Don’t let worries about election security keep you from going to the polls. The American voting system is in a better place than it has ever been, and added layers of protection ensure that votes can be cast and properly counted. What are citizens to do when they hear the constant drumbeat of elections under siege and the potential that election results could be changed by malicious actors? The answer: vote. Sitting out the election does nothing to promote election security. Voter turnout in midterm elections typically hovers around 40 percent of eligible voters, which is already too low. Better information about the strength and resiliency of the voting system should reassure worried voters. Let’s remind ourselves what really happened in 2016, because alarmist claims have swirled. Most important to remember is that there is no evidence any voting systems were compromised or that votes cast were changed by outside influence.
One evening last May in Knoxville, Tennessee, during the night of the local primary election, Dave Ball, the assistant IT director for Knox County, settled into the Naugahyde chair of his dusty home office and punched away at his desktop computer. Ball’s IT staff had finished a 14-hour day, running dress rehearsals to prepare for the ritual chaos of election night. In a few minutes, at exactly 8 pm, the county’s incoming precinct results would become visible to the public online. Curious, Ball typed in the address for the Knox County election website. At 7:53, the website abruptly crashed. Staring back at Ball was a proxy error notice, a gray message plastered against a screen of purgatorial white. It read simply, “Service Unavailable.” Across East Tennessee, thousands of Knox County residents who eagerly awaited the results saw the same error message — including at the late-night election parties for various county candidates, where supporters gathered around computers at Knoxville’s Crowne Plaza Hotel and the nearby Clarion Inn and Suites. Ball was scowling at the screen when the phone on his table buzzed. It was a message from a staffer, still on duty at the IT department: “We’ve got a problem here,” it read. “Looks like a DDOS.” Ball still remembers his next, involuntary exclamation: “Oh, shit.”
National: Mitigating Election Security Risks Rely on System Resiliency, Auditability | Government CIO
A continuous increase of data breaches, the 2016 election interferences and financial security concerns are causing a riff in the public’s cybersecurity trust in government and industry, and could impact whether people show to vote. That’s according to global IT company Unisys’ annual security index, a look at global and national security concerns. The index is a calculated score out of 300 that measures consumer concerns over time across eight areas of security in four categories: national security, financial security, internet security and personal security. This year’s index is 173, same as last year, but 32 percent higher than 10 years ago, according to the report. And the highest security concerns people have are around identity theft and bankcard fraud. In fact, identity theft was one of the top eight security threats measured, coming before national security (including terrorism), disasters and epidemics, financial obligations, bankcard fraud, viruses and hacking, online transactions and personal safety.
Many county election websites are lacking basic cybersecurity measures that could leave voters vulnerable to misinformation, security firm McAfee said Wednesday. McAfee threat researchers looked at county websites in 20 states and found that many county sites used .com domains instead of .gov ones, which are required to be thoroughly vetted as being official sites by government officials. Researchers found that Minnesota had the highest percentage of non-.gov domains for county election sites at 95.4 percent, followed by Texas at 95 percent and Michigan with 91.2 percent. Steve Grobman, the senior vice president and chief technology officer at McAfee, noted in a blog post that .com and other domains can be bought by anyone, meaning that misinformation about elections could be more easily shared with potential voters.
Pipe bombs were sent to several prominent Democrats, including former President Barack Obama and former Secretary of State Hillary Clinton, setting off an intense investigation on Wednesday into whether figures vilified by the right were being targeted. From Washington to New York to Florida to Los Angeles, the authorities intercepted a wave of crudely built devices that were contained in manila envelopes. In the center of Manhattan, the Time Warner Center, an elegant office and shopping complex, was evacuated because of a pipe bomb sent to CNN, which has its New York offices there. It was addressed to John O. Brennan, a critic of President Trump who served as Mr. Obama’s C.I.A. director. None of the devices harmed anyone, and it was not immediately clear whether any of them could have. One law enforcement official said investigators were examining the possibility that they were hoax devices that were constructed to look like bombs but would not have exploded.
Elections security experts say that it is too late to do much to protect our voting systems against tampering for the midterms. The Department of Homeland Security’s efforts to spur ballot integrity upgrades are focused on 2020, but being future-minded is only an illusion: The hackers will always be ahead. When you’re talking about a set of processes as varied as how different states and districts vote—whether they still use outdated and vulnerable machines that leave no paper trail, or store their registration data insecurely online—there’s really no way to either prevent—or detect—ballot interference with anything like absolute certainty. Russians allegedly hacked Illinois and Arizona’s voter databases mere months before the 2016 presidential election. When DHS first detected these attacks it was too late to prevent them, only soon enough to seal up the vulnerabilities. Except that, even if elections officials had wanted to secure their online voter registration rolls in response to the attack, the law wouldn’t have let them.
