National: Bipartisan Senate report calls for sweeping effort to prevent Russian interference in 2020 election | Craig Timberg and Tony Romm/The Washington Post

A bipartisan panel of U.S. senators Tuesday called for sweeping action by Congress, the White House and Silicon Valley to ensure social media sites aren’t used to interfere in the coming presidential election, delivering a sobering assessment about the weaknesses that Russian operatives exploited in the 2016 campaign. The Senate Intelligence Committee, a Republican-led panel that has been investigating foreign electoral interference for more than 2½ years, said in blunt language that Russians worked to damage Democrat Hillary Clinton while bolstering Republican Donald Trump — and made clear that fresh rounds of interference are likely ahead of the 2020 vote. “Russia is waging an information warfare campaign against the U.S. that didn’t start and didn’t end with the 2016 election,” said Sen. Richard Burr (R-N.C.), the committee’s chairman. “Their goal is broader: to sow societal discord and erode public confidence in the machinery of government. By flooding social media with false reports, conspiracy theories, and trolls, and by exploiting existing divisions, Russia is trying to breed distrust of our democratic institutions and our fellow Americans.”

National: House Democrats introduce new legislation to combat foreign election interference | Maggie Miller/The Hill

A group of House Democrats led by Administration Committee Chairwoman Zoe Lofgren (Calif.) on Tuesday introduced new legislation aimed at combating foreign efforts to interfere in U.S. elections. The SHIELD Act would require campaigns to report “illicit offers” of election assistance from foreign governments or individuals to both the FBI and the Federal Election Commission (FEC), and also take steps to ensure that political advertisements on social media are subject to the same stricter rules as ads on television or radio. The bill classifies the “offering of non-public campaign material to foreign governments and those linked with foreign governments and their agents as an illegal solicitation of support,” while also closing gaps that allow foreign investment in aspects of U.S. elections. The bill is also sponsored by House Judiciary Committee Chairman Jerrold Nadler (D-N.Y.), along with Reps. John Sarbanes (D-Md.), Derek Kilmer (D-Wash.), Stephanie Murphy (D-Fla.), Jamie Raskin (D-Md.), Susan Davis (D-Calif.), G. K. Butterfield (D-N.C.), Marcia Fudge (D-Ohio), Pete Aguilar (D-Calif.), A. Donald McEachin (D-Va.) and Tom Malinowski (D-N.J.). Lofgren in a statement heavily criticized President Trump and his administration for “welcoming” foreign interference in U.S. elections.

National: Cybersecurity and Democracy Collide: Locking Down Elections | Andrew Westrope/Governing

When asked at a congressional hearing if Russia would attack U.S. election systems again in 2020, Special Counsel Robert Mueller was unequivocal: “It wasn’t a single attempt,” he said. “They’re doing it as we sit here, and they expect to do it during the next campaign.” Presidential campaigns are now underway, and election systems are still vulnerable. From voter registration databases to result-reporting websites to the voting machines themselves, researchers have identified soft spots across the system for hackers to exploit, meaning cybersecurity is now a front line of defense for American democracy. There are many parties working on this problem — secretaries of state, the Department of Homeland Security (DHS), EI-ISAC (Elections Infrastructure Information Sharing and Analysis Center), various nonprofits and private companies — and a few common refrains between them. They’re all pushing for paper ballots, vulnerability screenings, staff training, contingency plans, audits and, above all, more consistent funding. And they all have the same basic message for state and local officials: The security of our elections is riding on you.

National: Foreign interference is coming in the 2020 election whether Trump asks for it or not | Mark Porubcansky/MinnPost

Forget about China helping President Trump smear Joe Biden and his son. Or Ukraine doing so. Or any foreign country with reasonably sane leadership. Foreign interference in next year’s election, if it occurs, is likely to take a more familiar route. Here’s one possibility: Several countries, each with a lot at stake and all using Russia’s 2016 hacking and disinformation playbook, line up on opposite sides of the election. North Korea and Saudi Arabia, for instance, might trying to help Trump get re-elected while Iran tries to help his opponent. The Russians never really shut down, as Special Counsel Robert Mueller stressed in his testimony to Congress in July. China is highly capable, as well, and has a strong interest in who wins the election. Even if no one manages the 2020 equivalent of hacking the Democratic National Committee, they could sow doubt and disgust toward what’s already shaping up to be a very dirty campaign.

