National: Trips To Vegas And Chocolate-Covered Pretzels: Election Vendors Come Under Scrutiny | NPR

It is likely to be a banner year for the voting equipment industry with state and local election offices planning to spend hundreds of millions of dollars on new machines ahead of the 2020 election. This year’s purchases will probably amount to the biggest buying wave since right after the 2000 presidential election, when officials rushed to replace discredited punch card machines with touchscreen voting equipment. Those machines are rapidly aging and are being replaced with machines that leave a paper backup as a result of security concerns about purely electronic voting. The voting equipment purchases come at a time of increased scrutiny over the security and integrity of elections following Russia’s efforts to interfere in the 2016 election. Some states, such as Georgia, South Carolina and Delaware, are replacing all of their voting machines, while several other states, including California, Ohio and Pennsylvania, are replacing much of their equipment. About one quarter of voters live in the states doing most of the buying. The buying spree has also put a focus on the close ties between vendors and the government officials who buy their equipment. Advocacy groups and some politicians allege that vendors have unduly influenced the procurement process in many places, something the companies and election officials deny.

National: CISA wants more funding for critical infrastructure activities | FCW

The head of the federal government’s top civilian cybersecurity agency told two House panels this week that he would prioritize increased technical assistance to critical infrastructure entities if provided with additional funding in the fiscal 2020 budget. Christopher Krebs, director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, pointed to the substantial investment Congress has made to CISA’s budget for election security operations over the past few years as a model for how the agency would like to deploy additional resources to other critical infrastructure sectors. “Congress has invested in my agency to date, close to $60 million, purely related to election security,” Krebs said at an April 30 hearing with the House Homeland Security Cybersecurity, Infrastructure Protection and Innovation Subcommittee. “Outside of federal networks, I don’t think I have another critical infrastructure sector that Congress has invested specifically to that level.” CISA provides a variety of services to the 16 critical infrastructure sectors it serves, from sharing of cyber threat intelligence to in-depth vulnerability scans. The agency has also indicated in recent months that it has plans to begin installing technical sensors around critical infrastructure systems to detect malicious activity, similar to the Albert sensors it has deployed around election and voting systems.

National: Election security push stumbles amid White House resistance | Politico

Senate Democrats and Republicans can agree on perhaps just one thing about special counsel Robert Mueller’s investigation — that Russia interfered in the 2016 presidential election. But bipartisan legislation to address foreign intrusions is all but dead amid a distinct lack of enthusiasm from Senate GOP leadership and the Trump White House. At a heated hearing with Attorney General William Barr on Wednesday, Sen. Amy Klobuchar (D-Minn.) blasted the White House for blocking the election security bill she co-sponsored with Sen. James Lankford (R-Okla.) in the previous Congress. And in an interview, Klobuchar put the blame for the impasse squarely on President Donald Trump’s former White House counsel Don McGahn as well as Senate Majority Leader Mitch McConnell. “It was Don McGahn,” Klobuchar said Wednesday. “He called Republicans about the bill, didn’t want them to do it. And McConnell also didn’t want the bill to move forward. So it was a double-edged thing.” Klobuchar added that McGahn, who was previously chair of the Federal Election Commission, “had a personal interest in it” and that, with him no longer at the White House, “maybe they can look at it fresh.” McGahn did not respond to a request for comment.

National: Mueller Findings Raise Election Hacking Fears in States | Stateline

Tucked into the 448-page report from Special Counsel Robert Mueller were four paragraphs about major breaches into state and local election systems. Mueller’s description of Russian interference designed to help the Trump campaign was a reminder of how far many state and local officials have come in securing election infrastructure, but also of how stark the threat remains to the nation’s 8,000 election offices. The report even disclosed a previously unknown breach: Russian intelligence agents in November 2016 tried to introduce corrupted files into election offices in several Florida counties. The hackers succeeded in at least one of those counties, the report indicates. It raises questions about election systems’ vulnerability to outside hackers — and why the FBI didn’t tell Florida officials about the attempted strike. Election security experts say malicious foreign actors continue this year to target voter registration databases, Election Day result programs, and election office websites and social media profiles as they did during the last presidential election. “It once again reinforces that this is a legitimate threat,” said Maurice Turner, a senior technologist at the nonprofit Center for Democracy and Technology in Washington, D.C. “This isn’t just a one-time issue that’s come and gone.” Any interference operations targeting the 2020 presidential election already have begun, Turner said. Phishing emails designed to allow hackers to capture passwords, usernames or personal information through unwitting officials likely have already gone out, he said.

