Nevada: First test of Nevada Democrats’ new caucus plan arrives as early vote begins | Megan Messerly/Nevada Independent

Nevada Democrats will head to early voting sites across the state on Saturday — from the Old Post Office in Fallon to the Chinatown Plaza Mall in Las Vegas — to begin casting their presidential preferences ahead of the state’s Feb. 22 caucus. In some ways, it’s an exciting moment for Democrats here in the Silver State: Never before have they been able to participate early in the state’s presidential caucus, as they will over a four-day period. In others, it’s a nerve-wracking one: No one quite knows if the new process the party has quickly re-designed in the wake of Iowa’s problem-plagued contest earlier this month is going to work. What they do know is that beginning Saturday, Nevada Democrats, or those wishing to re-register as a Democrat, will show up at roughly 80 sites across the state to cast their early caucus votes. Once voters are there, a volunteer will check a PDF voter roll to confirm their registration, or direct them to fill out a voter registration form if they aren’t, since Democrats here allow same-day registration for the caucus. From there, they’ll check in on an iPad through Google Forms and be given a paper scannable ballot, similar to a Scantron, where they will be asked to mark a minimum of three and up to five presidential preferences in order. Once they’re done, that ballot and a paper voter card, both of which contain a unique voter PIN to match the ballot to the person, will be placed into a secure ballot box, which will be taken to a designated ballot processing hub to be scanned.

Ohio: Millions spent to safeguard Ohio elections: What’s really going on | Chris Stewart/Dayton Daily News

Officials say Ohio’s elections are safe despite worries fueled by 2016 foreign meddling, thousands of uncounted Miami County ballots in 2018 and this month’s collapse of a Democratic Party vote-counting app at the Iowa caucuses. Ballot-casting and counting infrastructure — fresh off an exhaustive update of security software, hardware and office procedures to fend off cyber attacks — is sound and secure, say state and local elections officials.“Your vote is safe, and it will be counted as it has always been counted, if it’s countable,” said Jan Kelly, director of the Montgomery County Board of Elections. But as millions of dollars are spent to guard against malicious computer attacks, it’s harder to thwart bad actors resorting to disinformation campaigns to diminish people’s confidence in the vote, said Ohio Secretary of State Frank LaRose, a Republican. “What our foreign adversaries have tried to do instead of actually tampering with elections, is tried to tamper with our own perception of elections,” he said. “They’ve tried to cause Americans to lose faith in elections.” “The really damaging part of that is it would cause the average person to start to wonder or worry that maybe their vote wasn’t going to be counted accurately,” he said.

Editorials: Paper ballots still the best election system | Medford Mail Tribune

Sometimes, the old ways are still the best ways. We would argue that especially applies to election systems, despite continuing pressure to offer voters the option of casting ballots using smartphones or other devices. Jackson County is one of two Oregon counties that experimented with a smartphone app that allowed county residents overseas — most of them in the military — to vote in the Nov. 5, 2019, special election. Of 213 Jackson County voters eligible to participate, only 27 did. One reason could have been that the November ballot had only one item on it — a proposed bond levy to upgrade the county’s emergency communications system. Maybe a full ballot would have enticed more county voters stationed overseas to use the smartphone app. Maybe not. But the turnout isn’t the primary concern here. Anything that gives voters more options to participate is a good thing, in theory. In practice, voting systems that use the internet to transmit votes are inherently more vulnerable to hackers seeking to manipulate the outcome. They are also more likely to simply fail to perform as designed.

International: Tech-augmented democracy is about to get harder in this half-baked world | Chris Duckett for Null Pointer/ZDNet

