Vermont: Secretary Of State: Hacking Attempt ‘That Said Russian Federation’ Raised Concerns | WBUR

The Vermont Secretary of State told On Point that in late August hackers used three different methods to attempt to access Vermont’s online voter registration database. One of the attempts came from Russia. “We experienced scans,” Vermont Secretary of State Jim Condos said. “Our logs of the system showed where they were coming from. The one that raised our attention, if you want to call it, was the one that said ‘Russian Federation,’ and we forwarded that on to Department of Homeland Security.” None of the attacks were successful. The attempts were first reported by NBC News. Condos revealed the Russian attempt to On Point. The Department of Homeland Security said in an intelligence assessment obtained by NBC News that it’s aware of growing “cyberactivity targeting election infrastructure in 2018. … Numerous actors are regularly targeting election infrastructure, likely for different purposes, including to cause disruptive effects, steal sensitive data and undermine confidence in the election.”

Afghanistan: Officials vow to probe chaotic legislative vote | AFP

Embattled Afghan election officials on Monday vowed to investigate the mishandling of the weekend’s problem-plagued legislative ballot, as voters prepare to wait weeks for the results. Initial figures show around four million voted in the long-delayed election that was extended by a day after many polling centres opened late or not at all due to glitches with biometric verification devices and missing or incomplete voter rolls. That is less than half of the nearly nine million voters who had registered to participate in the parliamentary election, though many suspect that a significant number of those were based on fake identification documents that fraudsters hoped to use to stuff ballot boxes. The turnout figure does not include those who voted on Sunday, the Independent Election Commission (IEC) said.

Australia: ​Electoral Commission seeks advice on overhauling 30-year-old systems | ZDNet

The Australian Electoral Commission (AEC) wants to overhaul its election systems, but it doesn’t exactly know how such overhaul will look, or what it will comprise of. The AEC published a request for information (RFI) this week, seeking specifically “innovative” ideas and approaches to designing and delivering an Election Systems Modernisation Program, asking the market for guidance on everything from procurement constraints to the end result. The core software platforms currently in place at the AEC have been in use for almost 30 years, the RFI revealed, with the AEC’s systems environment consisting of approximately 93 systems and supporting sub-systems. The 90-plus systems deliver services to citizens and political parties, support the work of the AEC, and provide integration and interface services, the AEC explained.

Canada: Online voting causes headaches in 51 Ontario cities and towns | The Toronto Star

Glitches with a private online voting company impacted local elections in 51 cities and towns across the province on election day, causing at least six to extend voting hours until Tuesday in an example one expert says highlights the wild west of internet voting. Dominion Voting blamed the “slow traffic” that voters experienced just after 6 p.m. Monday on a third-party Toronto-based data centre placing an “unauthorized limit on incoming voting traffic,” in a press release sent to affected municipalities. … Aleksander Essex, an assistant professor of software engineering at Western University, in London, Ont., said Dominion Voting is essentially “blaming it on their subcontractor,” adding it’s not clear why the entire website appeared to shut down temporarily. But the incident highlights bigger concerns with online voting, the use of which has been steadily growing in Ontario.  “Wild west is exactly the term I’ve been using,” he said. “It absolutely is dangerous for democracy.”

Congo: Controversial voting machines start arriving | Reuters

Congo’s deputy prime minister said on Saturday that tablet-like voting machines for December’s election had been made to order and will finish arriving this month, despite suspicions by diplomats and the opposition that they may enable fraud. President Joseph Kabila is due to step down after 17 years in power after a long-delayed vote scheduled for Dec. 23 to choose his successor. The election, which was meant to happen before Kabila’s mandate expired in 2016, had been delayed for so long that many doubted it would happen. If it goes ahead, it will be Democratic Republic of Congo’s first peaceful transition of power since independence from Belgium in 1960. This year, crucial milestones of the calendar — such as candidate registration — have been passed on time.