National: Iranian Hackers Target Trump Campaign as Threats to 2020 Mount | Nicole Perlroth and David E. Sanger/The New York Times

The 2020 presidential election is still 13 months away, but already Iranians are following in the footsteps of Russia and have begun cyberattacks aimed at disrupting the campaigns. Microsoft said on Friday that Iranian hackers, with apparent backing from the government, had made more than 2,700 attempts to identify the email accounts of current and former United States government officials, journalists covering political campaigns and accounts associated with a presidential campaign. Though the company would not identify the presidential campaign involved, two people with knowledge of the hacking, who were not allowed to discuss it publicly, said it was President Trump’s. In addition to Iran, hackers from Russia and North Korea have started targeting organizations that work closely with presidential candidates, according to security researchers and intelligence officials. “We’ve already seen attacks on several campaigns and believe the volume and intensity of these attacks will only increase as the election cycle advances toward Election Day,” said Oren Falkowitz, the chief executive of the cybersecurity company Area 1, in an interview.

National: Iranian attacks expose vulnerability of campaign email accounts | Maggie Miller/The Hill

A recent hacking attempt by Iran targeting a U.S. presidential campaign highlighted the vulnerability of email accounts heading into the 2020 elections. Microsoft revealed last week that it had tracked an Iranian group named “Phosphorus” attempting to access the email accounts of an unnamed presidential campaign, along with accounts tied to journalists and former and current U.S. officials. While the group compromised only four accounts, it identified 2,700 accounts for targeting and attacked 241 of them. The accounts associated with the unnamed presidential campaign, which Reuters identified as the Trump campaign, were not successfully compromised. The Trump campaign told The Hill they had “no indication that any of our campaign infrastructure was targeted.” Tom Kellermann, who served on a presidential cybersecurity commission during the Obama administration, said campaigns should ensure “modern cybersecurity technologies” are being used to insulate endpoints, and that “websites and mobile apps should be tested for vulnerabilities and hardened accordingly.” But even if campaigns take those steps, Kellermann said, rising tensions between the U.S. and Iran could lead to attacks on other aspects of campaigns and elections.

National: Why over 130,000 new voting machines could lead to more distrust in U.S. elections | Steven Rosenfeld/Salon

cross America, counties and states have acquired at least 130,000 new precinct voting machines that will debut in 2020’s primaries — including areas that can sway national elections. But the machines are controversial, splitting independent experts and election activists on issues that will likely affect public trust and confidence. Those key issues concern the transparency of voting and counting votes, whether reported election results can be double-checked and what role local election boards should play after Election Day to judge voter intent on ballots during challenges and recounts. The boosters of these new voting machines, called ballot-marking devices (BMDs), say that these touch-screen computers printing completed ballots will make voting simpler and more trustworthy. They say that is especially true for infrequent voters and voters with disabilities. They also say that automating ballots will end vote-counting fights — because printing completed ballots will eliminate that jury-like process, which BMD salesmen tout.

National: Hacking a voting machine is getting easier | Brooke Crothers/Fox News

At the world’s premier hackers convention, hacking a voter system was as easy as ever, according to media reports. A summary of the “Voting Village” event posted last week said hackers at Defcon “compromised every single machine over the 2.5-day event, many of them with trivial attacks that require no sophistication or special knowledge on the part of the attacker.” “In most cases, vulnerabilities could be exploited under election conditions surreptitiously…an attack that could compromise an entire jurisdiction could be injected in any of multiple places,” according to a full version of the report. In many cases, physical ports were unprotected, passwords were either left unset or in their default configuration and security features went unused or in some cases, were disabled, the report added. Attendees were given access to over 100 machines at the event, including direct-recording electronic voting machines, electronic poll books, Ballot Marking Devices, Optical scanners and hybrid systems. One machine, based on an old PC hardware, had no BIOS password set on the machine. The BIOS (Basic Input Out System) controls the basic functions of a PC.