For the wondrous benefits the internet has brought, it is not without its drawbacks. This has manifested itself in two ways when it comes to democracy: A headlong rush into internet voting and a shattering of the polity. As a scientific critique on the act of voting, associate professor Vanessa Teague discussed electronic voting in her recent keynote at Linux.conf.au 2020. Teague has more than enough experience in this area, and has been involved in finding flaws in the iVote system that is increasingly used in New South Wales, as well as the Scytl system used in Swiss elections that iVote is based on. “I think there are some reasonable ways of doing electronic voting in a polling place … but we just don’t know how to do remote electronic voting properly in a way that really safeguards the election against manipulation [via] software bugs,” Teague said last month. The issue Teague sees with remote voting is subtle bugs, such as those involved in shuffling and verifying votes, which can undermine the security of the whole system. “That’s a little bit different from the occasional problems that happen in paper-based systems because you don’t as a result of one little subtle problem hand over a capacity for total manipulation of all of the votes to one entity,” she said. “In summary, I think there are some reasonable ways of doing electronic voting in a polling place … but we just don’t know how to do remote electronic voting properly in a way that really safeguards the election against manipulation on software bugs.”

Bulgaria: Buying voting machines will cost about 15 Million Euro | The Sofia Globe

Preliminary government estimates are that buying voting machines will cost about 30 million leva (about 15.3 million euro), Bulgarian Deputy Prime Minister Tomislav Donchev told reporters on February 14. Donchev was speaking two days after Prime Minister Boiko Borissov said that the government would buy voting machines for all polling stations. Bulgaria is due to go the polls twice in 2021, in parliamentary elections in the spring and presidential elections in the autumn. A voting machine cost about the same as a mid-range laptop, less than 2000 leva, and 15 000 to 20 000 machines would have to be ordered, Donchev said. There were a few details that could change the price, he said. “Since autumn last year we have been looking into the market, which is not very easy. Because there is no European experience that we can take into account. Further the situation is complicated by the situation in China,” Donchev said, saying that whatever the components, some were made in China.

Dominican Republic: Voting Machine Failure Suspends Dominican Republic Elections | The St Kitts Nevis Observer

Dominican Republic’s nationwide municipal elections were suspended on Sunday due to a glitch in the electronic voting system, Central Electoral Board (JCE) announced, adding that they will convene a new date promptly. Following the suspension, four hours after they started, due to automated voting failures, the opposition party People’s Power (FP) said that the problem was provoked. “We are going to initiate a thorough investigation of what happened and why those ballot papers did not load correctly,” the President of the JCE Julio Cesar Castanos said in a press conference. The electronic system was used in 18 of the 158 municipalities and focused on cities and regions with high population density, accounting for 62.4 percent of the electorate. Paper ballots were due to be used elsewhere. The decision was made after members of the JCE met with the delegates of the political parties accredited to that institution, trying to find a solution to the long delays that have arisen at the beginning of the municipal election.

New Hampshire: Why did the primary go smoothly with record turnout? Low tech is good tech | Geoff Forester and David Brooks/Concord Monitor

A nationally known computer hacker, a term he wears proudly, helped keep an eye on New Hampshire’s primary Tuesday but says you didn’t need computer smarts to see that it went well. “One big thing is no lines. When you go around the United States, usually the first thing you see if there are problems are long lines of people who can’t get to vote,” said Harri Hursti, a cybersecurity analyst who founded DefCon, the nation’s best-known gathering of people interested in computer security. Hursti has worked with the New Hampshire Secretary of State’s office since about 2005, when he met Secretary of State Bill Gardner at a conference. His presence here for Tuesday’s primary was of particular importance because of the meltdown of the Iowa caucuses caused largely by the use of an untested app. During a discussion Wednesday morning as election officials completed counting votes from around the state he was almost effusive about how things went.

National: Voatz of no confidence: MIT boffins eviscerate US election app, claim fiends could exploit flaws to derail democracy | Thomas Claburn/The Register

Only a week after the mobile app meltdown in Iowa’s Democratic Caucus, computer scientists at MIT have revealed their analysis of the Voatz app used in West Virginia’s 2018 midterm election. They claim the Android app is vulnerable to attacks that could undermine election integrity in the US state. Based on their findings, published today in a paper [PDF] titled, “The Ballot is Busted Before the Blockchain: A Security Analysis of Voatz, the First Internet Voting Application Used in U.S. Federal Elections,” researchers Michael Specter, James Koppel, and Daniel Weitzner conclude that internet voting has yet to meet the security requirements of safe election systems. “We find that Voatz has vulnerabilities that allow different kinds of adversaries to alter, stop, or expose a user’s vote, including a side-channel attack in which a completely passive network adversary can potentially recover a user’s secret ballot,” their paper states. “We additionally find that Voatz has a number of privacy issues stemming from their use of third-party services for crucial app functionality.” Specifically, the researchers discovered that malware or some miscreant with root access to a voter’s mobile device can bypass the host protection provided by mobile security software known as the Zimperium SDK.

