National: Distrust, Staffing and Funding Shortages Imperil Election Security | Courtney Bublé/Government Executive

pecial Counsel Robert Mueller was emphatic when he testified before the House Intelligence Committee on July 24 about Russian interference in the 2016 election: “It wasn’t a single attempt. They’re doing it as we sit here, and they expect to do it during the next campaign.” In an earlier, less partisan era, Mueller’s warning likely would have galvanized lawmakers and propelled them to action to ensure the security and integrity of American elections. While federal agencies have taken critical steps to improve security around U.S. elections since 2016, those efforts have been hampered by inadequate funding; staffing problems; mixed messages from Congress and the administration; and, not insignificantly, by Constitutional questions—states and localities hold primary authority for administering elections, and some Republicans worry about the federal government usurping state powers in the name of security. But the special counsel’s warning had no such galvanizing effect. Hours after Mueller testified in the House, Sen. Cindy Hyde-Smith, R-Miss., blocked, without giving a reason, election security bills in the Senate, one of which would have required campaigns to alert the FBI and the Federal Election Commission about election assistance offers from foreign countries. The next day, Senate Majority Leader Mitch McConnell, R-Ky., denied the Democrats’ request for a vote on the House-passed Securing America’s Federal Elections Act, which would have authorized $775 million to bolster state election systems and required paper ballots as a guard against vote tampering. McConnell said the legislation, which passed the House with just a single Republican vote, would nationalize election authorities that “properly belong to the states.”  While few things are more fundamental to democracy than the integrity of the election system, finding a bipartisan consensus for ensuring that integrity has been elusive, and as a result, agencies’s efforts are far less effective than they could be otherwise.

National: Voting Machine Makers Give U.S. Access in Fight Against Hackers | Chris Strohm and Alyza Sebenius/Bloomberg

Companies that make voting machines and election systems have given the Homeland Security Department access to engineering details and operations so the U.S. can identify potential vulnerabilities hackers might exploit heading into the 2020 election, a department official said. The new cooperation has allowed Homeland Security to map out the ecosystem of election voting systems and processes to help state and local governments, as well as private companies, defend against hackers, Jeanette Manfra, assistant director for cybersecurity, said at an Intelligence and National Security Summit on Thursday. Makers of voting machines and election systems are cooperating voluntarily, representing a breakthrough for the government, Manfra said in an interview after the conference in the Washington suburbs. “I think we’ve made a lot of progress with the vendors of those systems,” Manfra said. “We know what makes up the systems and how it actually works.” Officials, citing Russian interference in the 2016 campaign, predicted lively combat between hackers and government protectors of cybersecurity in the run-up to next year’s presidential election.

National: ‘No One Is Accountable for This’: Why the 2020 Campaigns Are Struggling With Security | Uri Friedman/The Atlantic

It’s the eve of Election Day 2020, and political reporters have just received an incendiary email. Donald Trump’s campaign has sent out grainy cellphone footage of his Democratic challenger, Joe Biden, at a private meeting with wealthy donors, ridiculing Americans who voted for the president in 2016 and plotting how to trick them into backing him instead. Except Biden never made the remarks and Trump never shared them. A few overeager journalists post the video on Twitter before fully investigating its authenticity, causing the clip to spread on social media faster than the presidential campaigns and the press can expose it as a fraud. U.S. authorities will eventually attribute the deception to North Korean hackers, impersonating the Trump campaign’s domain name and deploying deepfake technology to keep their preferred nuclear-talks counterpart in office. But that won’t happen for weeks, well after Americans have chosen their next leader. Such a hypothetical scenario isn’t implausible. In fact, it’s a type of threat that the email-security firm Agari flagged in a recent report. Three and a half years have passed since John Podesta, the chairman of Hillary Clinton’s presidential campaign, fell for a phishing email—granting Russian hackers, and thereby the world, access to his Gmail account and coming to embody the devastating ways foreign governments can meddle in democratic politics. In light of that trauma, the current crop of presidential campaigns has made progress in fortifying their digital operations. But according to those who have worked with the campaigns on these efforts, they nevertheless remain vulnerable to attack and lack cybersecurity best practices. “The risk is more than reasonable that another Podesta-like attack could take place,” Armen Najarian, Agari’s chief marketing officer, told me.

