National: Election Security Can Be as Simple as Preserving Paper | Inside Science

Joseph Stalin, no friend of free elections, is credited with saying it was not the people who cast the votes that decide elections. It’s the people who count them. Since the 2016 presidential election, considerable thought — but not much money — has gone into seeing if he’s wrong. According to an expert interviewed by NPR, it would cost at most $400 million to make states with vulnerable systems more secure, but a bill to do that died in Congress last month. There have been some changes in voting procedures, but whether the changes will be enough to block foreign and domestic interference with the upcoming midterm elections is simply unknown.

National: America’s unfair voting laws | The Economist

It its latest report on minority voting rights in America, published this month, the bipartisan United States Commission on Civil Rights reports that a range of restrictive voting measures have been enacted by states in recent years. They range from laws demanding that voters produce specific forms of identification to reductions in the number of locations where people can cast their ballot. These laws have a disproportionate effect on the ability of minority groups to exercise their voting rights. And thanks to a 2013 Supreme Court decision that weakens federal authority to restrict such laws, they are remaining on the books. The 1965 Voting Rights Act and its extensions helped dismantle generations of rules and regulations that had disenfranchised minority voters—and in particular black Americans. One of the act’s major provisions mandated that jurisdictions with a history of voter rights discrimination, including Texas, North Carolina, and seven other states, had to “pre-clear” new voting requirements. This involved persuading the federal government or a three-judge panel that the requirements would not be discriminatory in impact.  But in 2013, the Supreme Court struck down the pre-clearance process.

National: Inside Facebook’s Election ‘War Room’ | The New York Times

Sandwiched between Building 20 and Building 21 in the heart of Facebook’s campus, an approximately 25-foot-by-35-foot conference room is under construction. Thick cords of blue wiring hang from the ceiling, ready to be attached to window-size computer monitors on 16 desks. On one wall, a half-dozen televisions will be tuned to CNN, MSNBC, Fox News and other major networks. A small paper sign with orange lettering taped to the glass door describes what’s being built: “War Room.” Although it is not much to look at now, as of next week the space will be Facebook’s headquarters for safeguarding elections. More than 300 people across the company are working on the initiative, but the War Room will house a team of about 20 focused on rooting out disinformation, monitoring false news and deleting fake accounts that may be trying to influence voters before elections in the United States, Brazil and other countries.

Voting Blogs: CEIR voter registration database security report: Survey finds most states adopted best cybersecurity practices since ‘16 | electionlineWeekly

The Center for Election Innovation and Research (CEIR) has released a new report based on a survey of 26 states conducted between June and July of 2018 to assess the current state of security around voter registration databases (VRDBs). The survey results, released ahead of National Voter Registration Day, show that immense progress has been made in securing voter registration databases since 2016, though significant room for improvement remains for states to strengthen their defenses against hacking attempts. Voter registration databases have been a central focus of conversations around election security since the 2016 presidential election when several voter registration databases were scanned and at least one infiltrated by Russian operatives.

Arkansas: Voter ID law before the Arkansas Supreme Court | Arkansas Times

The Arkansas Supreme Court heard oral arguments today on the state’s appeal of a ruling invalidating the voter ID law passed in 2017. Judge Alice Gray enjoined the law as an unconstitutional addition of a restriction on voting, but the Supreme Court earlier stayed that order and the law was put in place in primary voting. Jeff Priebe, attorney for the plaintiff, Barry Haas, in a public interest lawsuit, argued that the 2017 law was an attempt to circumvent a similar law passed in 2014 that was struck down by the Arkansas Supreme Court. A change was made that allowed voters who didn’t have an ID to cast a provisional ballot and sign an affidavit and the vote is supposed to be counted unless other problems are found.

California: Democrat hit with DDoS attacks during failed primary bid: report | The Hill

The campaign website of a Democratic congressional candidate in California was taken down by cyberattacks several times during the primary election season, according to cybersecurity experts. Rolling Stone reported on Thursday that cybersecurity experts who reviewed forensic server data and emails concluded that the website for Bryan Caforio, who finished third in the June primary, was hit with distributed denial of service (DDoS) attacks while he was campaigning. The attacks, which amount to artificially heavy website traffic that forces hosting companies to shut down or slow website services, were not advanced enough to access any data on the campaign site, but they succeeded in blocking access to bryancaforio.com four times before the primary, including during a crucial debate and in the week before the election.