National: Researchers Find Security Flaws in Voatz Mobile Voting App | Andrea Noble/Route Fifty

A mobile voting app used by West Virginia and several local governments in the 2018 midterm elections contains vulnerabilities that could allow hackers to determine how someone voted or even change their vote, according to a report released Thursday by security researchers. Researchers from the Massachusetts Institute of Technology found the security flaws in the Voatz voting app, which was originally designed as a way for overseas service members to cast ballots. The researchers said their findings underscore prior security recommendations that the internet not be used for voting. “Perhaps most alarmingly, we found that a passive network adversary, like your internet service provider, or someone nearby you if you’re on unencrypted Wi-Fi, could detect which way you voted in some configurations of the election,” said Michael Specter, a graduate student in MIT’s Department of Electrical Engineering and Computer Science. “Worse, more aggressive attackers could potentially detect which way you’re going to vote and then stop the connection based on that alone.” In addition to West Virginia, several local governments, including ones in Washington state, Colorado, Utah and Oregon, have conducted their own pilots with the Voatz system. Additional states are also considering whether to use the app to assist absentee voters in upcoming elections.

National: MIT researchers find vulnerabilities in Voatz voting app used in multiple states | Maggie Miller/The Hill

A voting app used in multiple states during the 2018 midterms elections to allow for more accessible voting has cyber vulnerabilities that could allow for votes to be changed or exposed, researchers at the Massachusetts Institute of Technology (MIT) found. In a paper published Thursday, three MIT researchers found that Voatz had vulnerabilities that “allow different kinds of adversaries to alter, stop, or expose a user’s vote” and that the app also had several privacy issues due to the use of third-party services to ensure the app functioned. The researchers found that if an individual were able to gain remote access to the device used to vote on the Voatz app, vulnerabilities could have allowed that person to discover and change the votes cast. The researchers described their findings as being part of the first “public security analysis of Voatz” and noted that they used reverse engineering of the Android Voatz app to come to their conclusions. The Voatz app was used during the 2018 midterms in some municipal, state or federal elections in West Virginia, Colorado, Oregon and Utah. The company allows voters to cast their votes via an app and was rolled out in West Virginia as a way for overseas military personnel and other voters unable to physically go to the polls to cast their votes.

National: ‘Sloppy’ Mobile Voting App Used in Four States Has ‘Elementary’ Security Flaws | Kim Zetter/VICE

A mobile voting app being used in West Virginia and other states has elementary security flaws that would allow someone to see and intercept votes as they’re transmitted from mobile phones to the voting company’s server, new research reveals. An attacker would also be able to alter the user’s vote and trick the user into believing their vote was transmitted accurately, researchers from the Massachusetts Technology Institute write in a paper released Thursday. The app, called Voatz, also has problems with how it handles authentication between the voter’s mobile phone and the backend server, allowing an attacker to impersonate a user’s phone. Even more surprising, although the makers of Voatz have touted its use of blockchain technology to secure the transmission and storage of votes, the researchers found that the blockchain isn’t actually used in the way Voatz claims it is, thereby supplying no additional security to the system. The research was conducted by Michael Specter and James Koppel, two graduate students in MIT’s Computer Science and Artificial Intelligence Lab, and Daniel Weitzner, principal research scientist with the lab. Election security experts praised the research and said it shows that long-held concerns about mobile voting are well-founded.