I admit that voting is and has always been a celebratory ritual for me, even if the candidate is running unopposed, the office is state agriculture commissioner or my district’s makeup means my one vote won’t make much of a difference. I watched three older siblings march for civil rights, and I am well aware that many brave folks died protecting my right to cast that ballot. While a little rain or a busy schedule might provide an excuse to “sit this one out,” it’s never enough to outweigh the legacy left by a Medgar Evers, who served his country in World War II and was murdered in front of his Mississippi home for, among other civil rights activity, leading voter registration drives in the country he protected. Mine is not a controversial stand — in fact, it’s patriotic. You would think our country’s leaders, without regard to party or politics, would be on my side. You would be wrong.
Colorado: How Colorado voting became a cybersecurity leader long before Russians tried to hack it | TechRepublic
Colorado was one of 21 states targeted by Russian operatives during the 2016 election. But unlike many others, the state has spent years implementing top-tier cybersecurity measures and audits to prevent hackers from entering its systems and interfering with the election process. Colorado receives top marks in the three most important election security categories, according to a February report from the left-leaning Center for American Progress comparing the election security of all 50 states:
Adhering to minimum cybersecurity standards for voter registration systems
Carrying out elections with paper ballots
Conducting robust post-election audits
… In 2017, Colorado became the first state to carry out mandatory risk-limiting post-election audits, which are widely considered the gold standard, according to the Center for American Progress. Risk-limiting audits involve manually checking a sample of ballots, and providing statistical evidence that the election outcome is correct. They have a high probability of correcting a wrong outcome, according to the US Election Assistance Commission. A risk-limiting audit could lead to a full manual recount if there is not enough evidence to prove that the reported outcome is correct, the commission stated.
Colorado: 61,000 Adams County voters are still missing ballots (and other voting problems around Colorado) | The Colorado Sun
A quarter of voters in Adams County — a key 2018 battleground in Colorado — have yet to receive their ballots because one of four trucks carrying them to be mailed didn’t make it to a postal processing center last week. About 61,000 Adams County ballots — mostly for residents in Thornton, Brighton and Aurora — had yet to be sent as of Tuesday afternoon. “We’re waiting on the truck to pull up,” U.S. Postal Service spokesman David Rupert said. Julie Jackson, spokeswoman for Adams County Clerk and Recorder Stan Martin, said it was unclear why the ballots on the truck weren’t unloaded and ended up being returned to a secure location. She said the office is still investigating to find out what happened.
A federal judge intends to issue an injunction barring Georgia election officials from tossing certain absentee ballots without giving would-be voters advance notice and a chance to rectify any issues. The implementation of the injunction — which U.S. District Court Judge Leigh Martin May plans to file Thursday — could complicate the work of election officials statewide, requiring the review of hundreds or thousands of ballot signatures with less than two weeks until Election Day. But civil rights groups whose lawsuits led to May’s decision have already declared victory in the battle, just one of many voting rights skirmishes to surface in what’s become a contentious Georgia election season. “We are pleased that the court has enforced the due process guarantees of the U.S. Constitution,” said Sean Young, legal director of Georgia’s branch of the American Civil Liberties Union. “Today’s ruling is a victory for democracy and for every absentee voter in the state of Georgia.”
It’s a problem no one wants to have happen. You vote for one candidate but the machine claims you voted for someone else. Pamela Grimes was so excited to vote for her candidate for governor. So why did the voting machine in Bartow County show she had selected the other candidate? She went back to the previous page and had to re-do it three times. My thoughts were, oh my gosh. What just happened?” said Grimes. “Like, I know that I pushed the right box. And I had to press around the box. I did not press directly into that square. It was not removing that “x”.” She told a poll worker and then left.
When a Georgia voter registration form is filled out with the name “Jesus Christ” or “Badeye,” it’s pretty obvious why it wouldn’t be processed. Other registration applications stalled by state election officials might well be legitimate, such as those submitted by new U.S. citizens whose citizenship status hasn’t been updated in government computers. There are nearly 47,000 voter registrations pending in Georgia because of the state’s “exact match” law that flags a wide range of potential voters until they prove their eligibility, according to data the Secretary of State’s Office provided Wednesday. The number of pending registrations decreased from 53,000 last week after accounting for duplicate records. The list captures registration applications for hyphenated names, nicknames, typos, citizenship status, incorrect addresses and other information that doesn’t match government records.
North Carolina: Election Directors Urge Voters To Check Their Ballots After Touchscreen Mistakes | WFAE
County elections directors are urging voters to double-check their ballots after some early voters complained of mistakes. Some voters in Guilford County have found errors when reviewing their ballots before submitting them — namely that they meant to vote for a candidate of one party, but the machine marked their ballot for the other candidate. Elections Director Charlie Collicut said the problem comes from the election machines’ touch screens. As some voters touched the screen, it would select the name above or below the candidate they actually wanted. “It’s a machine that we have to calibrate — that a human being has to calibrate,” Collicut said, pointing out that the process isn’t perfect.
