National: How Close Did Russia Really Come to Hacking the 2016 Election? | Kim Zetter/Politico

On November 6, 2016, the Sunday before the presidential election that sent Donald Trump to the White House, a worker in the elections office in Durham County, North Carolina, encountered a problem. There appeared to be an issue with a crucial bit of software that handled the county’s list of eligible voters. To prepare for Election Day, staff members needed to load the voter data from a county computer onto 227 USB flash drives, which would then be inserted into laptops that precinct workers would use to check in voters. The laptops would serve as electronic poll books, cross-checking each voter as he or she arrived at the polls. The problem was, it was taking eight to 10 times longer than normal for the software to copy the data to the flash drives, an unusually long time that was jeopardizing efforts to get ready for the election. When the problem persisted into Monday, just one day before the election, the county worker contacted VR Systems, the Florida company that made the software used on the county’s computer and on the poll book laptops. Apparently unable to resolve the issue by phone or email, one of the company’s employees accessed the county’s computer remotely to troubleshoot. It’s not clear whether the glitch got resolved—Durham County would not answer questions from POLITICO about the issue—but the laptops were ready to use when voting started Tuesday morning. Almost immediately, though, a number of them exhibited problems. Some crashed or froze. Others indicated that voters had already voted when they hadn’t. Others displayed an alert saying voters had to show ID before they could vote, even though a recent court case in North Carolina had made that unnecessary.

National: Voting by app is a thing, and it’s spreading, despite the fears of election security experts | Mark Sullivan/Fast Company

In this age of extreme concern—even paranoia—over election security, you might be a little surprised to hear that some voters in parts of the country are voting from home, using an app. So far the vote-by-app option has been reserved for military people serving overseas and elderly people who might have physical difficulty getting to the polls. One state (West Virginia) and a number of cities and counties have already used a voting app called Voatz in elections, mainly small ones. Voatz, a Boston-based startup that’s raised almost $10 million in venture capital, birthed its app at a SXSW hackathon in 2016, and went through the TechStars incubator. Its technology is unique in that it utilizes the biometric security features (such as fingerprint readers and facial recognition cameras) of newer smartphones to verify the voter’s identity. Those security technologies are already used to secure sensitive transactions like sharing financial information and making online purchases. But election security people have raised concerns about internet-connected voting technologies. The Mueller report exposed numerous attempts by foreign hackers to infiltrate U.S. voting systems via the internet during the 2016 election. Since then, states and counties have rushed to disconnect all voting systems–including voting machines, tabulators, and administrative technologies–from the public internet. The Voatz app’s use of the internet is the main reason it’s caught the attention of the election security community.

National: U.S. Cybercom contemplates information warfare to counter Russian interference in 2020 election | Ellen Nakashima/The Washington Post

Military cyber officials are developing information warfare tactics that could be deployed against senior Russian officials and oligarchs if Moscow tries to interfere in the 2020 U.S. elections through hacking election systems or sowing widespread discord, according to current and former U.S. officials. One option being explored by U.S. Cyber Command would target senior leadership and Russian elites, though probably not President Vladimir Putin, which would be considered too provocative, said the current and former officials who spoke on the condition of anonymity because of the issue’s sensitivity. The idea would be to show that the target’s sensitive personal data could be hit if the interference did not stop, though officials declined to be more specific. “When the Russians put implants into an electric grid, it means they’re making a credible showing that they have the ability to hurt you if things escalate,” said Bobby Chesney, a law professor at the University of Texas at Austin. “What may be contemplated here is an individualized version of that, not unlike individually targeted economic sanctions. It’s sending credible signals to key decision-makers that they are vulnerable if they take certain adversarial actions.” Cyber Command and officials at the Pentagon declined to comment.

National: State, local election officials train for cyber attacks as ‘another level of war’ | Christina Almeida Cassidy/Associated Press

Inside a hotel ballroom near the nation’s capital, a U.S. Army officer with battlefield experience told 120 state and local election officials that they may have more in common with the military strategists than they might think. These government officials are on the front lines of a different kind of high-stakes battlefield — one in which they are helping to defend American democracy by ensuring free and fair elections. “Everyone in this room is part of a bigger effort, and it’s only together are we going to get through this,” the officer said. That officer and other past and present national security leaders had a critical message to convey to officials from 24 states gathered for a recent training held by a Harvard-affiliated democracy project: They are the linchpins in efforts to defend U.S. elections from an attack by Russia, China or other foreign threats, and developing a military mindset will help them protect the integrity of the vote.

Editorials: There’s a lot to like in Congress’s new election security measures. But there’s a big omission. | The Washington Post

President Trump has signed into law a bundle of election security measures buried in this year’s spending bills. What the package includes says a lot about legislators’ commitment to safeguarding our democracy. What it does not include may say even more. There’s a lot to like in this year’s appropriations agreements, starting with a lump sum for states to bolster critical voting infrastructure. The $425 million Congress is providing in 2020 comes many days late and many dollars short according to experts, who say billions were needed starting at least two years ago. But it’s still an improvement over the $380 million allocated in 2018, and the $0 allocated this past year. These funds will be doled out in grants to states, which can then decide how to use them. The National Defense Authorization Act also includes essential measures, such as allowing state election officials to receive top-secret security clearances. The step will open the road at last to robust information-sharing between the federal and local governments. The same is true for public-private partnerships: The legislation establishes a threat analysis center at the office of the director of national intelligence responsible for coordinating between intelligence officials and technology companies to root out influence campaigns.