National: Senate GOP blocks election security bills as intel report warns of Russian meddling in 2020 | Igor Derysh/Salon

en. Marsha Blackburn, R-Tenn., blocked Democratic efforts to unanimously pass three bills related to election security despite warnings that Russia will interfere in the 2020 election. Sen. Mark Warner, D-Va., and Sen. Richard Blumenthal, D-Conn., tried to pass a bill that would require campaigns to report offers of foreign election assistance to the FBI, and another that would require campaigns to report such offers to the Federal Election Commission. “The appropriate response is not to say thank you, the appropriate response is to call the FBI,” Warner said, according to The Hill. “There is no doubt that [Trump] will only be emboldened in his efforts to illegally enlist foreign governments in his reelection campaign,” Blumenthal added. Sen. Ron Wyden, D-Ore., also tried to pass the Securing America’s Federal Elections Act (SAFE Act), which would provide additional funding to the Election Assistance Commission and would ban voting machines from being connected to the internet as well as machines that were manufactured in foreign countries. “America is 266 days away from the 2020 election, and Majority Leader McConnell has yet to take any concrete steps to protect our foreign elections from hacking or foreign interference,” Wyden said.

National: CISA leans into facilitator role in election security plan | Derek B. Johnson/FCW

Officials from the Cybersecurity and Infrastructure Security Agency often describe their role in election security as helping to coordinate and advise the larger ecosystem of election stakeholders. In a newly released strategic plan, the agency lays out its strategy for protecting the 2020 elections by largely leaning into that facilitator role, breaking down its coordination activities across four lines of effort: elections infrastructure, campaigns and political infrastructure, the American electorate and warning and response. To help protect digital and physical elections infrastructure, such as voting machines, election software systems and polling places, CISA views its role as largely complementary to that of states and localities, vendors and others on the front lines of election administration. Thus, getting those organizations to adopt better security practices through outreach and offers of federal resources are its prime tools.

Editorials: Why Companies Need to Help Ensure Election Integrity | Daniel Dobrygowski/Harvard Business Review

The Iowa Democratic caucus, the first election of the 2020 cycle in the U.S., seems to have played into experts’ most dire concerns about election integrity. Rather than a harbinger of disaster to come, we need to recognize this as a warning that it’s all hands on deck to ensure election security. It’s well past time to activate everyone who has a stake in trustworthy elections — not only campaigns, government officials, and voters, but also private companies as well. To borrow a meme, the best time to work together on securing the vote was 2010, the second-best time is right now. Much of the conversation around election security to date has focused on hacking, and it remains a serious concern. In 2016, Russian hackers targeted election infrastructure in more than two dozen U.S. states and compromised the email servers of Hillary Clinton’s presidential campaign. Adversaries have already begun targeting the 2020 presidential campaigns. Personal information about voters has also leaked from campaigns and political parties who store and analyze it online.

Editorials: Election hacking: is it the end of democracy as we know it? | Nick Ismail/Information Age

Since the 2016 US election, there have been murmurs about hacking elections. There are reports of hacktivists trying to compromise the ballot and rogue governments trying to control the outcome. But in a post-truth world, how much of this is legitimate? How much can we brush aside as fake news? If the recent controversial Iowa caucuses are anything to go by, we are definitely at risk. Sometimes bad actors also hack other criminals to use their network and hide their true identity. Recently, this was the case when a group of hackers from Eastern Europe compromised the network of elite Iranian hackers. In this scenario, governments and private companies in the Middle East and Britain were attacked while Tehran was set up to take the blame. So it begs the question, in the current threat landscape, what does it mean to hack an election?

Colorado: MIT study: voting app that Denver used could be hacked | Matt Mauro/KDVR

An app that some Denver voters used in 2019 has significant security issues, according to a new study from the Massachusetts Institute of Technology. The study that was released Thursday said hackers could potentially block or change a vote and steal a voter’s personal information from the app Voatz. The Denver Elections Division used Voatz in the May and June municipal elections for about 300 military and overseas voters. The Division did not report any security issues. “We were very happy with it,” said Director of Elections Jocelyn Bucaro. Burcaro said voter turnout increased significantly with Voatz. Traditionally, military members and others who are overseas and vote electronically would have to print a ballot, sign an affidavit, scan the documents and email them. Voatz allowed the voters to submit their ballots by just using a smartphone. Also, the division used a three-step process to ensure the app and votes were secure. “We are really grateful for the MIT researchers and releasing that report because we’ve been wanting more security review of the Voatz application and other vendors in this space,” Bucaro said.