National: Blockchain Might Make Voting Worse — Not Better: Crypto Researchers | CCN

Three researchers with the Initiative for CryptoCurrencies and Contracts (IC3) are questioning whether, as some proponents claim, blockchain technology will be able to change the internet voting sector for the better. In an article published by Business Insider, the scholars argue that while blockchain technology might serve to revolutionize other industries, internet voting might be a sector that doesn’t benefit from the technology at all, and could potentially even be harmed by it. The researchers start off by acknowledging that they understand why blockchain technology is being considered as an option to optimize internet voting. There is little doubt in the fact that the cryptocurrency world has attracted billions of dollars for legitimate reasons and that it has clear potential to revolutionize everything from the global payments sector, to logistics, to retail, to land ownership rights, among other sectors.

National: Experts say latest Russia case exposes US election vulnerabilities | The Hill

The indictment of a Russian national accused of trying to interfere in U.S. elections shows that not enough has been done to stop the country from launching a multimillion-dollar effort to influence American voters, experts say. Both officials and experts have been warning for months that Russia is trying to influence voters after the country successfully launched a cyber and disinformation campaign in the 2016 election. They say Friday’s indictment of a Russian national, revealing details of the alleged attempts to sway the public, combined with a U.S. intelligence warning of ongoing influence campaigns, is arguably the strongest message to date that the U.S.’s penalties against the country haven’t been enough to shut down the campaigns.

National: Pros to government: If your defenses fail, think pen and paper | The Washington Post

After a cyberattack forced a local Alaska government to disconnect its computer systems from the Internet this summer, employees were ready with a Plan B. They picked up pens and paper — and even resorted to typewriters — so that the government could continue its daily work, from collecting property taxes to checking out books at public libraries. They had practiced for this kind of scenario, which helped ensure the multipronged malware attack did not grind public business to a halt, said Eric Wyatt, the Matanuska-Susitna Borough IT director. “Having these plans and being able to go to paper and pen and manual methods was very helpful,” he said. “We could keep our doors open and continue to provide service to our citizens.” The focus of government cybersecurity has largely centered on developing cutting-edge solutions — and shoring up basic vulnerabilities — to prevent attacks on IT systems. But as more and more government business moves online, there’s a growing call among security pros and government officials for a different, albeit slightly more fatalistic, approach. Public agencies, this cohort says, should just assume they will be hacked — and practice how to carry out essential functions without Internet access or even computers in some cases.

National: 5 Risks We Face with E-Voting Technology | Techspective

Technology brings with it a number of conveniences, but it also opens up opportunities for scammers and hackers to take advantage of people through tech fraud. That crime involves using technology in a variety of possible ways to mislead people, steal data, shut down systems and more. Increasingly over the past several years, tech fraud has influenced voter fraud, which also manifests in many ways. People may use fake information at the polls, try to vote more than once or otherwise wrongfully attempt to swing votes in a certain direction. Unfortunately, e-voting could facilitate both tech fraud and election fraud if the platforms aren’t sufficiently locked down.

National: The AI Threat to Democracy | ExtremeTech

Strolling the leafy suburbs of Austin, Texas, one could be forgiven for thinking democracy is in a robust state of health. The trees are changing color and the world appears largely in order, the outcome of inevitable forces leading to ever greater levels of comfort, luxury, and efficiency. But as the historians are fond of reminding us, there’s nothing inevitable about democracy. Other, less equitable systems of government have historically been far more representational of human affairs. And the democratic liberal order has never been more fragile. Democracies have always had their opponents, but for the first time in history, the principal threat to it comes from shifting technological sands rather than power-hungry despots. As some of more perceptive among us have begun shouting from the rooftops, the rise of strong artificial intelligence could well send the spool of democracy unraveling across the floor.

National: McAfee CTO raises concerns about election cyber security | Computer Weekly

Cyber security concerns around voting should be around the processes involved rather than just the electronic equipment used, according to Steve Grobman, senior vice-president and chief technology officer at security firm McAfee. Underlining this issue, he discussed a recent discovery by McAfee of a “big gap” in the security of the way US local jurisdictions communicate with their constituencies. Because US elections are decentralised, being run at a state and local level rather than at a federal level, with every state and locality choosing how to do things, there is very little uniformity. “We have found two big issues with the way local jurisdiction communicate with their constituencies,” said Grobman. Although these issues are US-specific, he told Computer Weekly that the issue is likely to be global given that the failings in the US are underpinned by a lack of cyber security skills, which is a challenge facing most countries around the world.