An 11-county council in central Pennsylvania has gone on record opposing the state mandate that counties to replace their voting machines. SEDA-Council of Governments, a public development organization, on Wednesday became the latest body to criticize the state requirement that by Dec. 31, 2019, all voting systems must create a verifiable paper trail. SEDA-COG’s resolution also calls on the state to provide full funding to any county that is required to replace its voting equipment. The estimated cost of replacing all voting machines in the state is $125 million.
A legal battle between voting rights activists and the Shelby County Election Commission rages on. A key hearing in Chancery Court was postponed Wednesday afternoon. The subject of the hearing was a lawsuit accusing the Shelby County Election Commission of suppressing voters. “When you start talking about voter suppression, one suppressed vote is one too many,” Earle Fisher, with Up The Vote 901, said. The suit was filed against the commission by the NAACP Memphis chapter and the Tennessee Black Voter Project. It concerns 4,000 to 6,000 incomplete or rejected registration forms.
Brazil’s biggest newspaper said Wednesday that it has asked federal police to investigate threats against a journalist whose story alleged backers of the front-running presidential candidate bankrolled a fake news campaign. The request comes amid an increasingly heated atmosphere ahead of Sunday’s runoff between far-right candidate Jair Bolsonaro, who leads in opinion polls, and his leftist opponent, Fernando Haddad. The newspaper Folha de S. Paulo last week ran a report by Patricia Campos Mello saying businessmen linked to right-wing candidate Jair Bolsonaro had paid to spread fake news on the WhatsApp messaging service to benefit his candidacy. It said a blast message campaign also was planned for this week. Bolsonaro denied the report. Haddad called on Brazil’s electoral court to investigate.
Canada: Election night glitch points to the ‘wild west’ of online voting, says cybersecurity expert | Ottawa Citizen
Online voters in 51 Ontario municipalities had either a few more hours or an extra day to vote after a 90-minute computer portal slowdown on election night. Affected municipalities in Eastern Ontario included Renfrew, Laurentian Valley, Pembroke, Petawawa, Whitewater, Belleville and Kingston — all clients of Colorado-based Dominion Voting. Dominion is one of four companies that supplied Ontario municipalities with services in this municipal election. On Monday night, Dominion posted a statement saying the glitch was the result of a Toronto co-location provider that placed an unauthorized limit on incoming voting traffic of about one-tenth of the system’s designated bandwidth. The company was unaware of the glitch until it was alerted by the municipalities that are its customers. In those 90 minutes, voters experienced slow response time and system timeouts. This points to problems with the “wild west” of online voting in Canada, said a cybersecurity expert.
A deadly Ebola outbreak grows. Rebels kill civilians in the streets. And yet the arrival of voting machines in this troubled corner of Congo has some especially worried as a long-delayed presidential election promises further upheaval. The machines now arriving by the thousands in this Central African nation are of such concern that the U.N. Security Council has come calling, the United States has issued warnings and opposition supporters on Friday plan a national protest. As Congo faces what could be its first peaceful, democratic transfer of power, fears are high that the more than 100,000 voting machines will be ripe for manipulation. They also could pose a technical nightmare in a sprawling nation of more than 40 million voters where infrastructure is dodgy — just 9 percent of Congo has electricity — and dozens of rebel groups are active. “We cannot accept people inventing stories that trample our constitution,” said Clovis Mutsuva, a Beni resident with the LUCHA activist organization, which has tweaked the French term “machines a voter” into “machines a voler,” or “machines to steal.”
The main opposition party in Mozambique, the Democratic Renewal of Mozambique also called Renamo, has announced suspension of its participation in peace negotiations initiated by the government to end recurrent violence in the country. Spokesman for Renamo, Andre Magibire said the party will now concentrate on electoral conflict. The moves follows several weeks of threat by the opposition and comes after the publication of local election results held on October 10. The results had announced the Frelimo ruling party as having won forty four municipalities, a decision contested by the opposition party which has also denounced fraud.
It is “undoubtedly true” that there have been efforts by the Russian state to influence British elections, the culture secretary has told a committee of MPs, but the government has not seen evidence that those attempts have been successful. Speaking to the digital, culture, media and sport (DCMS) select committee, Jeremy Wright, the secretary of state at the department, said that the UK was defended against direct electoral interference by the simple fact that the UK uses pencils and paper to vote. “There are two types [of interference] you might attempt: one is with the process of the election itself, in other words, influencing the outcome of the election by means of interfering with voting machines etc, but we can’t do that here, we don’t have voting machines of that kind.