California: State Launches New Effort To Fight Election Disinformation | Capitol Radio

California election officials are launching a new effort to fight the kind of disinformation campaigns that plagued the 2016 elections — an effort that comes with thorny legal and political questions. The state’s new Office of Election Cybersecurity will focus on social media efforts to discourage or confuse voters into not casting a ballot. During the 2016 election, in addition to hacking email accounts and attacking voting systems, Russian agents used social media also planted disinformation intended to drive down voter turnout.

Georgia: Election Officials to Appeal Paper Ballot Ruling to 11th Circuit | Courthouse News

Georgia election officials  are appealing a federal judge’s decision to allow voters to continue a challenge to the state’s practice of relying solely on electronic voting machines in its elections. Georgia Secretary of State Brian Kemp filed a notice of appeal Tuesday evening after U.S. District Judge Amy Totenberg ruled the Coalition for Good Governance had validly stated a claim that the machines used in the state’s election are vulnerable to hacking. The group, representing voters across the state, had hoped Totenberg  would issue a preliminary injunction and order the state to use paper ballots during the November midterm election. Totenberg declined to do so due to the lack of time to get the new system in place before November 6.

Georgia: Federal Judge Blasts Georgia’s ‘Dated, Vulnerable’ Voting System | Nextgov

Georgia won’t be required to make a last-minute switch to paper ballots for the November midterm elections, but a federal judge still sent a strong message to election officials that she saw significant flaws with the state’s “dated, vulnerable” voting system. U.S. District Judge Amy Totenberg on Monday denied a motion by a group of voters seeking to force Secretary of State Brian Kemp and county election offices to stop using direct recording electronic voting machines, or DREs, for anyone other than people with disabilities in 2018. DREs use reprogrammable, removable memory cards vulnerable to hackers and don’t produce an independent paper audit trail. In her order, Totenberg noted that during recent testimony she heard from both county and state officials that the logistics of moving to a paper ballot with early voting coming next month would create chaos for voters. But the judge also emphasized that she “advises the Defendants that further delay is not tolerable in their confronting of and tackling the challenges before the State’s election balloting system.”

Massachusetts: Hackers in Boston gamed out an election day nightmare – and won | Fifth Domain

The hackers leaned back in their chairs and scanned through options to disrupt election day as if they were reading from a menu of chaos. Fake bomb threats. Orchestrated traffic jams. A botnet of faux Twitter accounts to spread discord. In a simulated exercise put on by the Boston-based cybersecurity firm Cybereason Sept. 20, a team of seven hackers tried to outwit a group of current and former law enforcement officials from the Massachusetts area. In the end, the hackers did not need to be selective about their options. They decided to combine all of their ideas into a concoction of havoc to pick apart the simulated voting day.

North Carolina: Hurricane Florence could impact midterm elections in some North Carolina counties | The Daily Tar Heel

Even with Hurricane Florence over, North Carolina residents continue to feel its effects as many are still displaced or without power. These conditions not only impact the daily lives of residents but could also impact their ability to vote in the upcoming midterm elections.  Duke Energy released a statement on Sept. 19 that estimated 1.7 million customers lost power due to Hurricane Florence. Crews have restored power to 1.6 million customers, but that leaves 114,000 customers without power.  “Many of the remaining impacted customers are located in coastal and inland areas that experienced historic flooding, multiple road closures and significant structural damage,” the statement said.  Last week, Tideland EMC, which serves a portion of eastern North Carolina along the coast, reported that 77 percent of its customers were without power. Tideland has not yet released updated statistics. 