Alabama: Purge of voter rolls creates stir in Alabama congressional race | Anniston Star

Since John Merrill took office as secretary of state, Alabama has purged 658,000 voters from its rolls, Merrill said Monday. Most of those voters are dead, convicted of felonies or moved out of state, Merrill says. But one Democratic candidate for Congress says the number of purged voters is far higher than it should be. “We’re not going to take this lying down,” said Jacob Ray, campaign manager for Mallory Hagan. Hagan is running as a Democrat for Alabama’s 3rd District seat in Congress, now held by U.S. Rep. Mike Rogers, R-Saks. Last week, Hagan announced the creation of a “voter protection committee,” saying that 55,000 voters in the district had been disqualified or labeled inactive since February 2017.

Colorado: A Safe Place for Elections | State of Elections

Colorado is known for more than just picturesque mountain views and crystal-clear rivers. The Centennial State touts some of the best education, healthcare, and the best state economy in the nation. To add to this impressive list of achievements, Colorado has been christened as the safest state in the nation to host an election. Colorado’s impressive new title come from two different sources: The Washington Post and Homeland Security Secretary Kristjen Nielsen. Over the last decade, Colorado took several steps forward in election security to ensure the integrity of its elections. First, Colorado implemented a first-of-its-kind risk-limiting audit. In 2013, the Colorado legislature codified this new auditing technique (Colo. Rev. Stat. § 1-7-515 (2013)), which was required for the 2017 elections and all “primary, general, coordinated, or congressional vacancy elections thereafter.” A risk-limiting audit is a form of statistical analysis that requires officials to match certain paper ballots with the electronic voting machines’ interpretation of the ballots. This ensures that the machine read the ballot correctly.

Georgia: Thousands of voter registrations await processing in Georgia | Atlanta Journal-Constitution

More than 7,000 voter registration applications in metro Atlanta still hadn’t been processed as of Monday, nearly two weeks after the deadline to register to vote and one week since in-person early voting began.
County election officials said they expect the backlog to be cleared this week, but it takes time to review each voter registration form. New voters whose registrations haven’t been processed can cast provisional ballots that will be counted if their information is verified, or they can wait at early-voting sites for election officials to complete their registrations. Registration forms were awaiting processing Monday in Cobb, DeKalb and Fulton counties, according to ProGeorgia, a nonprofit organization focused on voter engagement and civic participation. Clayton and Gwinnett counties had processed all their voter registration forms.

Georgia: Voters Sue State So They Can Cast Ballots in Hot Governor’s Race | Bloomberg

Allegations that Georgia’s Republican-led election officials are unfairly throwing out mailed ballots over hyper-technical errors are set to go before a federal judge two weeks before Election Day. Hundreds — perhaps thousands — of ballots are being rejected because voters’ signatures don’t appear to match the ones on file, or because the voter oath is signed on the wrong line, two lawsuits claim. And would-be voters don’t get a chance to fix the errors or provide explanations, they say. The practice adopted by Georgia Secretary of State Brian Kemp has a lopsided impact on likely Democratic voters, according to the lawsuits — an allegation that carries extra significance because Kemp, a Republican, is running for governor on Nov. 6 in one of the nation’s most-watched races.

Minnesota: Cyber Security Experts say 2-Factor Authentication Crucial To Election Security | KSTP

Cyber security election experts say some Minnesota counties are not doing enough to protect their systems from hackers. A simple security measure of two-factor authentication used to protect emails, bank accounts and social media pages could help safeguard county computers from potential hacker stealing login information. Those experts say this is so important because this closely watched mid-term election is a prime target for hackers trying to disrupt the democratic process at all levels. “In 2016, we saw similar attacks and attempts to steal information log-in credentials and (that) might be valuable to someone who wants to influence the election,” said Reed Southard, a Harvard University researcher.