Alaska: State buying new voting machines for 2020 | Amanda Bohman/Fairbanks Newsminer

The state of Alaska is replacing the voting machines used in Fairbanks and elsewhere starting with the August 2020 state primary election, according to state and borough elections officials. That means Tuesday’s election was the last regular election for the AccuVote machines that have been used here for the past 20 years. The new machines are ImageCast Precinct ballot counters, or ICPs. The voter experience will not change much, officials said. People will continue to vote privately in a booth and then feed their ballot into a machine that tabulates the votes. The process will take a few seconds longer because the new technology captures an image of each ballot, officials said. The city of Valdez has been using the ICP machines for a few years. The clerk said they work well. “We love it. My voters love it. I haven’t had any problems with their equipment at all,” Valdez City Clerk Sheri Pierce said. The machines are made by Dominion Voting Systems, the same company that manufactured the AccuVote machines.

Arizona: Secretary of State toughens election rules for cybersecurity | Andrew Oxford/Arizona Republic

Arizona officials are considering tougher cybersecurity standards for the state’s elections ahead of 2020, according to a proposed set of protocols the Secretary of State’s Office published this week. Some of the changes come after The Arizona Republic highlighted concerns about policies included in a first draft of a manual that county officials across the state will use to administer next year’s election. Experts contacted by the newspaper pointed to provisions that did not mandate the use of encryption in some circumstances or would allow officials to re-use USB sticks when working with election systems. The Secretary of State’s Office toughened policies on both of those issues in its final draft of the election procedures manual, published this week. Digital security is just a small piece of the proposed manual, which totals more than 500 pages. But cybersecurity has drawn particular scrutiny amid concerns about meddling in American elections.

New York: Hacking concerns delayed vote machines: Westchester bought them anyway | Mark Lungariello/Rockland/Westchester Journal News

Westchester County lawmakers put off buying new voting machines in March over concerns they could be hacked and made to add marks on finished ballots. The county Board of Elections bought some anyway. “The local county legislature has no authority to approve the machines, so we didn’t do anything out of the ordinary,” Reggie Lafayette, Democratic elections commissioner, told The Journal News/lohud. But some lawmakers didn’t see it that way and even sought a written legal opinion from county staff attorneys on the move. The county Law Department concluded in August that the elections board acted within its authority under New York state law as a semi-autonomous entity. Legislator Nancy Barr, a Rye Brook Democrat, said the process still left a lot to be desired. “Even if it’s allowed, it’s certainly not something that generates trust between the Board of Legislators and the Board of Elections, and other departments,” she said at last Monday’s meeting of the legislature’s Budget and Appropriations Committee.

Pennsylvania: Fight over Philadelphia’s voting machines may head to court | Marc Levy/Associated Press

Former Green Party presidential candidate Jill Stein wants Pennsylvania to block Philadelphia from using new touchscreen machines the state is buying ahead of the 2020 election and threatened court action Wednesday if it doesn’t do so promptly. Stein’s demand means that she and a group of plaintiffs could take the state back to Philadelphia’s federal court, where they filed an agreement last year to settle their lawsuit over vote-counting in 2016’s election. Stein and the other plaintiffs made the request in writing to Pennsylvania’s Department of State, which oversees elections. “We must protect our vote and we must protect the authenticity of our vote,” Stein told supporters during her announcement in front of Philadelphia’s federal courthouse Wednesday. The department has 30 days under the agreement to respond. On Wednesday, it did not say whether it would decertify the machines or consider decertifying them, although a spokeswoman pointed out that it recertified the system last month after originally certifying it last year.

Washington: ‘Tens of thousands’ of attempts daily to hack Washington’s election system | Dyer Oxley/MyNorthwest

Washington state’s general election is one month away and aside from making sure the process is ready to run smoothly, Secretary of State Kim Wyman has another concern on her mind — cybersecurity and election hacking. “We have attempts every day,” she told KIRO Radio. “Tens of thousands of attempts to get into our system … right now, we are just blocking all of them.” “Some (hackers) are just trying to see what they can see, ‘what can we get to and what can we play with,’” Wyman said. “And some have bigger chess moves. They are trying to undermine confidence that voters have in our system.”