Wyoming: Mail-in ballot proposal for Wyoming clears major hurdle | Wyoming Tribune Eagle

In the future, Wyomingites could be filling out their ballots from the comfort of their own home. A proposed bill to allow counties to move to mail-in ballot elections cleared a major hurdle Wednesday, passing out of the Joint Corporations, Elections and Political Subdivisions Interim Committee on an 11-2 vote. But whether or not it finds support in the full Legislature next session remains to be seen. The bill would give county clerks the option to switch over their elections to a mail-in ballot. Voters would receive a ballot at their residence and could drop it off or mail it back to the county clerk’s office, or drop it off at one of several secured ballot drop boxes across the county. The bill also mandates the county have one polling center open on the day of the election where voters could drop off a ballot or fill one out.

eSwatini: New name, same flaws in eSwatini election, say critics | AFP

Political parties cannot be involved, there are no campaign rallies and the king wields absolute power, choosing the prime minister and cabinet: a parliamentary election in eSwatini is a vote like no other. The country, landlocked between SA and Mozambique, suffers the highest HIV adult prevalence rate in the world at 27.2%. Opposition activists in the tiny Southern African country formerly known as Swaziland say Friday’s election is a mockery of democracy and reveals how its 1.3-million citizens have lived under a repressive regime. In addition to curbs on opposition parties, anti-government protests are all but banned. Undercurrents of dissent surfaced this week with trade union protests over low wages being broken up by riot police. At least 11 people were hurt on Tuesday, a trade union official told AFP.

Fiji: Roll will close same day Fiji election announced | Radio New Zealand

The Fiji Elections Office says the registration of voters will close on the day the writ of election is announced. The FBC reported more than 600,000 Fijians have registered for the 2018 General Election as of the first of August this year. The date the 2018 General Election will be held has still not yet been announced. The Elections office Communications Director, Edwin Nand said the writ could be announced at any time and it’s important for eligible Fijians to take the opportunity to register now.

Maldives: Voters fear fraud as high-stakes election looms | Al Jazeera

The usual din of fishmongers’ cries on the Maldivian capital’s waterfront was drowned out by loud boos on Tuesday when a truck carrying flag-waving activists campaigning to re-elect President Abdulla Yameen lumbered past them. It’s a sight that has become common in Male’s busy market, where a web of pink and yellow campaign banners hangs between every lamppost and from every fishing boat’s mast. Earlier this week, Yameen’s spokesman was booed out of the area by opposition supporters angry over corruption and human rights abuses in this popular Indian Ocean honeymoon destination. Yameen, 59, is standing for a second five-year term in polls on Sunday, promising “transformative economic development”, including jobs and housing for the Maldives’ large youth population.

Russia: Local election results in Far East cancelled after protests | Al Jazeera

Russia’s Far East region has cancelled the result of a runoff governorship vote in an unprecedented move after claims of vote-rigging in favour of a candidate backed by President Vladimir Putin triggered protests. A local electoral commission took the decision on Thursday after Russia’s election chief Ella Pamfilova on Wednesday recommended re-running the vote. The crisis erupted in the Far Eastern region of Primorsky Krai where an opposition candidate accused a ruling party representative endorsed by Putin of “stealing” his victory in the vote last Sunday.

National: How Vulnerable Are Electronic Voting Machines? | WBUR

A federal judge ruled this week that Georgia does not have to replace its electronic voting machines with machines that create paper records before the election in November. In her ruling, though, the judge noted she’s “gravely concerned” about Georgia’s slow pace in addressing electronic voting vulnerabilities. Here & Now’s Jeremy Hobson talks with Marian Schneider, president of Verified Voting, a nonpartisan nonprofit that advocates for accurate and verifiable elections, about those vulnerabilities and how secure electronic voting machines are.

On her opinion of the judge’s ruling in Georgia: “I do think that it’s a significant decision, but I think that the judge was concerned about the amount of time before the election, that there wasn’t enough time to smoothly implement paper ballots. “There’s only seven weeks between now and the election, and the early voting would start soon, too. So I think that was a greater concern for the court, but I think the judge made a lot of very significant findings about the vulnerabilities that are present in paperless computer systems that count our votes.”

National: The Plot to Subvert an Election: Unraveling the Russia Story So Far | The New York Times

On an October afternoon before the 2016 election, a huge banner was unfurled from the Manhattan Bridge in New York City: Vladimir V. Putin against a Russian-flag background, and the unlikely word “Peacemaker” below. It was a daredevil happy birthday to the Russian president, who was turning 64. In November, shortly after Donald J. Trump eked out a victory that Moscow had worked to assist, an even bigger banner appeared, this time on the Arlington Memorial Bridge in Washington: the face of President Barack Obama and “Goodbye Murderer” in big red letters. Police never identified who had hung the banners, but there were clues. The earliest promoters of the images on Twitter were American-sounding accounts, including @LeroyLovesUSA, later exposed as Russian fakes operated from St. Petersburg to influence American voters. The Kremlin, it appeared, had reached onto United States soil in New York and Washington. The banners may well have been intended as visual victory laps for the most effective foreign interference in an American election in history.

