Louisiana: State confronts sticker shock for new voting machines | Associated Press

The up to $95 million price tag estimated by the company chosen for Louisiana’s lucrative voting machine replacement contract may have caused a bit of sticker shock, but the projection remains tens of millions of dollars cheaper than plans pitched by the two losing bidders. Financial proposals by vendors who weren’t chosen ranged from $115 million to nearly $160 million for the work, according to bid evaluation documents obtained by The Associated Press. Still, the cost projections submitted by the low-bidder that won the award, Dominion Voting Systems, remains at least $50 million or more higher than the money set aside for the work. Final terms — and a final price tag — for the contract remain to be negotiated.

New Jersey: ‘A drop in the bucket’: State to spend $10M on election security | New Jersey101.5

The Murphy administration has decided how it will spend $10.2 million on election security initiatives, mostly federal aid that will pay for cybersecurity, database improvements and auditing the accuracy of election machines. Among the uses for the funds will be implementing automatic voter registration at the state’s Motor Vehicle Commission agencies and helping some counties acquire voting machines that create a voter-verified paper audit trail. Among the 13 states with paperless voting machines, only Indiana and Texas are committing a smaller percentage of their new Help America Vote Act funds toward voting equipment than the $2.5 million New Jersey plans to spend. “The state’s plan to spend the HAVA funds I think is really thorough, but it’s important to note that the amount of funds that they’re talking about is really just a drop in the bucket to what they really need to update our election systems,” said Jesse Burns, the executive director of the League of Women Voters of New Jersey. The funding includes $9.76 million in federal funds, part of $380 million in grants the federal Election Assistance Commission is making available through a law enacted in March, and $487,873 in required state matching funds.

Nevada: State targets $4.3M in US grants to safeguard voter rolls | Associated Press

The state of Nevada is spending nearly $4.3 million in federal grants to shore up its election systems, with the bulk of the money targeted for safeguarding voter registration rolls and lesser amounts to tighten cybersecurity and improve communication between county and state election officers. The money is included in a report the U.S. Election Assistance Commission released Tuesday showing how states plan to spend $380 million allocated by Congress last spring to strengthen voting systems amid ongoing threats from Russia and others under the Help America Vote Act. The largest chunk nationally — roughly 36 percent — is being spent to improve cybersecurity in 41 states and territories.

Texas: Republican Campaign Against Voter Fraud More Extensive Than Previously Thought | Houston Press

The Harris County Republic Party is under fire at the moment following allegations that they targeted voters in areas populated by minorities for challenges to their voter registrations. By challenging these locations under the guise of rooting out voter fraud, the party has effectively suspended the voting rights of people living at those addresses. The Republican Party campaign was undertaken by Alan Vela, chairman of the party’s Ballot Security Committee and involved 4,000 addresses. …  One such person was Third Ward resident Lynn Lane, a prominent local photographer. Despite living at the same address for the past five years and voting in every election, he received a letter from Harris County Tax Assessor-Collector and Voter Registrar Ann Harris-Bennett’s office informing him that his registration was suspect and that he had to provide proof of residency or face loss of his voting power. By law Harris-Bennet’s office must respond to the challenges with official notices to residents informing them they are in danger of losing their right to vote.

Virginia: Governor calls special session for legislature to redraw districts | The Washington Post

Virginia Gov. Ralph Northam (D) is calling the General Assembly into special session on Aug. 30 to redraw legislative districts that a federal court deemed had been racially gerrymandered. A three-judge panel of the U.S. District Court for the Eastern District of Virginia ruled on June 26 that the lines for 11 House of Delegates districts had been drawn with the purpose of concentrating black voters. The 2-to-1 ruling was a victory for Democrats, who hope that new district boundaries will help them retake control of the House for the first time in nearly two decades. Last year’s elections wiped out a 2-to-1 GOP advantage in the 100-seat House, leaving Republicans with a narrow 51-to-49 majority.

Afghanistan: Bid to weed out suspect candidates spells more election trouble | Reuters

A ban on dozens of Afghan strongmen and lawmakers from running for parliament because of suspected links to illegal armed groups has spurred threats to disrupt a general election already at risk from worsening security. The October polls, seen as an important test of Afghanistan’s democratic legitimacy and a dry run for a presidential election next year, have been repeatedly delayed because of organizational problems. “There will be riots, protests and road-blockages if they don’t accept me,” said Assadullah Sharifi, a lawmaker who is among 35 people the Electoral Complaints Commission (ECC) has barred from standing.

