Missouri: St. Louis County Voters To Mostly Use Paper Ballots | KBIA

The St. Louis County Board of Elections unanimously voted Tuesday to shift toward using paper ballots and away from touch-screen voting machines. The elections board is moving forward with a $6.9 million contract with Hart Intercivic eSlate to provide new voting machines and software that primarily run a paper ballot system. The new apparatus is expected to be in place for the Nov. 5 election. A small number of touch-screen machines — one per polling station — will continue to be available for people with disabilities, said election board chair Sharon Buchanan-McClure. It’s unclear how many machines were purchased or other details, since the contract was not immediately provided Tuesday. The board held a closed-door meeting to discuss its voting machine options. Then, it opened the meeting to take the vote on the contract without any public discussion about its decision. 

Montana: State puts $1.3M toward updating county voting machines | Holly K. Michaels/Helena Independent Record

The Montana Secretary of State’s office announced Tuesday more than $1.3 million in money for counties to update their voting equipment. The money comes from a federal Help American Vote Act and is matched with county funds. Counties will be able to purchase new Express Vote voting equipment with the funding. “This is a big step in the right direction for counties to upgrade election technology that strengthens Montana’s election security ahead of 2020,” Secretary of State Corey Stapleton said in a press release announcing the funding. The new equipment is meant to ease voting access for people with disabilities. However, at a meeting of the State Administrative and Veterans Affairs hearing Tuesday, Beth Brenneman, attorney for Disability Rights Montana, said that because of how the Express Vote machines function, they may present some issues for voters who are blind. Joel Peden, advocacy coordinator with the Montana Independent Living Project, voiced more concerns to the interim committee about access to voting for those with disabilities. He said some machines, either new or old, don’t provide enough privacy for voters to feel comfortable their vote is secret.

Pennsylvania: Guard’s Cyber Defense Team meets with Acting Secretary of the Commonwealth | DVIDS

Members of Pennsylvania National Guard’s Cyber Defense Team met with Pennsylvania Acting Secretary of the Commonwealth Kathy Boockvar to discuss current mutual projects, including election security, in early August during a Pennsylvania State Department orientation of the Pennsylvania National Guard’s capabilities and assets which included a tour of Fort Indiantown Gap, Pennsylvania. “This visit covered a variety of topics,” explained Maj. Christine Pierce, defensive cyber operations team chief. “We have been working with multiple Pennsylvania state agencies to provide a variety of services and we were excited to assist the Pennsylvania Department of State with the 2018 midterms as well as other cyber requirements.” Pennsylvania National Guard’s Cyber Defense Team provides comprehensive cyber defense services such as: vulnerability assessments, critical infrastructure assessment, penetration testing, and network monitoring. Network monitoring assistance was provided to the Pennsylvania State Department during the 2018 midterm elections. The team is preparing to assist the Pennsylvania Department of State during the 2020 elections.

Rhode Island: Report examines ways to adopt election audit system in Rhode Island | Jennifer McDermott/Associated Press

A new report recommends how to adopt a system for auditing election results required in Rhode Island. Common Cause, Verified Voting and The Brennan Center for Justice at NYU School of Law released the report Tuesday. They helped the state design and test the risk-limiting audit system this year. Rhode Island will first use risk-limiting audits for the 2020 presidential primaries. There are three ways to do the postelection audit. The report recommends a ballot-level comparison because of its efficiency, transparency and relatively predictable cost. That type of audit would compare the vote on an individual ballot to the machine’s recording of the vote on that ballot, which requires the fewest number of ballots to be examined. The other methods, ballot polling and batch comparison, compare more ballots to totals produced by the machines and require the examination of far more ballots, John Marion, executive director of Common Cause Rhode Island, said Tuesday.