Florida: DHS preparing report on 2016 Palm Beach election ransomware | David Smiley and Nicholas Nehamas/Miami Herald

Less than five weeks before Florida’s March presidential primary, the Department of Homeland Security is investigating a previously unreported cyber attack on Palm Beach County’s elections office, according to Supervisor of Elections Wendy Sartory Link. Link, who was appointed last year by the governor to oversee the county’s beleaguered elections department, said she contacted the FBI in November after a veteran IT employee told her that the office had been infected by a ransomware virus only a few weeks prior to the 2016 election. The virus was not publicly disclosed in 2016. Link said the FBI referred her to DHS, which sent a team of a half-dozen employees to her office late last month to do a “deep dive” into her department’s network. She said a report of their findings and recommendations is expected shortly. “We’ve had the top experts in the country here and they spent a lot of time with our system. When we get the report, we’ll be able to take care of everything we can take care of,” Link said in an interview Thursday. “I wanted this done before March if at all possible.”

Florida: Key Florida Elections Office Endured Cyberattack Ahead of 2016 Election | Miles Parks/NPR

The elections office of Florida’s third-most populous county was breached by a crippling cyberattack in the weeks leading up to the 2016 election, NPR confirmed on Thursday. There is no indication that the ransomware attack was connected to Russian interference efforts leading up to the last presidential race, but the revelation about it now shows how election officials are preparing for this year’s election without knowing all the details of what happened before. The attack on Palm Beach County came to light during a Palm Beach Post editorial board interview with county elections supervisor Wendy Sartory Link. “Have we been hacked in Palm Beach County? Yeah, we have,” Link told the paper. A spokesperson for the elections office also confirmed the attack to NPR. “It was in 2016, and as soon as Wendy found out about it, we went and did the necessary precautions to make sure that we were going to be 100% secure and safe,” said Judy Lamey, an assistant public information officer for the elections office.

Iowa: Caucus Meltdown Proved Transparency Is Essential, Election-Watchers Say | Miles Parks/NPR

As the Democratic primary season rolls on, one big lesson already is sinking in from the party’s caucus-night meltdown in Iowa: Secrecy isn’t a strategy. State Democratic chair Troy Price declined to answer questions a month ago about what sorts of tests were conducted on the smartphone app the party was planning to use on caucus night or detail backup plans should it fail. But he did promise some sort of transparency. “We’ll be able to give a preview to the press of what the app will look like in the days leading up to the caucuses,” Price said in mid-January, in his first interview about the app, with NPR and Iowa Public Radio. That preview never happened. And the reporting system then failed in a major way. The state party announced over the weekend that it was still adjusting results for 3 percent of the state’s total precincts, and updating its projected national delegate allocations.

Iowa: What the Iowa Caucus Tells Us About Cavalier Approaches to Technology | Cillian Kieran/CPO Magazine

As details emerge about the tech issues that have delayed the results of the Iowa caucus and thrown the public into states of confusion and frustration, I marvel at the familiarity of the story to anyone who has spent long enough working on the front lines of enterprise technology. It should be noted that the dust is still settling on events in the Hawkeye State, and so it may be a few more days until we know with absolute certainty what transpired and how exactly, in 2020, the results of the caucus are taking longer to arrive than in pre-internet days. But reports so far focus on the haphazard roll-out of a new voting app designed to facilitate (ostensibly) the transmission of results from caucus locations to centralized election monitors. A number of problems appear to have occurred with this process – ranging from caucus-site volunteers being unable to log-in to report results to rumored compromising by outside parties to scramble the results-logging process. Whatever the final assessment, it’s certainly not too early to call this a disaster, with a bungled roll-out as catalyst.

