity negligence,” said Marten Mickos, the head of Hacker One. It’s a myth that companies can test their systems on their own, said Chris Nims, chief information security officer at Oath, a cybersecurity company. Even large companies who perform penetration testing on their own products cannot catch all vulnerabilities, he argued. “The reality is that is simply not true.” Read More

National: Wyden: Senators need protection from ongoing Russian hacking campaign | Politico

Russian hackers behind the 2016 Democratic National Committee hack appear to be targeting the personal email of senators and their staffers, according to Sen. Ron Wyden. In a letter today to Senate leaders, the Oregon Democrat urged support for legislation that would allow the Sergeant at Arms to protect those email systems. The letter from Wyden follows reports in January that the Russian hacking group Fancy Bear — which the U.S. intelligence community identified as one group that penetrated the DNC in the lead-up to the 2016 election — was going after Senate offices. Read More

Arizona: Judge won’t order immediate address updates of Arizona’s voter registration list | Arizona Daily Star

A federal judge has refused to order Secretary of State Michele Reagan to immediately update voter registration addresses of 384,000 Arizonans who moved since the last election. But the ruling leaves the door open to further court action to ensure that Reagan — or whoever succeeds her — finally brings the state into compliance with federal voting laws. Judge James Teilborg acknowledged Wednesday the system operated by the Motor Vehicle Division for address changes for driver’s licenses requires people to affirmatively “opt-in” to also having their voter information updated. And the judge did not dispute the National Voter Registration Act requires these forms to make registration changes automatic unless people opt out. Read More

Florida: State rejects tens of thousands of mail ballots | Miami Herald

A study of Florida’s past two presidential elections finds that mail ballots were 10 times more likely to be rejected than votes cast at early voting sites or on election day. The study also found that mail ballots cast by youngest voters, blacks and Hispanics were much more likely to be rejected than mail ballots cast by white voters, and that those voters are less likely to cure problems with their ballots when notified by election supervisors than other voters. The study also shows that rejection rates vary widely across the state. The report was produced by Daniel Smith, chairman of the political science department at the University of Florida, on behalf of the ACLU of Florida, whose director, Howard Simon, cited the state’s “uncertain history in election administration” in a conference call with reporters. Read More

Georgia: Georgia district ordered to redo primary after voting errors | CNN

A judge said he will order a Georgia Legislature district to redo a primary election between two Republicans because errors in voter data called the results into question. The announcement came in response to a lawsuit filed by state Rep. Dan Gasaway that challenged the legitimacy of the election he lost by 67 votes to businessman Chris Erwin in May. Following his loss, Gasaway personally examined voter rolls and determined that “cross-contamination” in his district’s voter information had led to at least 67 people voting in the wrong district, according to his lawsuit. Read More