Wisconsin: Outdated systems could affect state vote | Capitol Report

A Wisconsin Elections Commission security official is expressing concern that outdated operating systems are being used by local elections clerks across the state, raising the prospect of foreign interference in Wisconsin’s elections ahead of the 2020 presidential race. In a memo, Election Security Lead Tony Bridges details how a number of local clerks are using Windows XP or Windows 7 on office computers to access the WisVote voter database. According to Bridges, failure to maintain an up-to-date operating system poses “a tremendous risk.” Security patches on Windows XP have not been supported since 2014, while Windows 7 will reach its end-of-life cycle in January 2020, meaning Microsoft will no longer provide free security updates. Bridges pointed to a recent cyberattack in Georgia that brought down systems across Jackson County and warned a similar attack could “dramatically impact voter confidence in the electoral process” in Wisconsin.

Canada: Unlike U.S., Canada plans coordinated attack on foreign election interference | Alexander Panetta and Mark Scott/Politico

Russian interference in the 2016 U.S. presidential election rattled America’s next-door neighbor so badly that Canada spent the last three years developing the most detailed plan anywhere in the Western world to combat foreign meddling in its upcoming election. But with the country’s national campaign to begin in a matter of weeks, one question remains: Will the efforts pay off? Prime Minister Justin Trudeau’s government passed new transparency rules last year for online political ads that run on platforms including Facebook and Twitter — further than what’s required in the U.S. It ordered the country’s usually tight-lipped intelligence services to go public about foreign threats. Canada also housed a G-7 project to share the latest intelligence between allies about possible foreign disinformation and created a non-partisan group to warn political parties and the public about outside interference. “The way the Canadians have responded to the problem of technology and democracy is much more impressive than what we’ve seen in Washington,” said Ben Scott, a former Hillary Clinton official, now based in Toronto, who has tracked disinformation campaigns in elections across the West. “Pound for pound, Canada is way ahead of the U.S. in terms of policy development on these issues.”

United Kingdom: “Highly likely” cross-government cell will be used to monitor interference and threats if election called | Derek du Preez/Diginomica

Senior civil servants giving evidence to the House of Lords Committee on Democracy and Digital Technology today gave insight into cross-Government work being carried out to monitor interference, disinformation and threats during elections – including the creation of an ‘election cell’ on the day of voting. Natalie Bodek, the acting deputy director of the elections division within the Cabinet Office, and Sarah Connolly, director of security and online harms at DCMS, both shared insights into how the government is collaborating across departments and agencies, as well as with social media giants, to monitor interference. Defending democracy from misinformation and digital interference has become a huge area of concern for governments across the world. Whilst no evidence has been found of online foreign interference in UK elections, it has been highlighted as a top priority by senior politicians and experts. Evidence on the topic has been collected by Parliamentary committees for some time now. A Commons Select Committee recently said that the “UK is clearly vulnerable to covert digital influence campaigns”.

National: States Upgrade Election Equipment — Wary Of ‘A Race Without A Finish Line’ | Pam Fessler/NPR

With five months before primary season begins, election officials around the country are busy buying new voting equipment. Their main focus is security, after Russians tried to hack into U.S. election systems in 2016. Intelligence officials have warned that similar attacks are likely in 2020, from either Russia or others intent on disrupting U.S. elections. Federal, state and local authorities are trying to improve the security of the nation’s voting systems before that happens. One way they’re doing that is by purchasing more machines that produce paper ballots, which can be used to verify results in the event of a cyberattack on electronic systems. … Marian Schneider, a former Pennsylvania election official, thinks whatever the counties decide, this state is in much better shape than it was in 2016, when more than 80 percent of its machines had no paper records. “You couldn’t check them. Whatever the computer said, the computer said. You were done,” Schneider says. “This is a sea change for Pennsylvania and it’s a good thing.” But Schneider, who runs Verified Voting, a national group that’s long promoted paper ballots, also says paper alone is not enough. “You have to check the paper afterwards. You have to randomly sample those ballots and make sure that the results that the software reported matches what’s on the paper ballots,” she says. She’s talking about something called a risk-limiting audit, which is becoming an increasingly popular way to verify election results. Pennsylvania is among a dozen states now testing the idea.