National: Klobuchar finds Attorney General Barr unaware of major election security legislation | Roll Call

Attorney General William Barr said Wednesday that he was not familiar with the Senate’s bipartisan effort to enhance the security of election systems ahead of 2020. Barr had not yet returned to the Department of Justice when, last year, the Senate Rules and Administration Committee abruptly cancelled a markup of a bipartisan bill known as the Secure Elections Act. The legislation crafted by Oklahoma Republican Sen. James Lankford and Minnesota Democratic Sen. Amy Klobuchar seeks to require state election officials to conduct audits following elections, as well as to establish paper ballot backup systems. “The White House, just as we were on the verge of getting a markup in the Rules Committee, getting it to the floor where I think we would get the vast majority of senators, the White House made calls to stop this,” Klobuchar said at the hearing, recalling the events of August 2018. Klobuchar then asked Barr for a commitment to work on the legislation. “I will work with you to enhance the security of our election, and I’ll take a look at what you are proposing,” Barr said. “I’m not familiar with it.” Klobuchar responded to Barr by pointing out that the bill is the main bipartisan measure related to election security, noting support of Intelligence Chairman Richard M. Burr, R-N.C., and Vice Chairman Mark Warner, D-Va., as well as fellow Judiciary Committee members including Democrat Kamala Harris of California and Chairman Lindsey Graham, a South Carolina Republican.

National: Here’s the one thing Republicans and Democrats could agree on during Barr hearing | The Washington Post

During a contentious and highly partisan hearing with Attorney General William Barr yesterday, senators did manage to find one bipartisan point of agreement: Pushing for improved election and campaign security before 2020. During the more than four-hour Judiciary Committee hearing, both Republicans and Democrats sought Barr’s support for legislation to require paper records for 2020 votes and efforts to harden election infrastructure and to combat digital misinformation. And they urged the Justice Department to help 2020 presidential campaigns ward off foreign interference. “The special counsel’s report is the end of the road when it comes to the question of the Trump administration’s intent,” Sen. Joni Ernst (R-Iowa) said. “But it is just the beginning of the conversation on how we counter Russia and other foreign adversaries in their attempts to undermine our Republic.” It seemed to be the only point of political alignment at the hearing during which Democrats savaged Barr for allegedly misrepresenting findings in the report from special counsel Robert S. Mueller III and after which numerous Democratic senators called on the attorney general to resign. But it’s far from clear that Congress will be able to pass election security legislation in time for the 2020 contest.

National: 2020 campaigns grappling with how to manage cybersecurity | Associated Press

While candidates were focused on campaigning in 2016, Russians were carrying out a devastating cyber-operation that changed the landscape of American politics, with aftershocks continuing well into Donald Trump’s presidency. And it all started with the click of a tempting email and a typed-in password. Whether presidential campaigns have learned from the cyberattacks is a critical question ahead as the 2020 election approaches. Preventing the attacks won’t be easy or cheap. “If you are the Pentagon or the NSA, you have the most skilled adversaries in the world trying to get in but you also have some of the most skilled people working defense,” said Robby Mook, who ran Hillary Clinton’s campaign in 2016. “Campaigns are facing similar adversaries, and they don’t have similar resources and virtually no expertise.” Traditionally, cybersecurity has been a lower priority for candidates, especially at the early stages of a campaign. They need to raise money, hire staff, pay office rents, lobby for endorsements and travel repeatedly to early voting states. Particularly during primary season, campaign managers face difficult spending decisions: Air a TV ad targeting a key voting demographic or invest in a more robust security system for computer networks?

