National: DHS, FBI say election systems in all 50 states were targeted in 2016 | Ars Technica

A joint intelligence bulletin (JIB) has been issued by the Department of Homeland Security and Federal Bureau of Investigation to state and local authorities regarding Russian hacking activities during the 2016 presidential election. While the bulletin contains no new technical information, it is the first official report to confirm that the Russian reconnaissance and hacking efforts in advance of the election went well beyond the 21 states confirmed in previous reports. As reported by the intelligence newsletter OODA Loop, the JIB stated that, while the FBI and DHS “previously observed suspicious or malicious cyber activity against government networks in 21 states that we assessed was a Russian campaign seeking vulnerabilities and access to election infrastructure,” new information obtained by the agencies “indicates that Russian government cyber actors engaged in research on—as well as direct visits to—election websites and networks in the majority of US states.” While not providing specific details, the bulletin continued, “The FBI and DHS assess that Russian government cyber actors probably conducted research and reconnaissance against all US states’ election networks leading up to the 2016 Presidential elections.” DHS-FBI JIBs are unclassified documents, but they’re usually marked “FOUO” (for official use only) and are shared through the DHS’ state and major metropolitan Fusion Centers with state and local authorities. The details within the report are mostly well-known. “The information contained in this bulletin is consistent with what we have said publicly and what we have briefed to election officials on multiple occasions,” a DHS spokesperson told Ars. “We assume the Russian government researched and in some cases targeted election infrastructure in all 50 states in an attempt to sow discord and influence the 2016 election.”

National: Election machine vendors back legislation requiring post-election audits, vulnerability disclosure | InsideCyberSecurity

Two major election machine vendors stated their support for requiring post-election audits to ensure the validity of election results in the case of a cyber attack or other tampering, in response to questions recently posed by senior Senate Democrats. Sens. Amy Klobuchar (D-MN), Gary Peters (D-MI), Jack Reed (D-RI), and Mark Warner (D-VA) sent letters last month to the three largest election machine vendors asking whether the companies would support legislation around post-election audits and what cyber controls are in place to secure the vote. In its response submitted on Tuesday, Hart InterCivic wrote that “robust post-election audits are the most compelling response” to threats posed by outdated technology. “Auditing is the most transparent and effective means to demonstrate that election outcomes accurately reflect the intention of voters,” Hart wrote. “Hart unequivocally supports state efforts to strengthen auditing procedures.” Tom Burt, the president and CEO of Election Systems and Software, also supported the idea of legislation around post-election audits, writing that the company “strongly supports legislation that would expand the use of routine post-election audits. ES&S believes that successful post-election audits, including risk-limiting audits such as those which have recently occurred in several jurisdictions, will increase confidence in our country’s election process.”

National: Cybersecurity Campaign Aid Delayed by Corporate Money Fears | Bloomberg

The Federal Election Commission delayed a vote on a plan to provide free cybersecurity assistance for campaigns, with the panel’s chairwoman voicing concerns it could the open the door to corporate money in campaigns. Ellen Weintraub said she supported the goal of cybersecurity but questioned whether the proposal could grant broad leeway for providing aid to campaigns outside the limits and restrictions of campaign finance law, including a longstanding ban on corporate contributions to candidates. “We do not want to inadvertently blow a hole in the corporate contribution ban,” the Democratic chairwoman said at a commission meeting today. The nonprofit watchdog Campaign Legal Center, which had voiced similar concern about the initial proposal, has signed off on a compromise that includes language emphasizing the aid is tied to the imminent threat of illegal foreign interference in elections. The commission may take up the issue again at its scheduled April 25 meeting.

National: After Arrest of Julian Assange, the Russian Mysteries Remain | The New York Times

In June 2016, five months before the American presidential election, Julian Assange made a bold prediction during a little-noticed interview with a British television show. “WikiLeaks has a very big year ahead,” he said, just seconds after announcing that the website he founded would soon be publishing a cache of emails related to Hillary Clinton. He was right. But an indictment unsealed on Thursday charging Mr. Assange with conspiring to hack into a Pentagon computer in 2010 makes no mention of the central role that WikiLeaks played in the Russian campaign to undermine Mrs. Clinton’s presidential chances and help elect President Trump. It remains unclear whether the arrest of Mr. Assange will be a key to unlocking any of the lingering mysteries surrounding the Russians, the Trump campaign and the plot to hack an election. The Justice Department spent years examining whether Mr. Assange was working directly with the Russian government, but legal experts point out that what is known about his activities in 2016 — including publishing stolen emails — is not criminal, and therefore it would be difficult to bring charges against him related to the Russian interference campaign. Numerous significant questions are left unanswered, including what, if anything, Mr. Assange knew about the identity of Guccifer 2.0, a mysterious hacker who American intelligence and law enforcement officials have identified as a front for Russian military intelligence operatives.

National: Comey Says Trump’s Silence Invites Another Russia Election Hack | Bloomberg

Former FBI Director James Comey said the U.S. remains unprepared for another attack on its elections and faulted the attorney general for suggesting that the government was “spying” on Donald Trump’s presidential campaign in 2016. Echoing the findings of U.S. intelligence agencies, Comey said Russia intervened in the 2016 election to damage American democracy, undermine Democratic nominee Hillary Clinton and bolster Trump. Russian officials have denied the accusations. But Comey said Trump’s “denial of a fundamental attack” on the U.S. means “we’re inviting it to happen again with our president’s silence.” The former FBI leader also said he was concerned by Attorney General William Barr’s comments on Wednesday that he’s starting his own inquiry into counterintelligence decisions that may have amounted to political espionage, including actions taken during the Russia probe in 2016. “I really don’t know what he’s talking about when he talks about spying on the campaign,” Comey said. “The FBI and Department of Justice conduct court-ordered surveillance. If the attorney general has come to the belief that that should be called spying, wow, that’s going to inspire a whole lot of conversations in the Department of Justice.”