National: Election Security And Voting Machines: What You Need To Know | Philip Ewing/NPR

Voting systems in the United States have come a long way since the hanging chads of the 2000 recount in Florida — but now cybersecurity is as big a concern as ballot fidelity. Here’s what you need to know.

The good news

There are about 3,200 counties or their equivalents across the United States and its territories, ranging in size from Los Angeles County with around 10 million residents to Kalawao County, Hawaii, with fewer than 100. Most counties — more than 70% — have populations under about 50,000, says the National Association of Counties. That huge breadth and diversity means that most elections truly are local and it would be nearly impossible for a foreign adversary to touch them all with a single effort. Elections in the United States remain, as then-FBI Director James Comey famously told Congress, “a bit of a hairball.”

The bad news

A huge breadth and diversity of counties means a huge breadth and diversity of security capabilities. Also, every jurisdiction that runs elections in the United States doesn’t present the same kind of appeal to a foreign interference campaign. The results of a close election can depend on turnout in only a few key states or other locations, meaning some locations are under much more pressure than others.

At the same time, evidence about successful interference in an election system anywhere in the United States would raise questions about the integrity of elections everywhere. Russian cyberattackers have been able to gain access to voter databases and other systems around country, but U.S. officials say they believe no votes have been changed.

National: States brace for ransomware assaults on voter registries | Laura Hautala/CNET

Extortionists have recently shut down municipal computer systems in Texas, Maryland, Florida and New York, threatening to erase databases unless the cities pay a ransom. Now officials around the country are concerned the tool the hackers used, known as ransomware, could be tapped to target state voter registration rolls and disrupt confidence as the nation heads into the 2020 election. Illinois, for example, is making its voter registration database accessible only from a closed fiber optic network, rather than the open internet, according to Matt Deitrich, a spokesman for the State Board of Elections. The Prairie State is making progress, though it still has a way to go, he says. Less than a third of its 108 jurisdictions currently connect to the database via the dedicated network. The security effort is worth it, Deitrich says. If a hacker successfully hits even one county’s election agency with ransomware, that can create the impression the whole system is compromised. “It’s a phenomenon that can undermine voter confidence,” Deitrich said. Ransomware would be a new feature of election hacking, which came to public attention after intelligence officials said Russian hackers probed voter registries during the 2016 presidential campaign. A ransomware attack in 2020 could prove devastating, preventing voters from registering or poll workers from confirming voter eligibility, officials say. The hackers’ goal wouldn’t be changing the votes that were cast, but spreading doubt that eligible voters were able to make their voices heard.

National: Report highlights Instagram, deepfake videos as key disinformation threats in 2020 elections | Maggie Miller/The Hill

Instagram will likely be the main social media platform used to disseminate disinformation during the 2020 election, while altered “deepfake” videos of candidates will pose a threat as well, according to a report out on Wednesday.  The report on disinformation tactics during the 2020 election, put together by New York University’s (NYU) Stern Center for Business and Human Rights, also pinpointed China, Russia, and Iran as countries likely to launch such attacks against the U.S. in the lead up to the elections. But foreign states will not be alone, with NYU finding that domestic sources of disinformation, such as users within the U.S. creating and circulating it, will be more prevalent than overseas ones. Voter suppression will be the main target of both streams of disinformation, with the report warning that “unwitting Americans” could also be manipulated into participating in rallies and protests. The report from NYU emphasized that while “social media companies are playing better defense than they did in 2016,” it called on them “to step up their games in anticipation of 2020.”

National: Advocates push Census Bureau to prepare for security breaches, disinformation ahead of 2020 count | Bill Lambrecht/San Antonio Express-News

As the first U.S. census to be conducted mainly online gets underway in the coming months, warnings from the Government Accountability Office about “substantial cybersecurity challenges” and disinformation campaigns raise concerns about how such a massive operation – collecting the names, addresses and birth dates of more than 300 million people – could be undermined by malicious actors on social media. Analysts monitoring the internet say they see no evidence of concerted efforts to sow bad information about the 2020 count. Yet in one instance, a post on a neo-Nazi website encouraged people to seek temporary Census Bureau employment in order to turn in immigrants who are living in the country illegally. Census workers are sworn to protect such information. Census experts note the potential lure of the census to people with ill intent. The decennial count is the basis for drawing congressional and legislative districts for a decade and determining where more than $800 billion gets distributed annually. In Texas, an undercount of the state’s fast-growing Latino population could threaten billions in tax dollars and the prospects of gaining three seats in the U.S. House from population shifts.

