A long-awaited update to federal voting technology standards could ban voting machines from connecting to the internet or using any wireless technology such as Wi-Fi or Bluetooth. A new draft of version 2.0 of the Voluntary Voting System Guidelines says that voting machines and ballot scanners “must not be capable of establishing wireless connections,” “establishing a connection to an external network” or “connecting to any device that is capable of establishing a connection to an external network.” If they survive a review process, the new rules would represent a landmark development in voting technology oversight, eliminating one of cybersecurity experts’ top concerns about voting machines by plugging holes that skilled hackers could exploit to tamper with the democratic process. The wireless and internet bans are included in the latest draft of the “system integrity” section of the VVSG update. A working group focused on the VVSG’s cybersecurity elements reviewed the document during an Oct. 29 teleconference.
National: Almost 100 former officials, members of Congress urge Senate action on election security | Maggie Miller/The Hill
A group of nearly 100 former members of Congress, Cabinet officials, ambassadors and other officials is urging Congress to take action to secure U.S. elections, citing “severe threats to our national security” if certain steps are not taken. The officials, all of whom are members of nonprofit political action group Issue One’s “ReFormer’s Caucus,” sent a letter to the Senate on Thursday urging members to support various bills designed to bolster election security. “Foreign interference in American elections is a national security emergency,” the group wrote. “We are alarmed at the lack of meaningful Congressional action to secure our elections. The United States cannot afford to sit by as our adversaries exploit our vulnerabilities. Congress — especially the Senate — must enact a robust and bipartisan set of policies now.” Specifically, the officials advocated for the passage of five bipartisan bills, including the Honest Ads Act, a bill meant to increase the transparency surrounding online political ads, and the Defending Elections from Threats by Establishing Redlines (DETER) Act, which would impose sanctions on countries that interfere in U.S. elections. The officials also urged the Senate to pass legislation aimed at increasing the cybersecurity of voting infrastructure and cracking down on foreign donations to U.S. elections.
Security researchers showed lawmakers and reporters how easy it is to compromise voting machines in what has become an annual event at the U.S. Capitol. The Washington, D.C., version of the Voting Village event at the DefCon security conference in Las Vegas gives policymakers a hands-on glimpse of the technology that powers U.S. democracy. This year’s report is consistent with prior exercises: virtually every machine experts can get their hands on can be easily exploited in a number of different ways. What has changed in recent years, said Voting Village Co-founder Harri Hursti, is that the community of security researchers with first-hand experience working with these machines has grown from less than a dozen to thousands. Even though the annual event has been held for several years, fresh researchers have discovered of new vulnerabilities and attack vectors. “In this area, it’s always mind-blowing how these machines keep giving,” Hursti told FCW.
Despite the $380 million in federal grants made to states to update the security of their election systems, we are still woefully unprepared to deal with potential attacks on our essential digital voting infrastructure. With the 2020 election cycle fast approaching, there is tremendous urgency to address the underlying issues that jeopardize the sanctity of…
FBI Director Christopher Wray on Wednesday testified that he expects Russian actors to attempt to interfere in the 2020 elections, adding that he also expects countries like China to explore disinformation efforts. “Some of the things that the Russians have tried in other countries we expect them to try to do here as well, it’s pretty common to test it out in other jurisdictions, thankfully we don’t have elections every year, so that gives us a little bit of time to plan ahead,” Wray testified in regards to potential attacks on U.S. elections to the House Homeland Security Committee. Wray did not offer details of what exactly the Russians might attempt due to the open setting of the hearing. Wray noted that while the FBI has not seen “any intention” from China, Iran and North Korea to attempt attacks on election infrastructure, these countries are “clearly interested in engaging in malign foreign influence” in regards to elections, such as through social media disinformation efforts.