Australia: MP warns of cyber threat to Australian elections | Computerworld

The shadow assistant minister for cyber security, Gai Brodtmann, has called for the government to classify Australia’s election systems as a “critical infrastructure sector” under the Trusted Information Sharing Network in order to “overlay the appropriate scrutiny and assurance mechanisms to assure the Australian people of the cyber resilience of their democracy”. The Labor MP, who earlier this month announced she would not contest the next election, cited concerns over alleged attempts to influence the US and French elections as well as the denial of service attacks on the 2016 Census. The TISN is an initiative to boost information sharing and collaboration between critical infrastructure operators.

Nigeria: Social media bots cast dubious shadow over 2019 elections | Pulse.ng

In the run up to the 2015 presidential election, a public relations firm named Cambridge Analytica attempted to influence Nigerian voters by orchestrating a smear campaign against eventual winner, Muhammadu Buhari.
When Cambridge Analytica’s efforts to influence Nigeria’s elections were made public earlier this year, many were shocked as to the length the firm (formerly SCL Elections) went to ensure the re-election victory of then-president, Goodluck Jonathan. On the prompting of an unnamed Nigerian billionaire, the data mining firm hacked Facebook to harvest the profile of millions of users and target what was determined to be their worst fears. In a video the firm produced, people were filmed being dismembered, having their throats cut and bled to death, and also burned to death in a bid to portray Muslims as violent and Buhari as the man that will impose Sharia Law that’ll make that sort of violence commonplace in the country.

Zimbabwe: Even after Mugabe, Zimbabwe’s elections do not appear free or fair | The Washington Post

On July 30, for the first time since 1980, Zimbabwe held general elections without Robert Mugabe on the ballot. Many Western donor countries have had sanctions on Zimbabwe since 2002 because of the government’s political repression and human rights abuses — and promised to lift these once the country held free and fair elections. But free and fair do not appear to apply. Officially, President Emmerson Mnangagwa — a former Mugabe lieutenant who grabbed power in a November 2017 coup — won with 50.8 percent of the vote, narrowly avoiding a runoff election. And his ruling ZANU-PF party won a two-thirds majority of 149 seats in parliament’s lower house, permitting it to amend the constitution at will. But those results are disputed. International election observers have pointed to irregularities. The opposition party has challenged the results, and the Constitutional Court must rule by Friday.

Editorials: I Just Hacked a State Election. I’m 17. And I’m Not Even a Very Good Hacker. | River O’Connor/Politico

It took me around 10 minutes to crash the upcoming midterm elections. Once I accessed the shockingly simple and vulnerable set of tables that make up the state election board’s database, I was able to shut down the website that would tally the votes, bringing the election to a screeching halt. The data were lost completely. And just like that, tens of thousands of votes vanished into thin air, throwing an entire election, and potentially control of the House or Senate—not to mention our already shaky confidence in the democratic process itself—into even more confusion, doubt, and finger-pointing. I’m 17. And I’m not even a very good hacker. I’ve attended the hacking convention DEF CON in Las Vegas for over five years now, since I was 11 years old. While I have a good conceptual understanding of how cyberspace and the internet work, I’ve taken only a single Python programming class in middle school. When I found out that the Democratic National Committee was hosting a security competition for kids and teens, however, my interest in politics fed into curiosity about how easy it might be to mess with a U.S. election. Despite that limited experience, I understood immediately when I got to Las Vegas this year why the professionals tend to refer to state election security as “child’s play.”

National: Election integrity advocates protest security bill changes | Politico

The version of the Senate’s major election security bill that the Rules Committee marks up this week will not require states to conduct post-election audits using paper records, a major blow to election integrity advocates who are now sharply criticizing the bill. The chairman’s mark of the Secure Elections Act, S. 2593 (115), “would allow for and validate audits of electronic ballot images, which are just plain worthless as a safeguard against cyberattacks,” Susan Greenhalgh, policy director at the National Election Defense Coalition, told MC. Voting system vendors, which encourage local election officials to buy electronic systems, tout the supposed auditability of their digital ballots, despite cybersecurity experts nearly unanimously warning against electronic audits. “This sort of audit would be very appealing to election officials,” Greenhalgh said of the weakened provision, “as it would eliminate the need for extensive ballot manifests and tracking of paper ballots.”