Editorials: Federal Election Commission is now out of commission — that’s downright scary | Kim Wehle/The Hill

Republican Matthew S. Petersen announced his resignation from the Federal Election Commission (FEC) this week. Ho hum news this is not. What it means is that the government agency charged with overseeing compliance with the federal campaign finance laws has been gutted. It now lacks the ability to meaningfully function in the run-up to the 2020 presidential election. There are two primary takeaways here. The first is that this is not unwelcome news for conservatives — such as Senate Majority Leader Mitch McConnell (R-Ky.) — who believe that government oversight of federal campaigns is bad in general. McConnell led the years-long charge to kill the Bipartisan Campaign Reform Act of 2002 (BCRA), a feat that was largely accomplished by the Supreme Court with its 2009 decision in Citizens United v. Federal Election Commission. That case overruled on First Amendment grounds the statutory bans on soft or “issue-ad” money spent by corporations and unions close to presidential primaries and general elections. With the FEC now out of commission, there is no longer a cop on the block to enforce the remaining rules-of-the-game aimed at enhancing fair and free elections in the United States. If no cop is around to pull over speed-demon drivers, the speed limits become meaningless. Translation? It’s the Wild West in federal-campaign-land, and individual voters are the ones who will suffer for it. The second takeaway is that, once again, Congress is to blame for this travesty.

Editorials: When It Comes to Voting, You Can’t Phone It In | Stephen L. Carter/Bloomberg

A lot of people are excited about recent research suggesting that mobile voting would mean more voters casting ballots. No doubt the premise is correct. If you lower the cost of an activity, you get more of it. Still, there are reasons to be skeptical. In the third place, the security risks are obvious. In the second place, as regular readers know, I’ve long questioned whether higher turnout leads to better results. But in the first place, even if mobile voting resulted in a greater number of votes cast, we shouldn’t refer to the result as higher “turnout.” Whatever we might call it, that’s the wrong word. The notion of voter turnout has long conjured images of crowded polling places, neighbors chatting as long lines shuffle forward.  Not all traditions are valuable, but here a bit of etymology teaches an important lesson about democracy.

Georgia: Probe of missing Georgia votes finds “extreme” irregularities in black districts | Andrew O’Hehir/Salon

trove of documents turned over in a congressional probe of missing votes in Georgia’s lieutenant governor race — along with other voting issues — revealed serious irregularities. The House Oversight and Reform Committee is investigating whether voting machine errors caused a large drop-off in votes in the lieutenant governor race between Democrat Sarah Riggs Amico and Republican Geoff Duncan, who won the election by about 123,000 votes. The probe is looking at why so many fewer votes were recorded in the race compared to other statewide races, as well as the voter suppression issues that plagued the 2018 state elections. There were 159,000 fewer votes cast in the lieutenant governor race than in the gubernatorial race between Democrat Stacey Abrams and Republican Brian Kemp. While it is common for down-ballot races to see fewer votes, the lieutenant governor race had twice as much drop-off as other statewide races, even though it was the second race on the ballot, The Atlanta Journal-Constitution reported. There were 80,000 fewer votes cast for lieutenant governor than in other down-ballot races, which represents a 4 percent drop-off from the gubernatorial race, compared to a 2 percent drop-off among even less charismatic down-ballot races. For various reasons, this appears illogical. Historically, the lieutenant governor race has had a much lower drop-off rate than other statewide races in previous elections.