John Oliver took a deep dive into voting machines on the November 3, 2019 episode of “Last Week Tonight with John Oliver” and the Verified Voting team was excited to advise on the feature and provide our data from the Verifier. The 20 minute segment noted that while America’s voting systems are still vulnerable, the solution…
A Republican senator blocked a sweeping House-passed election and ethics reform bill on Wednesday, the latest of several failed attempts by Democrats to advance election-related legislation ahead of 2020. Democratic Sens. Jeff Merkley (Ore.) and Tom Udall (N.M.) tried to pass the ethics and elections reform measure, known as H.R. 1, which they argued had been buried in the upper chamber’s “legislative graveyard.” “The For the People Act repairs our broken campaign finance system, opens up the ballot box to all Americans [and] lays waste to the corruption in Washington,” Udall said. “We must unite in defense of our electoral system and in defense of the sanctity of our democracy.” Merkley argued that the bill was crucial “because everything else we care about … is going to fail if we let this chamber be controlled by powerful special interests through this corrupted system.” But Sen. Roy Blunt (R-Mo.), the chairman of the Senate Rules Committee, objected to the bill’s passage, arguing that the legislation would “give the federal government unprecedented control over elections in this country.”
Securing political campaigns against cyberattacks is about to get a lot cheaper. A nonprofit group that won permission in May from the Federal Election Commission to provide campaigns with free and reduced-price cybersecurity help is announcing its first slate of services this morning, including email security, encrypted messaging and security training for staff. Defending Digital Campaigns, which was co-founded by Hillary Clinton’s 2016 campaign manager Robby Mook and Mitt Romney’s 2012 campaign manager Matt Rhoades, is basically a middleman for the services provided by cybersecurity companies. They’ll be available to presidential and congressional campaigns that meet certain polling or fundraising thresholds and to political party committees.The DDC announcement marks one of the biggest efforts yet to prevent a repeat of the 2016 election when Kremlin-linked hackers stole and released embarassing documents from the Democratic National Committee and the Clinton campaign in an effort to help the Trump campaign, according to U.S. intelligence officials.
National: Voting Village brings equipment to lawmakers to boost urgency on election security | Sean Lyngaas/CyberScoop
A year from the 2020 election and with a new round of election security funding stalled in Congress, the DEF CON Voting Village organizers have again taken to Capitol Hill to raise awareness about software vulnerabilities in voting equipment. This time, they brought the equipment with them to drive home their point. “If we’re going to meaningfully introduce funding or introduce new technologies for 2020, time is rapidly running out to be able to do that,” Matt Blaze, a professor at Georgetown University and co-organizer of the Voting Village, told CyberScoop. “We need to act pretty fast.” A handful of House Democrats and their staffers sauntered up to equipment on display, including a ballot-marking device and an electronic voting machine, to ask the researchers about the software bugs they found. “This is really helpful in understanding that these aren’t just abstract problems, that these are real things,” Blaze, an expert in cryptology, told CyberScoop. This is the second time in a month that the Voting Village has hosted an event on Capitol Hill. Last month, Blaze and Harri Hursti, another village organizer, unveiled the village’s annual report on flaws in voting gear that could be exploited by hackers.
Russia interfered in the 2016 election and may try to sway next year’s vote as well. But it’s not the only nation with an eye on U.S. politics. American officials sounding the alarm about foreign efforts to disrupt the 2020 election include multiple countries in that warning. Concerns abound not only about possible hacking of campaigns but also about the spread of disinformation on social media and potential efforts to breach voting databases and even alter votes. The anxiety goes beyond the possibility that U.S. adversaries could affect election results: The mere hint of foreign meddling could undermine public confidence in vote tallies, a worrisome possibility in a tight election. “Unfortunately, it’s not just Russia anymore. In particular, China, Iran, a couple of others, studied what the Russians did in 2016,” said James Lewis, a cybersecurity expert at the Center for Strategic and International Studies in Washington.