National: Russian hackers targeting more US political groups, Microsoft says | The Guardian

Microsoft says it has uncovered new Russian hacking attempts targeting US political groups before the midterm elections. The company said a group linked to the Russian government created fake internet domains that appeared to spoof two US conservative organisations: the Hudson Institute and the International Republican Institute. Three other fake domains were designed to look as if they belonged to the Senate. Microsoft did not offer any further description of the fake sites. The revelation came just weeks after a similar Microsoft discovery led the senator Claire McCaskill, a Missouri Democrat who is running for re-election, to reveal that Russian hackers tried unsuccessfully to infiltrate her Senate computer network.

Editorials: Election Security Bill Without Paper Records and Risk Limiting Audits? No Way. | Electronic Frontier Foundation

The Senate is working on a bill to secure election infrastructure against cybersecurity threats, but, unless amended, it will widely miss the mark. The current text of the Secure Elections Act omits the two most effective measures that could secure our elections: paper records and automatic risk limiting audits. Cybersecurity threats by their very nature can be stealthy and ambiguous. A skillful attack can tamper with voting machines and then delete itself, making it impossible to prove after the fact that an election suffered interference. Paper records ensure that it is possible to detect and quickly correct for such interference. Automatic audits ensure that such detection actually happens.

Arizona: ACLU lawyers file suit over Arizona voter address updates | Associated Press

Voting rights organizations are suing Arizona Secretary of State Michele Reagan over concerns that her office isn’t updating voters’ addresses. The American Civil Liberties Union of Arizona on Monday announced the lawsuit from multiple voter rights organizations including the League of Women Voters of Arizona. They’re concerned that Reagan’s office doesn’t update voter registration information when someone changes their address on their driver’s license. Reagan’s office last week rejected a request from the ACLU to change more than 500,000 voter registration addresses to what is listed on driver’s licenses. She cited concerns about a lack of voters’ consent. Instead, she says her office has coordinated with the Arizona Department of Transportation to make those changes next year.

Georgia: Too late to switch to paper ballots, officials say | McClatchy

County election officials across Georgia say it’s too late to switch to paper ballots in the upcoming elections, despite warnings that hackers could easily penetrate the state’s antiquated electronic voting system and that Russia could unleash a new wave of disruptive cyberattacks. U.S. District Judge Amy Totenberg is expected to rule any day on whether the state must switch to old-fashioned paper ballots. Her ruling would come in response to a year-old lawsuit by citizen activists. They argue that the state’s current system of relying on electronic voting machines that lack a paper backup is “hopelessly compromised” and paper ballots are necessary to ensure public confidence in the results. Georgia is just one of many states dealing with the fallout of the U.S. intelligence agencies’ conclusion that Russia worked to influence the 2016 campaign and has compromised — or tried to compromise — state election systems across the country to disrupt the 2018 midterms elections. But interviews and court statements from Republican and Democratic county officials and from state election officials drew the same response: It’s just too late to make the switch.

Illinois: Governor Blocks Bill To Tell People With Criminal Histories About Their Voting Rights | HuffPost

Illinois Gov. Bruce Rauner (R) blocked legislation on Friday that would have required corrections officials throughout the state to help people detained in jails and prisons understand whether they can vote. The bill would have required election and corrections officials to offer ballots to people being detained in jail prior to their trials who want to vote. It would have also required corrections officials to provide voter registration forms to people being released from jail and information about voting rights to those leaving prison. The bill was meant to reduce the confusion about voting rights that contributes to voter disenfranchisement. People detained in jails often have no idea they are eligible to vote, let alone how to request a ballot to do so. The policies governing whether felons can vote when they are released from prison vary widely from state to state. Offenders, as well as parole officers and other corrections officials, can easily be confused about who has the right to vote.

Indiana: New campaign to increase awareness of Indiana voting security launched | Wash Times Herald

If the Indiana election system were human, it would be the “healthiest 200-year-old you’ll ever find,” according to a radio ad released Monday by the office of Secretary of State Connie Lawson. The audio is part of a $500,000 campaign by Lawson’s office in partnership with an Indianapolis marketing firm to increase public awareness around cybersecurity, voting and the relationship between the two ahead of the Nov. 6 general election. “In Indiana, the security of our voting system is of the utmost importance. This public awareness campaign demonstrates to voters that proper precautions are in place to secure their vote,” Lawson said in the campaign announcement. “We take great care to prepare our election administrators for each cycle, and in partnership with counties, other states, and the federal government we are developing new answers to security concerns and election policy.”