Georgia: Revealed: Georgia Republicans use power of state to suppress minority vote | Jordan Wilkie/The Guardian

Top Georgia Republicans continue to use the power of the state to investigate political rivals, executing a strategy that voting rights activists say is designed to intimidate voting rights organizations and activists serving minority communities. Brad Raffensperger, the secretary of state, and David Emadi, executive secretary of the Georgia Government Transparency and Campaign Finance Commission, are investigating and issuing subpoenas to political opponents, without publicly showing evidence there was wrongdoing by those parties. Georgia’s governor, Brian Kemp, pioneered the tactic as secretary of state, where he used his authority to investigate political opponents, liberal political groups and get out the vote (GOTV) organizers working in racial minority communities. To date, none of the investigations, subpoenas, arrests or prosecutions against political opponents and minority GOTV organizers have led to convictions, meaning that Kemp’s – and now Raffensperger and Emadi’s – political rivals remain innocent of charges brought against them. But voting rights activists say there is a trend in Georgia of Republicans using the power of an elected office to investigate political opponents as a voter intimidation tactic.

Iowa: DNC recommends scrapping Iowa’s virtual caucus plan | Brianne Pfannenstiel and Barbara Rodriguez/Des Moines Register

The Democratic National Committee on Friday unraveled months of progress the Iowa Democratic Party had made toward making its caucuses more accessible and inclusive, throwing the process into turmoil. The DNC announced it would not recommend approval of plans by Iowa and Nevada to enact virtual caucuses, citing broad cybersecurity concerns. The rejection upends Iowa’s plans just five months before caucus night, adding another layer of uncertainty to what has always been a complicated, volunteer-driven exercise in organizing. And it calls into question the long-term viability of the Iowa caucus system as Democrats here debate whether expanding access outweighs the importance of being first. Iowa Democratic Party chairman Troy Price struck a conciliatory tone and reassured Iowa Democrats that their place leading off the presidential nominating process is secure this February. “Iowa will be a caucus, and Iowa will be first,” he said multiple times during an afternoon news conference at the party’s headquarters in Des Moines. But as the DNC actively encourages states to move away from caucuses and toward primaries, even some Iowans questioned whether it’s time to abandon Iowa’s closely guarded caucus system.

North Dakota: New ES&S voting equipment replaces 15-year-old machines | Grand Forks Herald

Grand Forks County has received most of its new election equipment, which replaces voting machines that are about 15 years old. The Legislature authorized $8.2 million for the new machines to add to the $3 million in federal funds doled out to assist in the purchase. According to County Auditor Debbie Nelson, the equipment arrived two weeks ago and includes 40 new optical scanners, 40 new ExpressVote machines, which are unassisted voting machines, and a new central count machine was received as well. Electronic poll books have yet to arrive. The optical scanners are part of the vote counting process, according to Nelson. m“When people mark their ballot, they bring it over to the scanner to be counted,” she said. The voting machines, which are used to mark ballots, can be used by anyone. However, if any voters have difficulty seeing a ballot, they have the option of having it read to them. The central count machine is a faster ballot counting machine.

Pennsylvania: Allegheny County to ‘stress test’ prospective voting systems | Jamie Martines /Tribune-Review

The Allegheny County Board of Elections committee in charge of searching for a new voting system decided Friday to spend the next month working with vendors to test prospective systems, seeking confirmation that they can handle the high volume of complex contests in the county. A report submitted Aug. 19 by the Voting System Search Committee and discussed Friday indicates that only one of four vendors under consideration has the state and federal certification guaranteeing it can meet the county’s needs. The committee is comprised of officials from the county elections, law, purchasing, computer services, budget and finance, human resources, county manager and administrative services departments. “I was surprised too,” said board chair and Allegheny County Councilman Thomas Baker, R-Ross. “I thought we would have a couple options that were viable that we would be able to pick from. I’m learning at the same pace that you’re all learning. I had no sense, as chairman, what would be in the report.” The voting system’s software must be robust enough to handle up to 4,000 separate ballot styles during a municipal primary election, according to the report. That means a system must be able to support an election involving as many as 10,000 candidate positions and 7,000 contests across the county’s 130 municipalities and 43 school districts.