West Virginia: Alleged mobile voting app hack linked to University of Michigan | Benjamin Freed/StateScoop

Federal investigators looking into an alleged hacking attempt against the mobile app that West Virginia officials used to collect ballots from overseas voters in the 2018 election are determining if the incident was the result of computer-science students at the University of Michigan testing for vulnerabilities. CNN reported Friday that the FBI is investigating “a person or people” who attempted to access the app — Voatz — as part of a cybersecurity course at University of Michigan, which is one of a handful of universities with a curriculum focused on election security. Mike Stuart, the U.S. attorney for West Virginia, revealed the investigation last Tuesday, saying that during the 2018 election cycle his office was alerted by West Virginia Secretary of State Mac Warner that there was an “attempted intrusion by an outside party” to access the Voatz app. According to state officials and the app’s developers, Voatz is designed only to grant ballot access to qualified voters who go through multiple layers of biometric identification, including facial-recognition and fingerprint scanning.

West Virginia: Hackers try to access West Virginia’s mobile voting app | GCN

Someone tried to hack into West Virginia’s blockchain-enabled mobile voting system during the 2018 election cycle. The attack happened during the pilot rollout of West Virginia’s mobile voting pilot that uses a smartphone application developed by Boston-based Voatz to enable eligible overseas voters to receive and return their ballot securely using a mobile device. The app lets military and overseas voters who qualify under the Uniformed and Overseas Citizens Act verify their identities by providing biometric proof in the form of a photo of their driver’s license, state ID or passport that is matched to a selfie. Once voters’ identities are confirmed, they receive a mobile ballot based on the one that they would receive in their local precinct. A confirmation message is sent to the voter’s smartphone when the vote is uploaded to the blockchain’s series of secure, redundant, geographically dispersed servers , which ensures the votes cannot be tampered with once they’ve been recorded.

Iran: Cyberattack on US Presidential Campaign Could Be a Sign of Things to Come | Jai Vijayan/Dark Reading

A recently detected Iranian cyberattack targeting a US presidential campaign may well be a harbinger of what’s in store for political parties and election systems in the run-up to next year’s general elections. Last Friday Microsoft disclosed it had observed significant threat activity over the past two months by Phosphorus, a threat group believed linked to the Iranian government. Phosphorus, which is also known as APT25 and Charming Kitten, made over 2,700 attempts to break into specific email accounts belonging to Microsoft customers. In many cases, Phosphorus used information about the targets — including phone numbers and secondary email addresses — to try and infiltrate their email accounts. In the end, Phosphorus attacked 241 targeted email accounts and eventually managed to compromise four of them. In a blog Friday, Microsoft corporate vice president Tom Burt described the targeted accounts as being associated with a US presidential campaign, current and former US government officials, journalists covering politics, and Iranian nationals residing outside the country. The four accounts that were actually breached, however, were not connected to the presidential campaign or to the government officials.

Russia: How Russian operatives also used Google to influence Americans in 2016 | Jeff Stone/CyberScoop

While Russian propagandists relied heavily on Facebook and Twitter to spread disinformation before the 2016 U.S. presidential election, a new congressional report elaborates on how they also used Google and YouTube to sway Americans’ public opinion in favor of Donald Trump. The Senate Intelligence Committee on Tuesday released a report detailing expansive, and ongoing, information warfare directed against American internet users. The 85-page explanation confirmed much of what was already known about Russian operations: a Kremlin-directed effort utilized an array of social media networks, with their targeted advertising capabilities, to provoke and confuse likely voters ahead of a contentious presidential election. Facebook, Instagram and Twitter were the most crucial aspects of this effort, though Russia’s Internet Research Agency also leveraged Google and its subsidiaries for its own gain. “Periodically, particularly in the context of fast breaking news, Google’s algorithm can elevate extremist content or disinformation to the top of certain searches,” the Senate report said. “Days after the 2016 presidential election, a falsified media account of President-elect Donald Trump having won the popular vote briefly ranked higher than stories that accurately reflected the U.S. popular vote result.”