Characteristics of Currently Available Ballot Marking Devices Verified Voting Releases Guide Comparing Available Ballot Marking Devices Today, Verified Voting published a guide comparing the features of ballot marking devices (BMDs) available in the United States: “Characteristics of Currently Available Ballot Marking Devices By Vendor.” Download the guide here. The guide is intended to be a…
Florida: New U.S attorney tries to restore confidence in Florida elections | Mary Ellen Klas/Miami Herald
As state officials acknowledge that domestic and foreign actors may be constantly attempting to penetrate Florida’s election infrastructure, U.S. Attorney Larry Keefe sees another danger that is equally formidable but perhaps harder to manage: public perception. “All you need is a computer and some shrewd, smart, social engineering-type people to get inside the heads of the Americans … and you can wreak havoc on a free and open society,’’ said Keefe, the U.S. attorney for the Northern District of Florida. Secretary of State Laurel Lee acknowledged this week that Florida’s election systems are under “daily” attack by foreign or domestic adversaries and, while she wouldn’t detail what the attacks are, she said the state has launched an aggressive campaign to educate and train local election officials to be able to counter those threats. Keefe said those attacks often attempt to “get inside our electronic election infrastructure and change the voter rolls or tabulations.”
Georgia: State Supreme Court affirms results of 2018 election | Mark Niesse/The Atlanta Journal-Constitution
The Georgia Supreme Court ruled Thursday that there wasn’t enough evidence to further dispute last year’s election for lieutenant governor, which had inexplicably low vote totals. An election can’t be overturned based solely on unusual vote counts in the lieutenant governor’s race — tens of thousands fewer than in every other statewide election — the court wrote in its 94-page decision upholding a lower court’s dismissal of the case. Specific evidence of illegal or improper votes is required, it said. The plaintiffs in the case alleged there were about 127,000 fewer votes than expected compared with previous elections, a larger disparity than the 123,172-vote margin of victory for Republican Geoff Duncan over Democrat Sarah Riggs Amico. “A party contesting an election must therefore offer evidence — not merely theories or conjecture — that places in doubt the result of an election,” according to the court’s 8-0 ruling, written by Justice Sarah Warren. “The petitioners in this case have not carried that burden.”
Georgia: $300K fine sought against Georgia in paper ballots lawsuit | Mark Niesse/The Atlanta Journal-Constitution
A federal judge is being asked to impose more than $300,000 in sanctions against Georgia over its reluctance to turn over election databases, a request that state attorneys say is unjustified because they need to protect election information. The dispute in the lawsuit, which is demanding hand-marked paper ballots be used in elections, could end up costing Georgia taxpayers if U.S. District Judge Amy Totenberg agrees to penalize the state. The plaintiffs allege that Georgia election officials repeatedly obstructed efforts to inspect an elections database for tampering or flaws. Called the General Election Management System (GEMS) database, it contains programming for ballots used statewide. But attorneys for Secretary of State Brad Raffensperger say they wanted to ensure that election information was secure before disclosing it. After they eventually turned over the database this summer, the plaintiffs didn’t find any infections or problems, according to the state.
Michigan: Active duty military serving overseas could vote electronically under Michigan Senate-passed bill | Lauren Gibbons/MLive
Active duty members of the military serving overseas could send in their absentee ballots electronically under legislation passed in the Michigan Senate Wednesday. Senate Bills 117 and 297, sponsored by Senate Elections Chair Ruth Johnson, R-Holly, and Sen. Paul Wojno, D-Warren, would allow electronic absentee ballot returns for military voters serving overseas. The voter would sign their absentee ballot with an electronic signature verified by the U.S. Department of Defense. Under federal law, states are required to provide electronic absentee ballots to active members of the military 45 days before an election. But because Michigan doesn’t allow electronic absentee ballots, military voters serving overseas currently have to print out the ballot and mail it back – an extra step that can be difficult for people serving in areas with little to no mail service.