Louisiana: Dominion, winner of Louisiana voting machine contract was low bidder | Associated Press

The up to $95 million price tag estimated by the company chosen for Louisiana’s lucrative voting machine replacement contract may have caused a bit of sticker shock, but the projection remains tens of millions of dollars cheaper than plans pitched by the two losing bidders. Financial proposals by vendors who weren’t chosen ranged from $115 million to nearly $160 million for the work, according to bid evaluation documents obtained by The Associated Press. Still, the cost projections submitted by the low-bidder that won the award, Dominion Voting Systems, remains at least $50 million or more higher than the money set aside for the work. Final terms — and a final price tag — for the contract remain to be negotiated.

Maryland: A Russian Oligarch Bought Maryland’s Election Vendor. Now These Senators Are Questioning the Rules | Roll Call

Maryland’s Democratic senators want a Senate committee to require disclosures of foreign investments in U.S. election systems, an alarm bell set off by a Russian oligarch’s connection to their state’s voter registration system. The request to the Rules and Administration Committee comes from Sen. Benjamin L. Cardin and Sen. Chris Van Hollen. Van Hollen is also the chairman of the Democratic Senatorial Campaign Committee. The Maryland senators have been alarmed by a Russian oligarch’s investment connection to ByteGrid LLC, which handles the Old Line State’s voter registration database and candidate management operations. “As the Rules Committee prepares to mark up the Secure Elections Act, we respectfully request that you sponsor an amendment requiring that an election infrastructure vendor submit a report to the Chair of the [Election Assistance Commission] and the Secretary of [the Department of Homeland Security] identifying any foreign national that directly or indirectly owns or controls the vendor, as well as any material change in ownership resulting in ownership or control by a foreign national,” Cardin and Van Hollen wrote Monday.

South Carolina: What is South Carolina doing to keep 2018 election from being hacked? | The State

If the Russians show up again this election season, South Carolina wants to be ready. Earlier this month, election officials from all 46 counties sat down with federal officials from the FBI and the Department of Homeland Security to plan possible responses to election hacking attempts in the run-up to November’s election. It was the first time federal law enforcement agencies have led such a statewide training exercise, playing out different scenarios on how malicious actors could try to break into South Carolina’s election system ahead of November. … A lawsuit filed last month says the machines are so dysfunctional that they violate the right to vote for citizens.

Australia: Want to hack the Western Australia government? Try ‘Password123’ | Computerworld

A staggering 60,000 out of 234,0000 active accounts at a range of WA government agencies were potentially at risk of a dictionary attack due to their weak passwords, a review by the state’s auditor general has found. The state’s auditor general today upheld a venerable WA government information security tradition, slamming agencies for poor practices when it came to passwords and other protective measures. For the report, the WA Office of the Auditor General obtained encrypted password data from 23 Active Directory environments across 17 agencies. Using a selection of password dictionaries it found that tens of thousands of users had chosen weak passwords including “Password123” (1464 accounts), “password1” (813), “password” (184), “password2” (142) and “Password01” (118). “‘After repeatedly raising password risks with agencies, it is unacceptable that people are still using Password123 and abcd1234 to access critical agency systems and information,” said Western Australia’s auditor general, Caroline Spencer.

Mali: Constitutional court upholds election results | Associated Press

Mali’s constitutional court on Monday confirmed the re-election of President Ibrahim Boubacar Keita to a second five-year term. The court said Keita received 67 percent of the Aug. 12 runoff vote, beating opposition leader Soumaila Cisse who received more than 32 percent. There was a 34 percent voter turnout, the constitutional court said, with more than 2.7 million Malians having voted despite threats by extremist groups. Constitutional Court President Manassa Danioko rejected motions filed by the opposition party last week against results. He said there is not enough evidence of fraud to nullify the results. Keita is to be inaugurated Sept. 4 for his second and final term.

Sweden: International observers to monitor Swedish election for first time | The Local

For the first time in a Swedish election, observers from the Organization for Security and Cooperation in Europe (OSCE) will be present in the country to oversee the vote, according to reports in Swedish media. “This is the first time we have had any form of mission or observation activity in Sweden for an election,” the organization’s spokesperson Thomas Rymer told Sveriges Radio. The decision was made following discussions with politicians, representatives of the Swedish media, and some of those involved in organizing the election.