West Virginia: Hacking attempt reported against West Virginia’s mobile voting app | Benjamin Freed/StateScoop

The FBI is investigating an alleged hacking attempt against the mobile app that West Virginia officials used to collect ballots from some overseas voters during the 2018 election cycle, the Justice Department announced Tuesday. Mike Stuart, the U.S. attorney for West Virginia, said that during last year’s election cycle, his office received a report from West Virginia Secretary of State Mac Warner pertaining to an “attempted intrusion by an outside party” to access the app, Voatz, which Warner’s office has heralded as the future of voting for expat U.S. citizens, especially deployed members of the military. The attempt, Stuart continued, appeared to be unsuccessful, with no actual intrusion or effect on the 144 ballots that were cast in last year’s general election. “No penetration occurred and the security protocols to protect our election process worked as designed,” Warner said at a press conference Tuesday in Charleston, the state capital. Still, Warner said, the attempted intrusion was referred to the FBI for investigation as a “deterrent” against attempts by outside actors to interfere with the state’s election process.

National: Former officials flag disinformation as top threat to U.S. elections | Derek B. Johnson/FCW

Two top former national security officials believe that disinformation campaigns may pose a greater long-term threat to election infrastructure than cybersecurity risks. “Securing the voting apparatus … that’s hugely important, but that to me at least is one bin of the problem,” said former Director of National Intelligence James Clapper while speaking at an Oct. 2 Washington Post event. “The other bin is what I would call, for lack of a better term, intellectual security, meaning how do you get people to question what they read, see and hear on the internet? And this where the Russians exploited our divisiveness by using social media, so that part of the problem I’m not sure about.” Clapper said that when it comes to protecting voting machines and other election infrastructure, agencies like the FBI, Department of Homeland Security, National Security Agency and others have “done a lot” since 2016.

National: US Officials Not Taking Putin Election Comments Lightly | Jeff Seldin/VoA News

U.S. security officials are not laughing at the latest comments by Russian President Vladimir Putin about the Kremlin’s attempts to interfere in U.S. elections. Putin, speaking at an economic forum in Moscow Wednesday, dismissed U.S. allegations that Russia meddled in both the 2016 U.S. presidential election and the 2018 mid-term election as “ridiculous.” “Or it would be ridiculous if it was not that sorrowful, because all we see now in the U.S. domestic politics ruins Russia-U.S. relations, and I am sure it harms the United States itself, too,” Putin said. “I’m telling you as a secret – yes, we will definitely do it (meddle in next year’s U.S. presidential election) in order to deliver you the best of fun,” Putin joked with the audience. “Just don’t tell anyone.” Despite Putin’s comments, U.S. security and intelligence officials have said, consistently, that they have seen indications Russia will try to interfere with the upcoming 2020 presidential elections.

National: US diplomats told Zelenskiy that Trump visit was dependent on Biden statement | Julian Borger and Lauren Gambino/The Guardian

US diplomats told Ukraine’s president, Volodymyr Zelenskiy, that a prestigious White House visit to meet Donald Trump was dependent on him making a public statement vowing to investigate Hunter Biden’s company, and a Ukrainian role in the 2016 elections, according to texts released on Thursday night. The texts, released by three congressional committees holding impeachment hearings, show that the diplomats made clear that any improvement in Kyiv’s relations with Washington would be dependent on Zelenskiy’s cooperation in Trump’s quest to find damaging material about son of his leading political opponent, and on the Democrats in general. In August, Zelenskiy’s government became aware, through a US press report, that military aid for its struggle with Russia, had been withheld by Trump, in an apparent effort to increase the pressure on the Ukrainian government. The texts are exchanges from July to early September between three US diplomats – Gordon Sondland, the ambassador to the European Union, Kurt Volker, the then special envoy on Ukraine, and Bill Taylor, the acting ambassador to Kyiv. Trump’s personal lawyer, Rudy Giuliani and a Zelenskiy aide, Andrey Yermak, also make brief appearances in the correspondence.

