National: ‘They think they are above the law’: the firms that own America’s voting system | The Guardian

Maryland congressman Jamie Raskin is a newcomer to the cause of reforming America’s vote-counting machines, welcomed through baptism by fire. In 2015, Maryland’s main election system vendor was bought by a parent company with ties to a Russian oligarch. The state’s election officials did not know about the purchase until July 2018, when the FBI notified them of the potential conflict. The FBI investigated and did not find any evidence of tampering or sharing of voter data. But the incident was a giant red flag as to the potential vulnerabilities of American democracy – especially as many states have outsourced vote-counting to the private sector. After all, the purchase happened while Russian agents were mounting multiple disinformation and cybersecurity campaigns to interfere with America’s 2016 general election. “To say that they don’t have any evidence of any wrongdoing is not to say that nothing untoward happened,” Raskin said. “It’s simply to say that we don’t have the evidence of it.” The fact is that democracy in the United States is now largely a secretive and privately-run affair conducted out of the public eye with little oversight. The corporations that run every aspect of American elections, from voter registration to casting and counting votes by machine, are subject to limited state and federal regulation. The companies are privately-owned and closely held, making information about ownership and financial stability difficult to obtain. The software source code and hardware design of their systems are kept as trade secrets and therefore difficult to study or investigate.

National: Election security offers leading edge in CISA’s funding push as budget hearings approach | InsideCyberSecurity

Leaders of the Cybersecurity and Infrastructure Security Agency argue that ensuring the security of the 2020 election will require increased funds for the new agency, and are citing the recent Mueller report as new evidence of CISA’s critical role in countering Russian interference. The Mueller report released last week, and renewed CISA assertions about election security, come as House lawmakers kick off review of the DHS budget for fiscal 2020 next week. CISA Director Christopher Krebs said the redacted report by special counsel Robert Mueller on Russian interference reinforces ongoing concerns about election security, while he emphasized that CISA will continue asking for more funding in this area. “When I look at the Mueller report, I think it’s an extension of prior law enforcement intelligence activity, it was pretty consistent with the intelligence community assessment,” Krebs said to Inside Cybersecurity following his speech at the AFCEA meeting of government and largely defense industry officials today. “It’s just a reinforcement that they were incredibly active in 2016, they were active in 2018, and we’re going to be ready for them in 2020,” Krebs said.

National: Mueller report: Russia hacked state databases and voting machine companies | Roll Call

The Russian military intelligence unit known by its initials GRU targeted U.S. state election offices as well as U.S. makers of voting machines, according to Mueller’s report. Victims of the Russian hacking operation “included U.S. state and local entities, such as state boards of elections (SBOEs), secretaries of state, and county governments, as well as individuals who worked for those entities,” the report said. “The GRU also targeted private technology firms responsible for manufacturing and administering election-related software and hardware, such as voter registration software and electronic polling stations.” The Russian intelligence officers at GRU exploited known vulnerabilities on websites of state and local election offices by injecting malicious SQL code on such websites that then ran commands on underlying databases to extract information. Using those techniques in June 2016, “the GRU compromised the computer network of the Illinois State Board of Elections by exploiting a vulnerability in the SBOE’s website,” the report said. “The GRU then gained access to a database containing information on millions of registered Illinois voters, and extracted data related to thousands of U.S. voters before the malicious activity was identified.”

National: Jared Kushner Dismisses Russian Election Interference as ‘Couple of Facebook Ads’ | The New York Times

Jared Kushner, President Trump’s son-in-law and senior adviser, dismissed Russia’s interference in the 2016 presidential campaign on Tuesday as a “couple of Facebook ads” and said the investigation of it was far more damaging to the country than the intrusion itself. “You look at what Russia did — you know, buying some Facebook ads to try to sow dissent and do it — and it’s a terrible thing,” Mr. Kushner said during a panel sponsored by Time magazine. “But I think the investigations, and all of the speculation that’s happened for the last two years, has had a much harsher impact on our democracy than a couple of Facebook ads.” “Quite frankly, the whole thing is just a big distraction for the country,” Mr. Kushner said in his first public comments since the release of the report of the special counsel, Robert S. Mueller III, last week. Facebook estimated that Russia-backed ads and social media posts reached 126 million Americans during the election, only about 10 million fewer than voted in 2016. Moreover, Russians hacked accounts of the Democratic National Committee and leaked damaging information about Mr. Trump’s opponent, Hillary Clinton, at critical moments during the campaign. In his report, Mr. Mueller concluded that “the Russian government interfered in the 2016 presidential election in sweeping and systematic fashion.”

National: Russia’s hack into the US election was surprisingly inexpensive, Mueller report shows | CNBC

Techniques used by state-backed Russian hackers to interfere in the 2016 U.S. elections were apparently inexpensive, experts told CNBC, highlighting the ease at which a foreign government was able to meddle in a Western democracy. The report released by special counsel Robert Mueller lays out how Russian trolls used social media to try to influence the outcome of the election in which Donald Trump was made president and outlines the way in which hackers stole documents from the campaign of Hillary Clinton. Beginning in March 2016, units of Russia’s military intelligence unit known as GRU hacked the computers and email accounts of organizations, employees and volunteers supporting the Clinton presidential campaign, including the email account of campaign chairman John Podesta, the Mueller report said. The Russian group also hacked the computer networks of the Democratic Congressional Campaign Committee (DCCC) and the Democratic National Committee (DNC). Initially, the GRU employed a hacking technique known as spearphishing. That’s when a hacker sends an email to a person that contains something like a link to a fake website or an attachment. When a person clicks that link or downloads that document, it could lead to malicious software being installed on that person’s computer or mobile device. The spoof website might ask for personal details about a person, which could include passwords to certain services they use.