Pennsylvania: Elections board appears likely to pick ES&S voting machines for use beginning in 2020 | Christopher Huffaker/Pittsburgh Post-Gazette

The Allegheny County Board of Elections at a meeting Friday appeared to be on the verge of selecting a hand-marked paper ballot-based system from Election Systems and Security for use beginning next year. The board, composed of Common Pleas Judge Kathryn Hens-Greco, county Councilman Tom Baker and County Council President John DeFazio, had some clear reservations about ES&S regarding both the specific system they are leaning toward and the company on the whole. However, only ES&S is certified by the federal Election Assistance Commission to handle elections with as many different ballots and candidates as an Allegheny County municipal election may have. The board unanimously passed a motion by Judge Hens-Greco asking the voting machine search committee to go back to the four vendors under consideration and ask them to stress-test real past Allegheny County elections, to help evaluate their ability to handle the complexity. After the meeting, however, Judge Hens-Greco said that, even if one of the other vendors passed the test, “I think [I’d] probably not” be able to select them in good conscience.  “I don’t understand why they applied if they couldn’t meet our requirements,” she added.

Canada: 19 million Canadians have had their data breached in eight months | Francesca Fionda/CTV News

An estimated 19 million Canadians have been affected by data breaches between November 2018 and June 2019, according to numbers obtained by “Attention Control with Kevin Newman,” a new podcast that launched Monday. The numbers come from 446 breaches that were reported to the Office of the Privacy Commissioner of Canada (OPC). Victims of these kinds of data breaches are vulnerable to identity theft, financial crime, even violence in some cases. The new reporting laws that require businesses to report breaches where there could be a real risk of significant harm to the OPC and the people affected came into effect last November. Between then and June 2019, the OPC received 446 breach reports, nearly six times the number of reports received during the same time period under the previous voluntary reporting system.

Editorials: Putin’s Nightmare: The Ballot Box | Michael Khodarkovsky/The New York Times

On Sept. 8, Russians will vote in municipal and regional elections, and the authorities are afraid. Not of any foreign power’s interference in Russia’s elections — there have been no fair elections in decades — but of Russia’s own people and opposition candidates, who are far more popular than the official nominees. Moscow’s old bag of electoral tricks survives — for example, moving elections from December to early September so that summer vacations would leave challengers little time to organize. The authorities have resorted to new tricks too, like clogging the electoral system with fake candidates and putting party loyalists on the ballot as independent candidates. This year’s election will also see a new mobile digital voting system that allows people to vote online from any location. Critics say it is yet another trick to help the authorities. Leaving nothing to chance, Moscow’s electoral commission found bogus reasons to disqualify all unapproved candidates from running in the elections. And to intimidate those would-be candidates, their homes were raided and many of them were detained, brought to Police Headquarters and interrogated in the middle of the night. Yet none of that worked: Thousands of people took to the streets, beginning on July 28, to protest the election committee’s decisions. In response, the authorities deployed an overwhelming force of local and federal police who detained most opposition leaders and nearly 1,400 demonstrators.

National: 2020 presidential election: What the NSA is doing to prepare and how the agency tackled the 2018 midterms | Olivia Gazis/ CBS News

The National Security Agency has begun revealing some of its preparations for the 2020 presidential elections, drawing in part from from its previous successes during the 2018 midterm elections. But officials also warned that cyber threats from foreign adversaries were evolving, accelerating and likely to reach a growing number of targets. NSA officials outlined a three-part approach they said was key to ensuring the security of the 2018 midterms: They first sought to understand adversaries’ activities, and then shared, chiefly through the FBI and Department of Homeland Security, information with potential targets. Along with U.S. Cyber Command, the military’s cyber defense arm, officials said they also imposed unspecified “costs” on those aiming to disrupt U.S. political processes. “[W]e said… if there is an adversary or adversaries that are attempting to either influence or interfere in our elections, we’re going to take them on,” General Paul Nakasone, who leads both the NSA and U.S. Cyber Command, said at the annual Intelligence and National Security Alliance (INSA) Summit last week.  