California: Has Los Angeles County just reinvented voting? | NBC

The biggest voting district in the United States came up with an audacious answer to the growing national problem of aging, malfunctioning and hackable voting machines. It decided to build its own. Los Angeles County, which has more registered voters than 42 states, gave NBC News an exclusive national broadcast look at what may be the future of voting systems. The county’s 5.2 million registered voters will give the new system a test run in real time during California’s presidential primary next March. Built with open-source technology over 10 years for $100 million, and combined with a rethink of the voting process that lets locals cast ballots over 11 days instead of 13 hours, L.A. County officials believe their new machines will cut down on mechanical breakdowns and crowding and provide sophisticated protections against hacking. “We thought, ‘We can’t wait any longer,'” said the man in charge of the new system, L.A. County Registrar Dean Logan.

Florida: After hacking allegation in Mueller report, Florida officials call for briefings | ABC

“The FBI needs to brief the Florida delegation on exactly what Russia did and which counties were involved so we can protect our elections and the voters,” Rep. Michael Waltz, R-Fla., said Thursday in a joint call for more information with his Democratic colleague Rep. Stephanie Murphy. The House members’ demand follows others made by Florida Gov. Rick DeSantis and Sen. Rick Scott, R-Fla., after the Mueller report’s publication last month. The FBI has reportedly agreed to those earlier requests for briefings. And during an otherwise contentious Senate hearing Wednesday, Attorney General William Barr said he would arrange for the full Senate to be briefed on the reported Russian hack, at the request of Sen. Amy Klobuchar, D-Minn. The concern grew out of a line in the Mueller report, which said the FBI suspected Russian military intelligence hackers were able to “gain access to the network of at least one Florida county government” through a spear-phishing campaign. Mueller said his investigators did not verify the suspicion, deferring to the FBI.

Georgia: Potential vulnerabilities of new Georgia voting machines evaluated | Atlanta Journal Constitution

The U.S. Department of Homeland Security is gauging potential vulnerabilities of the type of voting machines that will soon be used in Georgia. The federal government will work with election officials to better understand the security and auditability of voting systems, said Scott McConnell, a spokesman for the Cybersecurity and Infrastructure Security Agency, part of the Department of Homeland Security.“This includes helping to identify potential risks and vulnerabilities for deployed systems as well as informing the development of future systems,” McConnell said. Georgia is preparing to buy a $150 million statewide election system with voting machines called ballot-marking devices. Like the state’s current electronic voting machines, voters using the new ballot-marking devices will choose their candidates on touchscreens. Then printers will create paper ballots for voters to review and insert into scanning computers for tabulation.Federal scrutiny of voting technology comes after a study published last week pointed out weaknesses in ballot-marking devices.If ballot-marking devices are hacked or tampered with, they could print out falsified ballots, according to the study by three cybersecurity experts.

Editorials: Minnesotans last to agree on election security | The News Leaders

Minnesota usually shows up near the top, if not No. 1, in rankings of the states. But on the urgent issue of election security, Minnesota is dead last. Despite pledges of bipartisanship for this legislative session, Democrats and Republicans are deadlocked over how to spend a potential $6 million to improve election security. Minnesota is the only state that has yet to touch its share of the $380 million federal appropriations. Senators and representatives should agree to a plan from Secretary of State Steve Simon to use the money to upgrade the state’s 15-year-old voter system. “Election security shouldn’t be a partisan issue or a bargaining chip,” Gov. Tim Walz said. “It’s time we join every other state in the nation and protect our elections.” The Democrat-controlled house passed Simon’s plan while the Republican-led Senate only wants to spend $1.5 million. Both houses have appointed members to a conference committee to resolve the issue.

North Dakota: Legislature funds new election equipment | Bismarck Tribune

North Dakota’s chief elections official hopes to have new equipment at the polls for the 2020 contests after state lawmakers approved $12 million for the devices. Secretary of State Al Jaeger said Wednesday the money will be used to purchase new ballot scanners and electronic poll books, which serve as voter records at individual precincts, across the state. The $12 million approved by lawmakers includes $3 million of federal funding. Jaeger, a Republican, said North Dakotans will still mark a paper ballot but new equipment will be used to count their votes. County election officials have warned about equipment failures for several years, but the 2017 Legislature rejected funding while the state tightened its belt.