Editorials: Democrats Must Act Now to Deter Foreign Interference in the 2020 Election | Thomas Wright/The Atlantic

Democrats face a national-security problem without parallel in the annals of American democracy. The president of the United States, Donald Trump, has made clear not only that he will remain passive in the face of foreign interference in the 2020 U.S. election—a threat his current and former directors of national intelligence have called the most serious facing the country—but also that he will actually solicit such interference if it serves his interests. We know of at least one case—when he asked President Volodymyr Zelensky of Ukraine to launch an investigation into former Vice President Joe Biden as a personal favor—but there may well be others. Parts of the U.S. government, such as the Department of Homeland Security and the FBI, as well as state authorities, are working to prevent foreign interference in American elections, but even with a Herculean effort, the country’s defenses against political warfare, especially in the cyber domain, are weak and porous. Such attacks are easy to execute, but difficult and expensive to thwart. The threat is evolving and will be different than it was in 2016. There are many targets.

Editorials: Voting machines pose a greater threat to our elections than foreign agents | Lulu Friesdat/The Hill

As the election security conversation widens beyond Russia, to include countries like Iran and China, it’s important to examine how security flaws in our country’s voting equipment increase the vulnerability of our elections. In 2010 a university cyber team conducted a test attack on an internet voting pilot project in Washington, D.C. The team successfully picked the winner of the election remotely from its Michigan lab. Writing about the attack, computer science professor J. Alex Halderman said, “Within 36 hours of the system going live, our team had … the ability to change votes.” In follow-up testimony, Halderman offered some chilling details: “While we were in control of these systems, we observed other attack attempts originating from computers in Iran and China. These attackers were attempting to guess the same master password that we did. And since it was only four letters long, they would likely have soon succeeded.” Security experts have long warned that short passwords provide easy targets, but hackers at DEF CON, an annual security convention, recently found U.S. election systems with no passwords at all.  How did the security bar get set so low?

Colorado: Secretary of State’s QR code election security measure adopted | Teresa L. Benns/Del Norte Prospector

According to a Sept. 16 news release on the Colorado Secretary of State’s (SoS) website, Secretary of State Jena Griswold announced that Colorado will stop using ballots with QR codes, a marking used to track packages and other materials pictured above. The removal of QR codes from ballots will increase the security of vote tabulation and ensure voters can accurately verify that their ballots are correctly marked. With foreign countries actively trying to exploit voting vulnerabilities, this is a first-in-the nation added security measure. Marilyn Marks, who advocates for voting integrity nationwide, came to Saguache County in 2011 to investigate the irregular county election held in 2010. During that time, she also monitored an election held in Chaffee County where the QR code question was first raised. “Chaffee ballots are identifiable by both the voter and the government,” Marks said in an Aug. 9, 2012 Center Post-Dispatch article. (QR) codes on the ballot can be traced back to the voter in what Marks says is a very sophisticated process that could not have been detected by most voters or watchers.

Georgia: Previously redacted Georgia election security document made public | Mark Niesse/The Atlanta Journal-Constitution

The Georgia secretary of state’s office acknowledged Thursday that a vendor had improperly redacted a purchasing document detailing security features of the state’s new $107 million voting system. The unredacted 143-page document was posted on the secretary of state’s website Thursday. The document, which explains “high level security” of the state’s new voting check-in iPads, doesn’t compromise the integrity of the system, according to the secretary of state’s office. The document was made public “in the spirit of good governance and transparency” after the secretary of state’s office was alerted about the redactions, said Deputy Secretary of State Jordan Fuchs. “Our new voting system, including new Poll Pads, are our most secure system to date,” Fuchs said. The iPads will be provided by a company called KnowInk, which is working with Dominion Voting Systems to install the new voting technology statewide before the March 24 presidential primary.

North Carolina: Toss-up State to Use Vulnerable Tech in 2020 | Jack Lowenstein/WhoWhatWhy

The 2020 election is expected to once again be razor-close and, in light of Russian attempts to hack the vote in 2016, making it secure is of paramount importance. That is why North Carolina’s recent decision to open the door for unverifiable barcode election technology is raising eyebrows in the election integrity community. At the end of a 30-month process, the North Carolina State Board of Elections recently approved three new voting systems to replace decades-old technology in the state. However, state election officials also did something else: With their selection, they approved the use of barcode voting technology. Election integrity advocates, cybersecurity experts, and even two members of the five-member state board have strongly objected to the use of this technology. With the 2020 presidential election on the horizon — and North Carolina expected to be in play — the decision of state officials to choose voting systems that do not leave behind a verifiable paper trail creates major concerns for election transparency advocates.