New Hampshire: Judge blocks SB 3 voting law, saying it imposes ‘unreasonable, discriminatory’ burdens | WBUR

The state has been blocked from using new voter registration forms and affidavits set out in the controversial 2017 law known as Senate Bill 3 in the upcoming election by a court ruling that called the law burdensome, confusing and likely to create long lines at voting places. Superior Court Judge Kenneth Brown on Monday issued a preliminary injunction halting the state from moving forward with the provisions of the law, which was challenged shortly after it was signed last year by Gov. Chris Sununu. Brown ruled that “the burdens imposed by SB 3 are unreasonable and discriminatory.” The ruling, which was issued 15 days before the midterm election, was in favor of the plaintiffs: the League of Women Voters, the New Hampshire Democratic Party and several voters. The court said the plaintiffs are likely to succeed on the merits after a full-blown trial, which is expected to be held next year.

New Jersey: Is your vote safe? Just 1 New Jersey county can back it up on paper | Asbury Park Press

Nearly all of New Jersey’s 11,000 voting machines are vulnerable to election hacking that could change the outcome of elections across the state, but that is not the worst part of the nightmare scenario feared by security experts. Because the computer-drive voting machines are paperless, no one would know for certain if votes had been changed, the experts say. A USA TODAY NETWORK New Jersey review found that election officials in all counties test the machines for a host of technical issues — do the voting machines turn on, do they correctly count test votes, for example — but there is no independent test that deems them hack-proof. The Network asked for simple proof that the machines were digitally secure: Did independent security experts certify the hardware and software as secure, much the same way a bank or business ensures its money transactions are protected from outsiders?

North Carolina: Court ruling in elections board case before 2018 midterms | News & Observer

The government board that oversees elections in North Carolina is unconstitutional, a panel of judges ruled on Tuesday — just weeks before Election Day in the 2018 midterms, and only a day before the start of early voting throughout the state. However, the judges recognized the timing and ruled that the N.C. Board of Elections and Ethics Enforcement can continue operating as-is, until after the elections are over and the votes are counted. The laws struck down as unconstitutional were put in place by the Republican-led General Assembly in 2017 and 2018 and limited the authority of Democratic Gov. Roy Cooper. The laws were passed to replace previous legislation passed in December 2016, a month after Cooper won the election, that was also struck down as unconstitutional. Prior to the legislative changes that have now been struck down, the governor’s political party was given a majority on the board.

South Carolina: Richland County says election running smoothly after equipment malfunction | WLTX

The Director of Richland County elections is telling voters not to worry after an electronic malfunction caused headaches earlier this month. As absentee votes are cast this month, they’re being cast on new personal electronic ballot (PEB) cards after a technical issue required all the cards to be replaced. Richland County Elections Director Rokey Suleman explained the problem. “We noticed a situation where we were putting our personal electronic ballots into the machines to activate the machines and the machines were shutting down,” Suleman explained on Monday. The cards tell the machines what elections to pull up for voters. Suleman said they are programed ahead of time and then inserted into the machines before elections. After discovering the issue, Richland County staff worked with the vendors for a few days to try and find a solution to the software issue.

Verified Voting in the News: The Campaign for Mobile-Phone Voting Is Getting a Midterm Test | The New Yorker

Bradley Tusk has a plan to fix American democracy. A former high-level staffer for Chuck Schumer and Michael Bloomberg, among others, Tusk has recently been using his political wits to help tech companies sidestep red tape and clear regulatory hurdles. As he recounts in his new book, “The Fixer: My Adventures Saving Startups from Death by Politics,” Tusk has—for better or for worse—convinced authorities across the country to let Uber operate in their cities, figured out how to get the San Jose City Council to allow on-demand home delivery for marijuana, and toppled regulations banning the sale of online homeowners and renters’ insurance. When Uber, the first tech client of his fledgling consulting firm, didn’t have enough cash to pay him, Tusk took half his compensation in equity. As a consequence, he said, “I just got more money than I ever expected to have.” …  On its face, voting by phone makes sense. Nearly ninety-five per cent of American adults own mobile phones, and rely on them for all sorts of secure transactions. Using them to cast a ballot would seem to be a natural extension, and one that removes many of the impediments that discourage people from voting, such as inconveniently located polling places, limited hours, and long lines. A survey of 3,649 voting-age Americans in 2016 found that about forty per cent would choose the option of Internet voting if it were offered. (Voting by phone app is a variant of Internet voting, since ballots are transmitted over the Internet.) But implementing a working system is not as simple as it may appear.