Connecticut: Merrill, Blumenthal share how Connecticut will spend new federal funds to defend voting systems in the 2020 election | Amanda Blanco/Hartford Courant

Secretary of the State Denise Merrill and U.S. Sen. Richard Blumenthal met Thursday to discuss how Connecticut will spend an expected $5 million more in federal funds to strengthen election security for the 2020 election. The initiative follows a previous $5 million allocated to the state in 2018 for the same purpose. While House Democrats originally called for $1 billion to go toward the national cybersecurity effort, funds were cut to $425 million by the time the bill made it out of the Senate. Blumenthal called it a “solid first step,” but acknowledged that there needs to be a “sustained, steady source of money for election security annually” to combat international interference. Fund distribution is decided by the federal Election Assistance Committee and is based on measures like population and severity of need, Merrill said. She expects a large portion of the money to go toward training local officials, as the state has an unusual voting infrastructure. While most states conduct elections at the county level, Connecticut conducts elections town-by-town. “It would be tough to hack all 169 towns,” Merrill said. On the other hand, the state is tasked with ensuring every single town has the proper infrastructure to support the security needed to protect voter files, which were attacked in 2016. “Our voter files can be entered at any of those 169 drop points, so we have to make sure that every single official in every single town understands the need for that security,” she said.

Georgia: Experts warn Georgia’s new electronic voting machines vulnerable to potential intrusions, malfunctions | Rachel Frazin/The Hill

Experts are reportedly warning that Georgia’s new electronic voting machines are at risk of intrusions and manlfunctions, as the state grapples with election security issues. Georgia Institute of Technology computing professor Richard DeMillo told the The Washington Post that bystanders could see the machines’ screens during his visit to polling places north of Atlanta in November. Some counties also experienced programming issues that delayed voter check-ins while others noted machine shutdowns, the Post reported Monday. DeMillo told the newspaper that state officials “seem to be structurally unable to confront the fact that the voting system in Georgia is at risk.”

North Carolina: Clear Ballot giving up on North Carolina for now | Gary D. Robertson/Associated Press

A Massachusetts-based election equipment manufacturer is giving up for now on selling its machines to North Carolina counties. Clear Ballot’s chief executive told the State Board of Elections it was withdrawing its request to certify its recent product upgrades. CEO Jordan Esten’s letter last week blamed the board’s slow pace for its troubles, saying the company was unable to communicate with the state’s counties during the two-year wait for the original certification. Esten said that gave current dominant equipment manufacturer Election Systems & Software “a marketing monopoly in the state.” “We still want to work with North Carolina,” Esten wrote. “However, the environment and rules continue to stifle competition, which is regretfully causing us to withdraw our certification request at this time.”

Ohio: Most counties tested new equipment in 2019 for 2020 election | Rick Rouan/The Columbus Dispatch

Most Ohio voters cast ballots on new election equipment in 2019 in preparation for 2020. But voters in seven counties, including Stark, will cast ballots on equipment and systems that date to the Obama years. In an off-year election with low turnout, Franklin County’s longest line on Election Day 2019 likely was at the county Board of Elections shortly after the polls closed. Poll workers from around the county converged on the board’s headquarters not in the staggered arrivals typical of election night, but mostly together just before 8 p.m. — an unexpected effect of new voting equipment that elections officials say is far easier to manage than older machines. Across Ohio, most voters cast their ballots on new machines in 2019, a test year before what Secretary of State Frank LaRose believes could be another record voter turnout election in 2020. But in seven counties, including both Stark and Summit, voters will cast ballots the same way they have for years: on equipment and systems that date to before former President Barack Obama’s first term.

Pennsylvania: Four questions Pennsylvania needs to answer to avert election chaos in 2020 | Emily Previti/PA Post

Pick an issue, any issue. Environmental health? Fiscal conservatism? Probation reform? You’re limited in your ability to influence how elected officials handle “your issue” — or anything else – if our voting systems aren’t secure and reliable. That’s why I’ve spent the past four months or so covering election security in Pennsylvania. Closely. So far, my attention has largely been on the replacement of voting machines throughout the state. That’s meant plenty of travel to observe and document different voting machine configurations at voter demonstrations in more than half a dozen counties. I’ve read, at this point, more than hundreds, maybe thousands, of pages of voting machine contracts and technical documents — not to mention filing the Right-to-Know requests required, in most cases, to obtain them. I’ve also sat through poll worker trainings and covered everything from local controversies to the first test-run of new election auditing procedures that ultimately will be in place statewide. And there will be more to come in 2020.

Bangladesh: Electronic voting machines take centre stage in Dhaka city polls as BNP objects, CEC defends | bdnews24

With political focus shifting towards the Dhaka city polls, electronic voting machine has taken the centre stage as the chief election commissioner has defended e-voting amid the BNP’s stance against the machines. The Election Commission will go for EVMs in all polling stations in the elections to the bifurcated Dhaka city corporations slated for Jan 30. The BNP has always opposed the use of EVMs and it has expressed reservations again this time over fears of result manipulation. “These (EVMs) are completely faulty and we reject these. It won’t be right (to use EVMs). The people’s mandate won’t be reflected in these EVMs,” Secretary General Mirza Fakhrul Islam Alamgir told reporters while paying respect to party founder Ziaur Rahman at his grave in Dhaka’s Sher-e-Bangla Nagar on Wednesday. “We think there will be little chance of fair elections if EVMs are used,” he said.