National: State Elections Agencies Focus on Voting Security Ahead of Midterms | StateTech

During the last election, Russian cyberattackers looking for vulnerabilities scanned 21 state election systems, including those in Illinois, over the 2016 campaigns. While the Department of Homeland Security says the scanning activity did not necessarily breach systems, some individual states have reported compromised data. This year, for instance, the Illinois State Board of Elections reported a 2016 breach of its voter registration system, detailing a SQL injection attack of unknown origin that exposed records in the state’s voter registration database. Since the attack, the Illinois board has worked with state IT experts as well as DHS cybersecurity professionals to keep the database of 18 million records and the servers on which it resides safe from attackers, says Matt Emmons, the agency’s IT director. And there are plenty of hackers out there.

National: DOD’s new cyber strategy stresses election security | FCW

The Defense Department’s newly released cyber strategy draws attention to election meddling, infrastructure protection and greater reliance on commercial technology to get ahead of the curve. A summary of the DOD’s cyber strategy released Sept. 18 boasted an assertive stance on election meddling and attribution, calling out cyber “challenges to [U.S.] democratic processes” as a means for Russia, China, North Korea and Iran to inflict damage without engaging in armed conflict. However, the Pentagon remained firm in its infrastructure protection role. DOD will partner with the private sector and other agencies on improved information sharing “to reduce the risk that malicious cyber activity targeting U.S. critical infrastructure could have catastrophic or cascading consequences,”  the document indicated.

National: Cleanup time for tech firms as midterm elections approach | AlphaStreet

Investigations carried out by federal agencies showed that hackers exploited seemingly minor flaws in the electronic voting system to manipulate the vote tally in the last presidential election. The findings might not surprise Americans as much as it would have done a few years ago, because now we know a bigger threat is hanging over the election process. Skeletons of the illegal online campaign launched by Russian agencies a couple of years ago to rig the presidential election are still tumbling out of the closets of technology companies like Facebook (FB) and Google (GOOG). With the midterm polls around the corner, the security agencies are busy plugging all the loopholes in the system to ensure a free and fair election. That the attackers managed to hack important government websites and breached huge volumes of voter data show the severity of the campaign, and that justifies the extra alert this time. Reports show that hackers, with possible Russia connections, are already doing the groundwork to interfere in the November election.

National: Could white hat hackers boost security of voting machines? | Fifth Domain

Government officials and cybersecurity experts are arguing that companies need to embrace vulnerability disclosure programs to guard against hacking amid pushback from the largest voting machine company in the United States, which has portrayed efforts to test their systems as a tactic of foreign spy-craft. Vulnerability disclosure programs that invite hackers to test computer systems are a show of strength, participants in a Sept. 18 event at the Atlantic Council argued. “Not having a vulnerability disclosure program amounts to cybersecurity negligence,” said Marten Mickos, the head of Hacker One. It’s a myth that companies can test their systems on their own, said Chris Nims, chief information security officer at Oath, a cybersecurity company. Even large companies who perform penetration testing on their own products cannot catch all vulnerabilities, he argued. “The reality is that is simply not true.”

National: Wyden: Senators need protection from ongoing Russian hacking campaign | Politico

Russian hackers behind the 2016 Democratic National Committee hack appear to be targeting the personal email of senators and their staffers, according to Sen. Ron Wyden. In a letter today to Senate leaders, the Oregon Democrat urged support for legislation that would allow the Sergeant at Arms to protect those email systems. The letter from Wyden follows reports in January that the Russian hacking group Fancy Bear — which the U.S. intelligence community identified as one group that penetrated the DNC in the lead-up to the 2016 election — was going after Senate offices.