Minnesota: Democrats seek to free up election security funds | Steve Karnowski/Associated Press

Minnesota House Democrats launched an attempt Thursday to prevent Republicans from blocking Secretary of State Steve Simon from spending $7.4 million in federal election security money, aiming to head off a repeat of partisan maneuvering from last year. Rep. Mike Freiberg, of Golden Valley, told a state government finance committee that Minnesota is one of only a handful of states that require the Legislature to sign off before elections officials can use federal money provided under the Help America Vote Act. His bill would eliminate the need for legislative approval. The latest round of federal funding was assigned in December. The federal government allocated Minnesota $6.6 million in the previous round in 2018 after Minnesota and other states’ election systems were targeted by foreign hackers in 2016. The Democratic-controlled House authorized spending it by a wide bipartisan margin last year.

Nevada: Volunteers and campaigns worry about results reporting ahead of Nevada caucuses | Holmes Lybrand, Dianne Gallagher, Pamela Kirkland and Dan Merica/CNN

With the Nevada Democratic caucuses only a week away, both caucus workers and presidential campaigns are worried about the lack of detail the state party is providing about how the results reporting process will work. The worries come after the state party stopped working with Shadow Inc., the company behind the app whose “coding errors” were at the heart of the chaos of the Iowa caucuses. Having scrapped plans to use a pair of Shadow’s apps, the parties will instead use a “caucus calculator,” as outlined in a new memo released by the Nevada State Democratic Party Thursday. Described as “user friendly,” the calculator will be used to add early voting data into each precinct and calculate totals on caucus day, February 22, along with paper work sheets. The tool, which the party does not consider an app, will be available on iPads owned by the party and “accessed through a secure Google web form.” A similar memo was sent to the presidential campaigns on Monday.

West Virginia: State Expands Online Voting as Security Worries Grow | Patrick Groves/Government Technology

West Virginia, which has become an early tester of blockchain voting, is expanding Internet voting to include those with physical disabilities. But the move comes just as researchers from the Massachusetts Institute of Technology (MIT) have published a paper asserting that Voatz — the app West Virginia has been using in its pilot tests — has serious flaws, including the ability of bad actors to change votes without voters’ knowledge. Gov. Jim Justice signed SB 94 into law last week giving the secretary of state permission to create a system that allows people with physical disabilities to vote electronically. The Office of the Secretary of State lauded its success with Boston-based vendor Voatz that tallied 144 ballots from uniformed and overseas citizens in 2018. The Secretary of State’s Office may choose the startup again to enact the new law’s mandate for the 2020 primary and general elections. But election security experts and computer scientists have grown increasingly skeptical of the cybersecurity surrounding voting apps, especially after a mobile app used during the Iowa Caucus recorded data accurately but only reported it partially due to a coding error.

National: Voting on Your Phone: New Elections App Ignites Security Debate | Matthew Rosenberg/The New York Times

For more than a decade, it has been an elusive dream for election officials: a smartphone app that would let swaths of voters cast their ballots from their living rooms. It has also been a nightmare for cyberexperts, who argue that no technology is secure enough to trust with the very basis of American democracy. The debate, long a sideshow at academic conferences and state election offices, is now taking on new urgency. A start-up called Voatz says it has developed an app that would allow users to vote securely from anywhere in the world — the electoral version of a moonshot. Thousands are set to use the app in this year’s elections, a small but growing experiment that could pave the way for a wider acceptance of mobile voting. But where optimists see a more engaged electorate, critics are warning that the move is dangerously irresponsible. In a new report shared with The New York Times ahead of its publication on Thursday, researchers at the Massachusetts Institute of Technology say the app is so riddled with security issues that no one should be using it.

National: MIT researchers identify security vulnerabilities in voting app | Abby Abazorius/MIT News

In recent years, there has been a growing interest in using internet and mobile technology to increase access to the voting process. At the same time, computer security experts caution that paper ballots are the only secure means of voting. Now, MIT researchers are raising another concern: They say they have uncovered security vulnerabilities in a mobile voting application that was used during the 2018 midterm elections in West Virginia. Their security analysis of the application, called Voatz, pinpoints a number of weaknesses, including the opportunity for hackers to alter, stop, or expose how an individual user has voted. Additionally, the researchers found that Voatz’s use of a third-party vendor for voter identification and verification poses potential privacy issues for users.