Virginia: Georgia officials visit Virginia to review paper ballot audits | Mark Niesse/The Atlanta Journal-Constitution

Georgia election officials observed audits of paper ballots in Virginia this week to learn how to conduct similar checks for accuracy when the state installs its new voting system next year. The trip comes as the Secretary of State’s Office is crafting standards for election audits that must be in place by the November 2020 election.“Georgia has an opportunity to increase voter confidence and strengthen election security by designing effective risk-limiting audits,” said Marian Schneider, president of Verified Voting, a national election integrity organization. “After observing the audit pilots in Virginia this week, Georgia election officials are better equipped to adopt best practices and design robust post-election audits that ensure the outcome reported by tabulation machines is correct.”Elections Director Chris Harvey and Deputy General Counsel Kevin Rayburn witnessed pilot audits in the city of Manassas, Prince William County and Loudoun County on Monday and Tuesday.They learned about how Virginia elections officials store and handle ballots, take random samples for audits and examine voters’ selections. Virginia switched to paper ballots statewide in 2017.Georgia will replace its 17-year-old electronic voting machines next year with a system that produces a printed-out paper ballot.“As Georgia moves toward our new auditable paper-based system, it is important that we learn from other successful states,” said Secretary of State Brad Raffenspeger. “We’re looking forward to instituting industry best practices in order to give Georgians the most accurate voting experience to ensure voter confidence.”With Georgia’s new $107 million system, voters will pick their candidates on touchscreens that are connected to printers that create paper ballots. Voters will then be able to review their ballots before inserting them into scanners for tabulation.

National: Republicans and Democrats agree that the U.S. should strengthen election security. So why doesn’t Mitch McConnell? | Evan Crawford/The Washington Post

The Senate Intelligence Committee recently released the first volume in what will be a series of reports on Russian interference in the 2016 election. Here’s the most startling thing we learned: Russian hackers targeted election infrastructure not just in 21 or 39 states, as previously reported — but in 50 states. These efforts ranged from scanning state election websites to test for vulnerability to gaining access to the Illinois voter database and being “in a position to delete or change voter data,” according to the Senate report, though no evidence has emerged that any data was actually changed. In response, the committee made recommendations to ensure a more secure 2020 election. Election experts have long been calling for many of these actions, including increased communication between federal, state and local election officials; post-election audits; and updated voting equipment. Many of these measures were part of a bill that the House passed, the Securing America’s Federal Elections Act. But Senate Majority Leader Mitch McConnell (R-Ky.) has effectively blocked this legislation from being considered in the Senate. So where does the public stand on these issues? There’s a bipartisan consensus about election security.

National: Alex Halderman Speaks About Election Cybersecurity at CyberSec & AI Prague Conference | Avast/Security Boulevard

Alex Halderman was researching election hacking a decade before the 2016 U.S. presidential race made it front-page news. The computer science professor at the University of Michigan brought change to India’s elections, turned a U.S. voting machine into a Pac-Man arcade game, and warned Congress twice about the vulnerabilities that await 2020’s U.S. elections. Yet he is bringing a decidedly low-tech solution – a return to the backup of a “paper trail” for ballots – to one of cybersecurity’s biggest challenges when he speaks to the top minds in artificial intelligence at the CyberSec & AI Prague conference in October. Halderman has researched elections in India, Estonia, Australia, and the United States and found that – as in other areas of modern life – tech can introduce as well as address cybersecurity problems. “Countries around the world are turning to computer technology and internet-connected systems to try to make elections better, but the fact is that opens up whole new categories of risk.”