New Jersey: Questions of vulnerability surround New Jersey’s aging voting machines | Rob Anthes/Community News
In 2004, Hopewell resident Stephanie Harris went to her polling place for the presidential primary, never expecting what was about to happen would alter her life and the public discourse around voter security for the next decade and a half. When Harris entered the privacy booth that day, she saw one of Mercer County’s then-new touchscreen voting machines facing her, a model called the Sequoia AVC Advantage. She found her candidate of choice on the large paper ballot overlay, pressed the box next to the candidate’s name and then hit a large button at the bottom right of the machine to cast her vote. Typically, at this point, the AVC Advantage will make a noise to indicate a vote has been counted. For Harris, nothing happened. Harris exited the privacy booth slightly confused. A poll worker stopped her, and said her vote didn’t register and that she should try again. Harris did, four times with the same results. After the fifth time, the poll worker shrugged, and said, “Well, I think it worked.” Harris never received definitive confirmation her vote had been cast. To this day, she doesn’t know whether the machine recorded her vote. Harris couldn’t shake the feeling that her vote had been taken away. She asked the county for confirmation or at least an explanation. She didn’t get answers, but she did earn a new nickname, courtesy of a county freeholder—“the Incident in Hopewell.” So she sued.
Gov. Tom Wolf signed legislation Thursday that advocates say makes the most significant changes to modernize Pennsylvania election laws in 80 years and authorizes the state to borrow of up to $90 million to help counties buy new voting machines ahead of next year’s presidential election. Wolf, a Democrat, said the legislation takes the nation’s least voter-friendly election laws and puts them in line with states that have the highest voter turnout. The bill was negotiated privately by Wolf and leaders of the Republican-controlled Legislature. A draft first appeared last week . It passed the House and Senate on Tuesday and had the support of good-government groups.
Africa: Russia Tests New Disinformation Tactics in Africa to Expand Influence | Davey Alba and Sheera Frenkel/The New York Times
Russia has been testing new disinformation tactics in an enormous Facebook campaign in parts of Africa, as part of an evolution of its manipulation techniques ahead of the 2020 American presidential election. Facebook said on Wednesday that it removed three Russian-backed influence networks on its site that were aimed at African countries including Mozambique, Cameroon, Sudan and Libya. The company said the online networks were linked to Yevgeny Prigozhin, the Russian oligarch who was indicted by the United States and accused of interfering in the 2016 presidential election. Unlike past influence campaigns from Russia, the networks targeted several countries through Arabic-language posts, according to the Stanford Internet Observatory, which collaborated with Facebook to unravel the effort. Russians also worked with locals in the African countries to set up Facebook accounts that were disguised as authentic to avoid detection.
Bolivia: Police fire tear gas as president, opposition wrestle over election audit | Vivian Sequera & Ueslei Marcelino/Reuters
Protests over a disputed presidential election convulsed Bolivia on Tuesday as police fired tear gas in the capital and the sitting president and opposition candidate wrestled over an audit of the results. The brief suspension of publication of the results from an electronic count of the Oct. 20 presidential election has triggered protests and strikes that have closed roads, schools and businesses around the nation for more than a week. President Evo Morales, a leftist seeking a fourth term, was eventually declared the winner, prompting accusations of fraud from opposition candidate Carlos Mesa and his supporters. In La Paz, opposition protesters mounted road barricades of rope, wooden boards and sheets of metal. Rows of helmet-clad riot police lined some streets, separating Morales’ supporters from protesters opposed to the president. Tear gas was used in at least two locations to disperse protesters.
UAE: E-voting technology adopted by UAE a pioneering experiment in the region | Samir Salama/Gulf News
By adopting an election protection system, the National Election Committee reiterates its commitment to hold an election that is characterised by the highest degree of fairness and transparency by implementing the best internationally recognised practices used in the world’s most successful parliaments, said Dr Anwar Mohammad Gargash, Minister of State for Foreign Affairs, Minister of State for Federal National Council Affairs and Chairman of the National Election Committee. Dr Gargash said on the eve of the early voting that starts today at nine polling stations across the country, the highly accurate e-voting technology adopted by the NEC is a pioneering experiment in the region, which the UAE introduced during the first Federal National Council Elections in 2006.