National: CISA and states tell Senate more cybersecurity resources needed | Benjamin Freed/StateScoop

State IT officials and the federal government’s top civilian cybersecurity official told members of the U.S. Senate Tuesday that the federal government needs to provide state and local governments with more assistance and expertise in protecting their networks and other critical infrastructure. Chris Krebs, director of the Cybersecurity and Infrastructure Security Agency; Michigan Chief Security Officer Chris DeRusha; and Amanda Crawford, executive director of the Texas Department of Information Resources, each told members of the Senate Homeland Security Committee that while collaboration on cybersecurity between states and the federal government has improved in recent years, funding and resources for those activities are still in short supply. Krebs acknowledged his agency was not built to support state and local governments when it became the Department of Homeland Security’s newest branch in late 2018. But with ongoing threats to election security and a spike in ransomware attacks against local governments, he said, “we have had to build out our support to states.”

National: How Can State and Local Agencies Better Collaborate on Cybersecurity? | Phil Goldstein/StateTech Magazine

Some state governments, such as Massachusetts, have established formal plans to work with localities within their states on cybersecurity. However, as ransomware attacks proliferate across the country and strike big cities and small towns alike, state-level organizations say there needs to be greater IT security coordination between states and municipalities. Last month, the National Governors Association and the National Association of State Chief Information Officers released a report, “Stronger Together: State and Local Cybersecurity Collaboration,” designed to showcase best practices for such collaboration. “State governments are increasingly providing services to county and municipal governments, including endpoint protection, shared service agreements for cyber defensive tools, incident response and statewide cybersecurity awareness and training,” the report notes. At a minimum, the report says, increased engagement can provide government agencies with “a more accurate threat picture to enhance state and local governments’ cyber posture.” Yet agencies need to move beyond mere information sharing to “leverage limited resources for enhanced cyber capabilities,” the report notes.

National: Russia will try to meddle in 2020 U.S. election, intelligence report says | Courtney Kube/NBC

Russia interfered in Western elections in 2019 and is likely to do so again in 2020, according to the latest annual threat assessment by the Estonian Foreign Intelligence Service. NBC News obtained an exclusive preview of the annual report from the Baltic nation’s intelligence agency, which warns that Russia will continue to pursue cyber operations that threaten other nations. “Russia’s cyber operations have been successful and, to date, have not been sanctioned enough by the West to force Russia to abandon them,” the report says. Russia will try to interfere in the U.S. presidential election in November and in parliamentary elections in the nation of Georgia in October, it warns, saying, “The main goal is to ensure a more beneficial election result for Russia by favoring Russian-friendly candidates or those who have the most divisive influence in the West.”

Florida: Palm Beach County elections office hit by ransomware before 2016 election | Hannah Morse/The Palm Beach Post

Current Palm Beach County elections supervisor Wendy Sartory Link said she recently learned about a 2016 ransomware attack at the elections office. Weeks before the 2016 election that would usher in Donald Trump as president, the Palm Beach County Supervisor of Elections Office was subject to a ransomware attack, elections supervisor Wendy Sartory Link told The Palm Beach Post on Wednesday. The attack more than three years ago happened while Susan Bucher was elections supervisor, but Link said she was unsure how the virus infiltrated the system. “We weren’t part of that, but have we been hacked in Palm Beach County? Yeah, we have,” Link said during an editorial board interview. But Link said she does not believe the ransomware attack against the county is one of the two Russian hacking attempts in Florida revealed in former Special Counsel Robert Mueller’s report last April.

Kansas: Senate panel considers bill requiring paper ballots in Kansas elections | Sydney Hoover/The Topeka Capital-Journal

The Senate Ethics, Elections and Local Government committee heard testimony Wednesday on a bill that would require all Kansas counties to use paper ballots to count votes. Ballots would have several requirements, including the voter’s signature. Votes would be counted by hand or using vote-tabulating equipment that would tally the paper ballot. “At one time, everything was paper ballots, but now Kansas currently has a mix,” said Sen. Richard Hildebrand, R-Baxter Springs. “Once you cast your ballot, you are up to whatever the machine says you voted without the verification from the voter.” Hildebrand said the bill would eliminate the chance of issues such as those during the Iowa caucuses, where a faulty mobile application failed to transmit votes and caused a delay in results.