Ohio: House Lawmakers Approve Civilian Cyber Reserve | Jim Provance/Toledo Blade

The Ohio House on Wednesday voted unanimously to create a civilian cyberforce within the Ohio National Guard to respond to cyberattacks against elections systems, governments, businesses, and critical infrastructure. Senate Bill 52, sponsored by Sen. Theresa Gavarone (R., Bowling Green), now returns to the Senate for consideration of House changes. The bill passed the upper chamber unanimously earlier this year. A city’s mayor could ask the governor to call out the Ohio Cyber Reserve if the city finds itself in over its head in fending off or mitigating a ransomware attack or other cyberintrusion, much as governments can now ask for help after natural disasters. “By their nature, elections are vulnerable to threats both foreign and domestic,” Rep. Doug Green (R., Mt. Orab) said. “Creating the Ohio Cyber Reserve allows for preparedness in mitigating those cyberattacks and ensures Ohio’s voters that their elections are secure and accessible.”

Pennsylvania: Green Party’s Jill Stein threatens legal challenge to Philadelphia’s new, $29M voting machines | Jonathan Lai/Philadelphia Inquirer

Jill Stein, the 2016 Green Party presidential candidate, threatened Wednesday to take legal action to block Philadelphia from using its new voting machines if the Pennsylvania Department of State continues to allow their use. The machines, which cost the city $29 million, are slated to be used in next month’s election. But Stein said they violate the terms of a settlement she reached with the state late last year stemming from her 2016 recount battle. “We will seek relief in the court if this unverified, unauditable, hackable, expensive machine is not promptly decertified,” Stein, flanked by about two dozen supporters, said outside the federal courthouse in Center City. That agreement settled Stein’s effort in 2016 to seek a recount and forensic audit of voting machines in Pennsylvania and elsewhere after Donald Trump’s victory that year. (Stein, an activist and physician from Massachusetts, received 0.82% of the vote in Pennsylvania.) Under the settlement, the plaintiffs must first notify the Pennsylvania Department of State in writing of potential violations of the agreement; the department then has 30 days to respond before Stein and other plaintiffs can take the matter to court.

West Virginia: Attempted hack of military app investigated | Steve Allen Adams/The Intermountain

Federal and state officials announced this week an FBI investigation into an attempted hack on the new app for overseas deployed military voters and their families and warned others not to make the attempt. Mike Stuart, U.S. attorney for the Southern District of West Virginia, and Secretary of State Mac Warner held a press conference at the Robert C. Byrd Courthouse in downtown Charleston. According to Warner, there was an attempt to hack the Secure Military Voting Application during the 2018 elections. The mobile app allows deployed military and their families to download an app and vote for candidates after they apply to use the app and are approved. “In last year’s election, we detected activity that may have been an attempt to penetrate West Virginia’s mobile voting process,” Warner said. “No penetration occurred and the security protocols to protect our election process worked as designed.” During the mobile voting process, the virtual ballot is encrypted and secured utilizing blockchain technology, then sent to the voter’s county clerk in West Virginia where their ballot is printed and tabulated. West Virginia was the first state to use mobile voting, first in a pilot project during the 2018 primary election, then a full rollout for any county that wanted to participate in the 2018 general election.

West Virginia: FBI called in to investigate 2018 Mountain State mobile voting system hacking | Shaun Nichols/The Register

The state of West Virginia says someone attempted to hack its citizens’ votes during the 2018 mid-term elections. A statement issued this week by US Attorney Mike Stuart of the Southern District of West Virginia revealed that the FBI has been called in and is actively investigating at least one attempt to tamper with election results. “My office instituted an investigation to determine the facts and whether any federal laws were violated. The FBI has led that investigation,” Stuart said. “That investigation is currently ongoing and no legal conclusions whatsoever have been made regarding the conduct of the activity or whether any federal laws were violated.” According to the US attorney, the unknown hacker, only referred to as an ‘outside party’ tried (and failed) to get access to the mobile voting system the state used for military service members stationed overseas.