Arizona: Judge won’t order immediate address updates of Arizona’s voter registration list | Arizona Daily Star

A federal judge has refused to order Secretary of State Michele Reagan to immediately update voter registration addresses of 384,000 Arizonans who moved since the last election. But the ruling leaves the door open to further court action to ensure that Reagan — or whoever succeeds her — finally brings the state into compliance with federal voting laws. Judge James Teilborg acknowledged Wednesday the system operated by the Motor Vehicle Division for address changes for driver’s licenses requires people to affirmatively “opt-in” to also having their voter information updated. And the judge did not dispute the National Voter Registration Act requires these forms to make registration changes automatic unless people opt out.

Florida: State rejects tens of thousands of mail ballots | Miami Herald

A study of Florida’s past two presidential elections finds that mail ballots were 10 times more likely to be rejected than votes cast at early voting sites or on election day. The study also found that mail ballots cast by youngest voters, blacks and Hispanics were much more likely to be rejected than mail ballots cast by white voters, and that those voters are less likely to cure problems with their ballots when notified by election supervisors than other voters. The study also shows that rejection rates vary widely across the state. The report was produced by Daniel Smith, chairman of the political science department at the University of Florida, on behalf of the ACLU of Florida, whose director, Howard Simon, cited the state’s “uncertain history in election administration” in a conference call with reporters.

Georgia: Georgia district ordered to redo primary after voting errors | CNN

A judge said he will order a Georgia Legislature district to redo a primary election between two Republicans because errors in voter data called the results into question. The announcement came in response to a lawsuit filed by state Rep. Dan Gasaway that challenged the legitimacy of the election he lost by 67 votes to businessman Chris Erwin in May. Following his loss, Gasaway personally examined voter rolls and determined that “cross-contamination” in his district’s voter information had led to at least 67 people voting in the wrong district, according to his lawsuit.

Kansas: Johnson County Primary Voting Saga Continues As ACLU Sues County Election Commissioner | KCUR

The ACLU of Kansas is now suing Johnson County Election Commissioner Ronnie Metsker to gain access to lists of 900 voters who filed provisional ballots and about 150 voters whose advance ballots were not counted in the August primary.  It’s the latest in an ongoing saga over the controversial Johnson County primary, which involved a serious delay in vote counting and a technical glitch in the county’s new, $10.5 million voting machines. The lawsuit is filed on behalf of Davis Hammet, president of Loud Light, a nonprofit working to increase voter turnout. He’s suing after being denied access to the lists, but more than that, he said, he’s concerned there are bigger issues in the county. 

Wisconsin: Adams County clerk resigns following investigation into unauthorized computer access | WKOW

A meeting to hear charges against Cindy Phillippi was scheduled for Wednesday morning. But the hearing was canceled after Phillippi, through her attorney, submitted a 5-page resignation agreement to the Adams County Board during a closed door session Tuesday night. The resignation is effective Wednesday. The agreement does not include an admission of liability. Phillippi will be on paid leave through the end of the year. Board Chair John West said she will continue to provide consultation during the transition period.

Malaysia: Cabinet decides to lower voting age from 21 to 18 | The Straits Times

The Malaysian Cabinet has decided to lower the voting age from 21 to 18. The decision was made at its weekly meeting on Wednesday (Sept 19), and work on amending the Federal Constitution will begin soon, said Youth and Sports Minister Syed Saddiq Syed Abdul Rahman. “One of the things to be done is to work closely with the youth wings of opposition parties as a two-thirds majority is needed for laws to be amended,” he told reporters. “By the next general election, 18-year-olds can cast their votes, that is for certain,” he added.

Maldives: Opposition party raises alarm over fair conduct of presidential poll | Times of India

The Maldives’ opposition party Wednesday raised concerns over conduct of the presidential elections on Sunday in a free and fair manner by the country’s poll body, which it alleged has deployed activists of the ruling dispensation for the poll duty. President Abdulla Yameen, of the ruling Progressive Party of Maldives (PPM), is seeking a second five-year term in the Indian Ocean archipelago, a popular high-end tourist destination. Yemeen had imposed a state of emergency in February after the Supreme Court quashed the conviction of nine opposition leaders, including the country’s first democratically elected president Mohamed Nasheed. Nasheed, the main opposition Maldivian Democratic Party (MDP) leader, is currently in exile in Sri Lanka. He has been barred from contesting the Sunday’s polls.