Missouri: Lawmakers discuss return to paper ballots | Columbia Missourian

Voters could get the chance to check their electronic ballot for accuracy before turning it in under a proposed bill. HB 543, sponsored by Rep. Tony Lovasco, R-O’Fallon, would require electronic voting machines to print out a paper ballot that could be reviewed by the voter. That paper ballot would also be available to those checking ballots during recounts. The bill also works to phase out electronic voting machines that directly record results without producing some sort of physical copy. As the machines die out due to age or malfunction, the bill states that they would not be replaced. The bill would make paper ballots the “official ballot” except for those submitted by electronic machines that have not yet been replaced.

Ohio: Thousands of voters given wrong polling location by Secretary of State website | Fayette Advocate

An apparent error on the Ohio Secretary of State’s website has caused thousands of voters to have the wrong polling location listed on their voter registration. According to the Pickaway County Board of Elections, “a large majority” of their county’s registered voters have been given the misinformation by the Secretary of State through the state’s official website voter registration portal. “We send a file to the Ohio Secretary of State and it appears they have addresses for several precincts incorrect,” Michele Lockard, director of the Pickaway County Board of Elections wrote in an email to a voter who inquired about the issue Thursday morning. It is unclear exactly how many voters have been impacted by the error, but Lockard said that she, herself, was also affected. It was also not made immediately clear to the Advocate if Pickaway County was the only county impacted by the error. The county has 34,339 registered voters.

Pennsylvania: Philadelphia commissioner breaks silence to criticize voting machine decision and call for new selection | Philadelphia Inquirer

Philadelphia City Commissioner Anthony Clark, who rarely says anything at board meetings and has a reputation for not showing up to work, suddenly spoke up Wednesday to say he favors invalidating the city’s choice of voting machines and restarting the selection process. His comments, which caught nearly everyone by surprise, were delivered almost casually during the commissioners’ weekly meeting, after City Controller Rebecca Rhynhart urged the elections officials to nullify the controversial selection of new systems. “Today I request that this body vacate the commissioners’ earlier decision and draft and reissue a new, fair” request for proposals, Rhynhart said after calling the selection process opaque and biased. “Please don’t deny Philadelphia’s voters a true voice in the selection of these machines.” Clark, who had not spoken publicly about the decision and did not cast a vote when the commissioners chose the system, responded: “Well, I’d just like to say that I do support your recommendation. That’s all I have to say at this time.” Advocates have for months implored Philadelphia election officials to select a hand-marked paper ballot system rather than the ES&S ExpressVoteXL system that was chosen Feb. 20 have accused the commissioners of illegally selecting that machine and called for that vote to be nullfied.

Finland: DoS attack against election results portal under investigation in Finland | Helsinki Times

A denial of service (DoS) attack against the official online election results service is under investigation in Finland. The National Bureau of Investigation (KRP) on Wednesday reported that the attack took place last weekend, stressing that the attack can have no impact whatsoever on the election results as the targeted service is not related to the casting or counting of votes. The short and low-volume attack caused intermittent disruptions to the results service in the wee hours of last weekend, Arto Jääskeläinen, the head of electoral administration at the Ministry of Justice, told Lännen Media. The service on vaalit.fi is used primarily by small news outlets, he added to Helsingin Sanomat. YLE, Helsingin Sanomat and other major outlets, in turn, have an agreement in place that provides them access to the results data through a secure connection.

India: The first day of voting in India is dotted with glitches in the electronic voting machines | Business Insider India

The general election has only just begun and reports of Electronic Voting Machine (EVM) malfunctions are flying in from multiple corners of the country. Butchirajupalem in Visakhapatnam and Cooch Behar in West Bengal were one of the first constituencies to halt voting because the EVM machines stopped working. One of the poll booths in Ghaziabad in Uttar Pradesh and two booths in Hyderabad, Telangana are also reported facing problems with their voting machines a while later. But most of the EVM malfunctions are being reported in Odisha and Andhra Pradesh. In Andhra Pradesh, Telugu Desam Party and the YSR Congress Party (YSRCP) are reporting EVM malfunctions. YSRCP is reporting that as many as 99 of the polling booths aren’t working. Tensions between both political parties have resulted in violent clashes and ransacking of poll booths.

Israel: Cyber expert: Future elections will have even more cyber issues | Jerusalem Post

While the 2019 Knesset elections had some unprecedented cyber issues, future elections will have even more, cyber expert and founder and editor-in-chief of Cybertech Magazine Amir Rapaport says. Speaking to The Jerusalem Post on Wednesday, Rapaport divided the impact of cyber on the elections into three spheres. He said that Israel’s Central Elections Committee, in coordination with the Israel National Cyber Directorate (INCD) and other agencies (the Shin Bet Israel Security Agency is known to have a heavy role), seem to have succeeded in protecting from actual hacking of physical election systems. To that extent, no one has called into question the voter totals produced by the committee based on accusations of a cyber attack. (There are some minor controversies, but not related to the cyber sphere.) Further, some of the dark scenarios to prevent voters from reaching the polling stations, including the hacking of trains and other public transit, did not transpire.