Afghanistan: Parliamentary Elections Marred by Technical Troubles and Insecurity | The Diplomat

On October 20, Afghanistan held its long overdue parliamentary elections. Delayed since 2015, the polls were only the third since the ousting of the extremist Islamist Taliban regime in the wake of the 9/11 attacks in 2001. While voter turnout in Kabul and other cities was reportedly high, the election was spoiled by technical and organizational problems at some of the 4,900 polling stations across the country. Contrary to large populations centers, where security was – for Afghan standards – relatively good, insurgent attacks severely hampered, if not prevented, voting in some more remote areas. These disruptions open the door even further for – justified or not – criticism of the results (preliminary results are scheduled to be announced on November 10). The Diplomat visited two polling centers in Kabul’s Shahr-i Naw, a neighborhood in the center of the Afghan capital only a few minutes’ walk away from heavily guarded ministries and embassies. Both opened as scheduled on the morning of October 20. Voters arrived alone or in small groups and entered the stations, which were – like many around the country – located in mosques guarded by a number of police officers. Across Afghanistan, reportedly 70,000 government forces were deployed to ensure the security of the elections.

Brazil: Authorities admit fake news struggle | ZDNet

Brazil’s Supreme Electoral Court (TSE) has conceded that it is struggling to deal with the overwhelming wave of fake news created and disseminated around the country’s presidential elections. In a press conference that took place yesterday (22) following the emergence of a WhatsApp mass messaging scandal involving leading presidential candidate Jair Bolsonaro , TSE minister Justice Rosa Weber said there was no failure regarding Brazil’s electoral justice around dealing with disinformation, but later admitted there is a problem. “We all know fake news is a worldwide phenomenon, which calls for reflection. We would like to have an immediate and effective solution, but we don’t,” Weber told journalists. “Whoever has the solution to fight disinformation, please show it to us. We haven’t discovered a miracle,” she added.

Cameroon: Paul Biya Gives a Master Class in Fake Democracy | Foreign Policy

It’s no accident that Paul Biya is the second-longest-ruling head of state in the world who isn’t a monarch. Nor that Cameroon’s constitutional council confirmed today that Biya, who has been in power for 36 years, has won a seventh term in office and is set to lead the country until 2025. By any objective standard, the Cameroonian election on Oct. 7 was a farce, according to outside observers. Voter turnout was marked by apathy, and in some regions, outright fear, with credible sources saying that less than 1 percent of voters cast ballots in some areas. In the country’s English-speaking regions, harsh crackdowns on an emerging secessionist movement kept many polling stations closed and left others mostly attended by soldiers. But the country’s state media want you to know that the elections went just fine, and they can cite “outside monitors” to prove it.

Canada: Voting times extended in several Ontario municipalities due to online voting glitches | Global News

Several municipalities in Ontario are extending online and in-person voting times after problems with their online voting systems. The glitch affected several municipalities that use the Dominion Voting System, which struggled to process the traffic on its website, according to Kingston city officials. “The City of Kingston is one of a number of municipalities that have been affected by online voting issues. Internet voting became inaccessible at approximately 5:45 p.m. this evening,” read a public notice from the City of Kingston, which added that in-person voting times would be extended by an hour and 15 minutes to 9:15 p.m.