Zimbabwe: Regional leaders call for calm ahead of Zimbabwe poll ruling | AFP

Southern African leaders on Saturday called for calm in Zimbabwe as the country awaits a Constitutional Court hearing on President Emmerson Mnangagwa’s disputed election victory. The main opposition the Movement for Democratic Change (MDC) has accused the ruling Zanu-PF party and the election commission of fraud in the July 30 vote, the first in Zimbabwe since Robert Mugabe’s ouster in November. The Southern African Development Community (SADC) in a statement at the close of its two-day summit in Namibia, urged Zimbabweans to “remain calm while the legal processes regarding the outcome of the elections are being considered by the courts and to respect the will of the people”.

Verified Voting Blog: The Myth of “Secure” Blockchain Voting

Several startup companies have recently begun to promote Internet voting systems, but with a new twist – using a blockchain as the container for voted ballots transmitted over the Internet from the voter’s private device. Blockchains are a relatively new system category a little akin to a distributed database. Proponents of blockchain voting promote it…

National: States add intrusion sensors to election systems to thwart hacking | CNN

A growing number of states are installing a cyber-intrusion sensor system supplied by the Department of Homeland Security in response to fears that election systems my be hacked by foreign adversaries during the 2018 midterm elections and beyond. To date, 36 states have installed the intrusion detection sensors, known as “Albert,” according to a DHS official. The monitoring system was developed by the Center for Internet Security, a nonprofit organization that is working with DHS on election security and coordination. Rather than block cyber threats outright, Albert alerts officials to potentially malign activity to be investigated by experts. In those states, 74 sensors in 38 counties have been installed so far, according to the official, up from 14 before the 2016 presidential election. The new numbers were first reported by Reuters.

National: How DHS is gearing up to protect the midterms from hackers | CNBC

With all the concern over cybersecurity heading into the midterm elections, it’s actually quite difficult for outsiders to directly manipulate votes. Unlike corporate networks and email systems, voting machines aren’t connected to the internet, making them hard to access. So as government officials prepare for the hotly contested congressional elections in November, their focus is more on protecting the integrity of the systems that support the pre- and post-voting periods than on the ballots themselves. “This is about more than just voting machines,” Jeanette Manfra, the top cybersecurity official at the Department of Homeland Security, told CNBC in an interview on Wednesday. “If an [attacker] was intent on sowing discord, how could they do that? It involves us looking at the broad elections administration process.”

National: In Congress, election security proposals aim at 2020 cycle | FCW

While most of the discussion around election security tends to focus on protecting the 2018 fall elections, much of the federal guidance and legislative proposals currently under consideration would likely have limited impact this year. Two bills in Congress – The Secure Elections Act and the PAVE Act – would implement a number of best-practice policies around cybersecurity and vote tabulation that are endorsed by most experts. Yet some of the most impactful provisions from those bills, such as grant funding to replace obsolete or out-of-support voting machines or require states to use paper ballots, would take years to implement before states realized results.

Editorials: Election officials have plenty to learn from hackers | Alex Padilla/The Hill

Every year, DEFCON convenes thousands of hackers who attempt to breach the security of important technologies in an effort to expose vulnerabilities. For the past two years, this has included voting machines in a room dubbed the “Voting Village.”  Rather than watch from the sidelines, or read about the findings in the news, I wanted to see for myself. So, I went to DEFCON. I listened, I observed and I had the opportunity to address attendees. While it’s important to constantly search for and understand the vulnerabilities of any voting system, a unifying message at the conference — from hackers to elections officials alike — is that we must be on alert and Congress must invest more to better secure our elections. Threats to the integrity of our elections are constantly evolving. Not too long ago, a primary focus for election officials was securing voting machines. Today, cyberattack vectors have expanded — and so must our defenses. 

California: FBI probing cyber attack on congressional campaign in California – sources | Reuters

The U.S. Federal Bureau of Investigation is investigating a cyber attack on the congressional campaign of a Democratic candidate in California, according to three people close to the campaign. The hackers successfully infiltrated the election campaign computer of David Min, a Democratic candidate for the House of Representatives who was later defeated in the June primary for California’s 45th Congressional district. The incident, which has not been previously reported, follows an article in Rolling Stone earlier this week that the FBI has also been investigating a cyber attack against Hans Keirstead, a California Democrat. He was defeated in a primary in the 48th Congressional district, neighboring Min’s. Paige Hutchinson, Min’s former campaign manager, declined to comment. An FBI spokeswoman said the bureau cannot confirm or deny an investigation.