Pennsylvania: Philadelphia city controller says she will block payment for controversial new voting machines | Philadelphia Inquirer

Philadelphia City Controller Rebecca Rhynhart says she will not approve payment for new voting machines that will cost the city tens of millions of dollars. “I’m deeply concerned about the legality of this process,” she said in a statement Tuesday night, “and as city controller, I will not release $1 of payment while these questions go unanswered.” Until her office completes an investigation of the voting-machine selection process, including accusations that it was biased to favor electronic voting machines over paper ones that voters fill out manually, Rhynhart said she won’t sign off on payment. Her approval is one of several that are required along the way when the city purchases new equipment or services. “We need a pause to say, ‘What is going on here?’ ” Rhynhart said in an interview Wednesday morning. “And I’m not going to be releasing any payment until it’s very clear that all procurement rules and city processes were followed in this procurement, because right now I have doubts.” It’s unclear what would happen if Rhynhart refuses the payment after machines are delivered and implementation begins. Dozens have already arrived.

India: How the world’s largest democracy casts its ballots | The Conversation

About 600 million Indian citizens are expected to cast their votes over a period of 39 days ending May 19, in the ongoing election for their country’s parliament. There are roughly 900 million eligible voters, and the country has typically seen about two-thirds of them turn out to polling places. I have been working on the security of electronic voting systems for more than 15 years, and, along with other colleagues, have been interested in understanding how a nation can tally that many votes cast over such a long period. India uses a domestically designed and manufactured electronic voting machine – as many as 4 million of them at 1 million polling places, at least some in extremely remote locations. The first version of the Indian electronic voting machine debuted in the state election in Kerala in 1982. Now they’re used in elections throughout the country, which happen on different days in different areas. When a voter arrives at the polling place, she presents a photo ID and the poll officer checks that she is on the electoral roll. When it’s her turn to vote, a polling official uses an electronic voting machine’s control unit to unlock its balloting unit, ready to accept her vote. The balloting unit has a very simple user interface: a series of buttons with candidate names and symbols. To vote, the voter simply presses the button next to the candidate of her choice. After each button press, a printer prints out the voter’s choice on paper and displays it to the voter for a few seconds, so the person may verify that the vote was recorded correctly. Then the paper is dropped into a locked storage box. The whole system runs on a battery, so it does not need to be plugged in.

Editorials: Securing Electoral Infrastructure: How Alert is India’s Election Chowkidaar | Varsha Rao/MediaNama

With the publication of Special Counsel Robert Mueller’s much-awaited report on Russian interference in the United States Presidential Elections of 2016, the threat of hacking and misinformation campaigns to influence elections is taking centre-stage yet again. Closer to home, the discussion has become more pertinent than ever before. In a democratic process of gigantic proportions, 900 million Indians across 543 constituencies are expected to cast their vote in 7 phases to elect a Government for the next five years. The gravity and significance of the ongoing General Elections to the Lok Sabha thus begs the question – how susceptible is the world’s largest democracy to cyber interference? Interfering in an election in the digital age involves a two-pronged attack – firstly, by influencing the political inclination of the electorate via misinformation campaigns on social media platforms, and secondly, by manipulating the electoral infrastructure itself. This article will focus on the latter, more specifically, the infrastructure and processes administered by the Election Commission of India. Unfettered access to voter registration databases arms malicious actors with the ability to alter or delete the information of registered voters, thereby impacting who casts a vote on polling day. Voter information can be deleted from the electoral rolls to accomplish en-masse voter suppression and disenfranchisement along communal and religious lines in an already polarized voting environment. The connectivity of voter databases to various networks for real-time inputs and updates make them highly susceptible to cyberattacks.

United Kingdom: E-voting by touch-screen trialled in local elections | BBC

Voters in Gateshead are being invited to vote twice in the local elections – via the traditional ballot box and on a touch-screen computer. Only their ballot paper vote will count, with the e-voting just a trial. E-voting could eventually transform elections, doing away with the need for an election count. Several countries have experimented with such systems but security fears have held deployment back. Anyone wanting to take part has to record their vote via a touch-screen computer at the polling booth by entering a passcode issued to them, selecting a candidate and then receiving a paper receipt. All encrypted votes are published on the election website, where anyone will be able to look at the tally for each candidate. The system will flag up if any e-vote has been illegitimately modified. What made it different from previous systems was that it could be verified “end to end”, said the team at Warwick University who developed it, with funding from the European Research Council and Innovate UK.