Poland: Warsaw’s Mayoral Election and the Future of Populism | The Atlantic

On a chilly Friday evening in Poland’s capital, the mayoral candidate Patryk Jaki took the stage in Praga Park to make a final pitch to voters. The location had symbolic resonance: Warsaw’s Praga district is home to many low-income residents who feel stigmatized and left behind by their increasingly prosperous and cosmopolitan city. This, in turn, helps makes it friendly territory for Jaki’s Law and Justice (PiS), the right-wing Euroskeptic populist party currently in control of Poland. “People from the town hall keep humiliating and spitting on us,” Jaki said, as his supporters chanted to drown out a small group of protesters. “They don’t want us to take over the town hall, because they’re afraid of what we’ll find there.”

Editorials: America’s Elections Could Be Hacked. Go Vote Anyway. | The New York Times

Will November’s election be hacked? A quick sampling of news stories over the past couple of years offers little comfort. In the months before the 2016 presidential election, Russian hackers tried to infiltrate voting systems in dozens of states. They succeeded in at least one, gaining access to tens of thousands of voter-registration records in Illinois. In April, the nation’s top voting-machine manufacturer told Senator Ron Wyden, of Oregon, that it had installed remote-access software on election-management systems that it sold from 2000 to 2006. Senator Wyden called it “the worst decision for security short of leaving ballot boxes on a Moscow street corner.” At a hacking convention last summer, an 11-year-old boy broke into a replica of Florida’s state election website and altered the vote totals recorded there. It took him less than 10 minutes. All along, the nation’s top intelligence and law-enforcement officials have been sounding the alarm, warning that Russia is engaged in a “24-7 365-days-a-year” effort to disrupt the upcoming midterm elections and imploring Congress and the White House to take more decisive action.

National: Here’s How Russia May Have Already Hacked the 2018 Midterm Elections | Newsweek

It’s not easy to get in to see Diane Ellis-Marseglia, one of three commissioners who run Bucks County, Pennsylvania. Security is tight at the Government Administration Building on 55 East Court Street in Doylestown, a three-story brick structure with no windows, where she has an office. It also happens to be where officials retreat on election night to tally the votes recorded on the county’s 900 or so voting machines. Guards at the door X-ray bags and scan each visitor with a wand.Unfortunately, Russian hackers won’t need to come calling on Election Day. Cyberexperts warn that they could use more sophisticated means of changing the outcomes of close races or sowing confusion in an effort to throw the U.S. elections into disrepute. The 2018 midterms offer a compelling target: a patchwork of 3,000 or so county governments that administer elections, often on a shoestring budget, many of them with outdated electronic voting machines vulnerable to manipulation. With Democrats on track to take control of the U.S. House of Representatives and perhaps even the Senate, the ­political stakes are high. … The U.S. certainly hasn’t forced the Russians to look hard for places to strike. The midterm elections are rich in targets. Bucks County is ­hardly unique in relying on easily hacked voting machines, whose results could determine control of Congress or individual states. About 30 percent of America’s voting machines are as outdated and nearly unprotected as those in Bucks County, says Marian Schneider, a former Pennsylvania deputy secretary for elections and administration and now president of Verified Voting, a national election-­integrity advocacy group. Ballotpedia, a nonprofit website that tracks elections, lists nearly 400 congressional and top state official races this November as competitive enough to be considered battleground contests.

National: State election chiefs oversee vote while seeking higher office | McClatchy

In three states, the referee for the midterm elections is also on the field as a player. Elected secretaries of state in Georgia and Kansas — who in their official capacities oversee the elections in their states — are running for governor. Ohio’s secretary of state is running for lieutenant governor. All are Republicans. They have faced scattered calls to resign but have refused to do so. Election reformers say the situation underscores the conflict of interest when an official has responsibilities for an election while also running as a candidate. “There is just too much of a temptation if a political party is in a position to run the mechanics of an election to try to tilt it, and it’s a temptation we ought not to encourage,” said former U.S. Rep. Lee Hamilton, an Indiana Democrat who spent 34 years on Capitol Hill. “This is not nuclear physics.” While the three secretaries of state are Republican, concerns about inappropriate actions by partisans who hold the office transcend parties. An independent counsel earlier this month began investigating Kentucky’s Democratic secretary of state, Alison Lundergan Grimes, over allegations that her office accessed voter registration data to check the party affiliation of job applicants. Grimes may seek higher office next year.