National: No Quorum At FEC Means Election Law Enforcement Is On Hold | Brian Naylor/NPR

Barring some kind of miraculous last-minute reprieve, Friday will be the last business day that the Federal Election Commission will be able to function for quite a while, leaving the enforcement of federal campaign finance laws unattended ahead of the 2020 election. The commission’s vice chairman, Matthew Petersen, announced his resignation earlier this week, to take effect at the end of the month. With Petersen gone, the FEC will be down to three members, and won’t have a quorum. In addition to collecting campaign finance data, the FEC investigates potential campaign finance violations, issues fines and gives guidance to campaigns about following election law — but not without a working quorum of at least four commissioners. “To not have the FEC able to take action right now is deeply concerning,” says Daniel Weiner, a former senior counsel at the FEC, who’s now with the Brennan Center for Justice at New York University law school. In particular, Weiner is concerned about another attempt by Russia or other actors to interfere in the 2020 election.

National: Fancy Bear Dons Plain Clothes to Try to Defeat Machine Learning | Robert Lemos/Dark Reading

An analysis of a sample published by the US government shows Russian espionage group APT28, also known as Fancy Bear, has stripped down its initial infector in an attempt to defeat ML-based defenses. The APT28 cyber-espionage group, often called “Fancy Bear” and linked to Russia, has stripped much of the malicious functionality from its initial infector, hiding it in a sea of benign code, according to an analysis published today by Cylance, a subsidiary of Blackberry. The approach shows that the group has developed greater operational sophistication, says Josh Lemos, vice president of research and intelligence at Cylance (and no relation to the author). The authors of the implant appear to be trying to hide in plain site by using well-known libraries, such as OpenSSL, and a widely used compiler, POCO C++, resulting in 99% of the more than 3 megabytes of code being classified as benign, according to Cylance’s analysis. Those steps, taken along with other newly adopted tactics, suggest the group is trying a different approach to dodge evolving defenses, Lemos says.

National: Blockchain e-voting: Backed by US candidate, hacked in Moscow | Sarah Wray/SmartCitiesWorld

The debate over blockchain-based political voting re-emerged recently as Democratic US presidential hopeful Andrew Yang backs the technology to boost voter numbers and security, while a French researcher has hacked into the blockchain-based voting system which officials plan to use next month for the 2019 Moscow City Duma election. On his campaign website, Yang states that voting should be available via mobile devices with verification through blockchain. He argues that modernising voting with decentralised ledger technology could increase security, reduce inconsistent processes between states and restore confidence in democracy. Philip Boucher, a European Policy Research Service (EPRS) policy analyst, explains the theory behind blockchain voting: “In elections, we usually have a central authority that records, checks and counts all of the votes. With blockchain, the process is decentralised so everyone can hold a copy of the full voting record on their own devices. The data is encrypted to protect the identity of individual voters. Illegitimate votes cannot be added and the historical record cannot be changed because everyone holds a copy and can check that all of the votes comply with the rules and are counted properly.” Some have even suggested that in future, blockchain votes could be encoded into ‘smart contracts’ so that the results automatically take effect “like a self-implementing manifesto”. Several countries and local authorities have explored or experimented with the idea of digital voting.

Editorials: Why November 4, 2020 could be a very bad day | Chris Cillizza/CNN

Since almost the moment Donald Trump won the White House in 2016, people have had November 3, 2020 — aka Election Day — circled on their calendars. For Trump haters, that first Tuesday in November next year is the moment when they can put an end to what they believe is a colossal mistake. For Trump backers, Election Day 2020 is their chance to prove that 2016 was no fluke — and that they want another four years of the billionaire businessman in the White House. But what if the vote on November 3, 2020 doesn’t actually settle anything? There’s been polling evidence for some time that Americans are losing faith in the ability of Americans elections to be conducted fair and squarely. In an NPR/Marist University poll conducted just before the 2018 midterm elections, almost half — 47% — of respondents said that they lacked faith that all votes cast would be counted fairly. That number was even higher among non-white voters — of whom almost 6 in 10 said it was likely not all votes would be counted. Two in 5 voters said they did not believe American elections were fair in that same poll. Other more recent data suggests there is no slackening in the doubts about fair elections. And after the events of the last three years, it’s not hard to see why there’s rising doubt among the public about fair elections.