National: New NSA cyber lead says agency must share more info about digital threats | Joseph Marks/The Washington Post

The NSA is the U.S. government’s premier digital spying agency and it has a well-earned reputation for keeping secrets. But the agency needs to stop keeping so many things confidential and classified if it wants to protect the nation from cyberattacks. That’s the assessment from Anne Neuberger, director of NSA’s first Cybersecurity Directorate, which will launch Oct. 1 and essentially combine the work of many disparate NSA divisions dealing with cybersecurity, including its offensive and defensive operations. The directorate’s mission is to “prevent and eradicate” foreign hackers from attacking critical U.S. targets including election infrastructure and defense companies, Neuberger said yesterday during her first public address since being named to lead the directorate in July. Neuberger acknowledged the difficulty of her mission during an onstage interview at the Billington Cybersecurity Summit, but also said the growing hacking threats from Russia, China and other U.S. adversaries mean the nation “must” achieve it. “The nation needs it … the threat demands it and the nation deserves that we achieve it,” Neuberger said. That mission also means, however, that NSA, which was once colloquially known as “no such agency” and has traditionally kept mum to protect its own hacking operations and secret sources, must start sharing more threat data with cybersecurity pros in the private sector, she said. And the NSA will have to share that information far more quickly than it has in the past when many recipients hcomplained that, by the time they get the information, it’s no longer useful, she said. In some instances, the agency will have to look for “creative approaches” to share that information, Neuberger told reporters after her talk.

National: Blue Dog Democrats urge action on election security | Maggie Miller/The Hill

The leaders of the House Blue Dog Coalition and the House Blue Dog Task Force on National Security on Thursday sent a letter to House and Senate leaders calling for action to prevent foreign interference in U.S. elections and to secure election systems. The House Blue Dog Coalition, a group of 26 moderate Democrats, urged congressional leaders to “put politics aside and pursue bipartisan solutions” to bolster election security ahead of 2020. “We are calling on Congress to take further action to secure our elections, punish Russia for its attempts to meddle in the 2016 and 2018 elections, and deter our adversaries from meddling in future U.S. elections,” the leaders of the Blue Dog Coalition and the Task Force wrote. “The threat to our national security could not be more clear.” The letter was sent to Speaker Nancy Pelosi (D-Calif.), House Majority Leader Steny Hoyer (D-Md.), Minority Leader Kevin McCarthy (R-Calif.), Senate Majority Leader Mitch McConnell (R-Ky.) and Senate Minority Leader Charles Schumer (D-N.Y.).  The House has passed two major election security bills earlier this year, both along party lines. The SAFE Act, passed in June, would provide states with $600 million for election security efforts, and would also ban voting machines from being connected to the internet and from being manufactured outside the U.S. The House also approved the For the People Act, which includes sweeping language on election security and voting reform. Both bills have been blocked from a vote in the Senate by Republicans, who cite concerns around federalizing elections.

California: Los Angeles County Offering New Ballot Casting Process For Voters in 2020 | R.J. Johnson /KFI

Los Angeles County’s antiquated voting system is getting a badly needed upgrade in time for the upcoming 2020 elections. Starting next year, more than 5.2 million residents will have the chance to use the Voting Solutions for All People, or VSAP, which aims to make voting for residents easier, more secure and transparent. The new Ballot Marking Devices were designed by the Registar-Recorder/County Clerk in response to the aging system and meant to make it easier for voters to to customize their voting experience to fit their needs. Voters will be able to access 13 languages, adjust the touch screen to a comfortable angle, change the display settings such as text size and contrast or go through the ballot using the audio headset and control pad. Rest assured, the Ballot Marking Device is NOT connected to any kind of a network or the internet. If you’re not as technically-savvy as others, don’t worry, the easy-to-follow instructions guide voters through the voting process without any need for assistance.

Ohio: Secretary of State to ask for $1.7 million to monitor cyber-security threats | Jim Provance/Toledo Blade

Ohio’s top elections official on Monday will ask a state budgetary panel to allow him to tap just more than $1.7 million in federal funds to monitor county boards of elections for potential cyber-security threats going into the 2020 presidential election. If approved, Ohio would become just the third state, following Nevada and Florida, to have such devices in all of its counties. Secretary of State Frank LaRose has asked the bipartisan Ohio Controlling Board to release the funds made available through the federal Help America Vote Act to contract with the Center for Internet Security. The New York-based nonprofit organization is the sole vendor approved by the U.S. Department of Homeland Security and has staff at the National Cybersecurity and Communications Integration Center in Washington. “The security directive is intended to protect that infrastructure that is connected to the Internet — stations where board staff work, email systems, voter registration databases, the board of election website…,” Mr. LaRose said. Voting machines and tabulating equipment would not be included since they are not connected to the Internet.

Russia: Masked man tasers Russian election chief before regional vote | Reuters

A masked man broke into the home of Ella Pamfilova, the head of Russia’s Central Election Commission, in the early hours of Friday morning and repeatedly tasered her, Russia’s Ministry of Internal Affairs said. The attack came two days before Russians vote in regional elections, including in Moscow. The vote in the Russian capital has triggered weeks of protests after Pamfilova and her colleagues refused to register a slew of opposition-minded candidates. Election officials said the barred candidates had not collected enough genuine signatures to take part in Sunday’s election, an allegation the candidates denied. “The masked intruder broke in through a window and got onto the house’s terrace and repeatedly tasered the home owner (Pamfilova) and then fled,” the ministry said in a statement.