National: Threats known and unknown loom in 2020 elections | FCW

U.S. cybersecurity officials are gearing up to prevent foreign malign influence campaigns from impacting the 2020 vote. Experts are divided over whether local election officials and federal agencies should expect the same type of threats targeting election infrastructure and online discourse as they experienced in 2016 or if they should expect the unexpected. On Election Day in 2018, federal officials said they had no indication that voting infrastructure was successfully targeted by cyberattacks or other efforts at manipulation designed to strike voters from the rolls, change vote counts or hinder officials from completing election tallies. But the issue of influence campaigns and as yet unknown vectors of attack remain ripe for discussion as the nation heads into the 2020 vote. Matthew Masterson, a senior advisor at DHS who focuses on election security, said at an April 23 cybersecurity conference that he spends “a lot of time thinking through that undermining confidence [angle] and ways that we can build that resilience, because the reality is you don’t actually even have to touch a system to push a narrative that undermines confidence in the elections process.” Liisa Past, former Chief Research Officer at the Cyber Security Branch of the Estonian Information System Authority, said at the same event that election influence campaigns operate on multiple fronts.

Editorials: The 2020 Election Is Going to Make 2016 Look Like a Student Council Election | Matt Lewis/Daily Beast

It’s time we face facts about 2020. It will be so dirty, brimming with disinformation, and packed with hackers that it’ll make 2016 look like a student council election. On Sunday, Rudy Giuliani went on CNN’s State of the Union and declared, “There’s nothing wrong with taking information from Russians.” “You’re assuming that the giving of information is a campaign contribution,” Rudy averred to CNN’s Jake Tapper. “Read the report carefully. The report says we can’t conclude that because the law is pretty much against that. People get information from this person, that person.” Talk about defining deviancy down. Of course, Rudy’s interpretation is open to debate. My read of the Mueller report suggests that opposition research may constitute a “thing of value,” which is tantamount to a contribution. The question, though, is whether anyone on Trump’s team “knowingly and willfully” violated the law. Intent is hard to prove. But let’s assume that Rudy is correct about the legality (he’s a lawyer—I’m not). As the president’s personal attorney, his words have weight. And taking Rudy at his word, why wouldn’t a 2020 campaign be willing to avail itself of information from Russia, Turkey, or China? And why wouldn’t Russia, Turkey, or China oblige?

Delaware: Making each vote count | Sussex Living

Voters heading to the school board elections next month will find something new: updated voting machines, the first major change in more than 20 years to the way the First State casts ballots. Its time had come, State Election Commissioner Elaine Manlove said. The old machines, from 1996, were obsolete. “The process actually started a few years ago,” she said. “The ballots in the old machines were using Windows XP, and that’s not supported anymore.” Realizing the need, the General Assembly in 2016 formed a Voting Equipment Selection Task Force with Manlove as its chairwoman. Manlove was tasked to research and select up to five vendors for presentation to the task force by March 2017. The committee would recommend which would get a state contract. The panel, however, did not get to work until March 2017, not wrapping up until about three months later. Manlove said a lack of available appointees from the incoming Carney administration and delays by the state Senate in appointing its members to the panel accounted for the lack of progress. Before the task force released any information on the vendors, Delaware’s nonpartisan Common Cause group published the bid documents online and, at the same time, advocated for a paper ballot system it argued was less expensive and not subject to some of the security woes of other electronic systems.

Florida: Former Sen. Bill Nelson says Florida hacking claims vindicated by Mueller report | The Washington Post

A politician is declaring victory after the Mueller report, and it’s not the one you’re thinking of. Former Sen. Bill Nelson (D-Fla.) told The Cybersecurity 202 in a statement that the special counsel’s report vindicates his claims before the 2018 midterms that hackers had penetrated Florida county-level computer networks and could cause grave harm. The FBI and Homeland Security Department both disputed those statements last year as did Florida election officials. The Washington Post’s Fact Checker gave the comments four Pinocchios. The Mueller report provides some context for Nelson’s claim, revealing for the first time that the FBI believes Kremlin hackers did penetrate the networks of “at least one” Florida county before the 2016 election. But the report, which was released in redacted form Thursday, does not back up the full claim from Nelson, who ultimately lost his reelection bid in 2018 to then-Florida Gov. Rick Scott (R), made during the heat of the campaign. Specifically, Nelson told the Tampa Bay Times that Russian hackers were active inside Florida county networks in 2018, which isn’t stated in the Mueller report. (However, it’s not directly refuted, either.)

Georgia: Election Security Bill Hangs on Governor’s Signature | Atlanta Journal-Constitution

When some Georgia voters showed up at the polls last fall, their registrations had mysteriously disappeared without a trace. They couldn’t vote except on provisional ballots. The unsolved case of the missing voter registrations and a federal lawsuit prompted state lawmakers to pass a bill requiring election officials to strengthen protections against hacking, tampering and computer errors.Secretary of State Brad Raffensperger would be responsible for creating security protocols for voter registration information consistent with standards set by national cybersecurity and election organizations, according to House Bill 392.The bill is awaiting Gov. Brian Kemp’s signature or veto. Kemp’s office didn’t respond to an email seeking comment.“If the governor signs it, this bill will represent a significant upgrade to the security of the system,” said Max Feldman, an attorney for the Brennan Center for Justice, a policy institute at New York University focused on democracy and criminal justice that is representing plaintiffs in the lawsuit. “Ensuring that any sort of gaps in security that would expose voters’ registration information or allow third parties to change registration information on the voter registration list is what we’re hoping will be addressed here.”Deputy Secretary of State Jordan Fuchs said the legislation puts the force of law behind the state’s existing security procedures.“Security of the voting system is Secretary Raffensperger’s top priority,” Fuchs said. “This law recognizes that priority and should help put an end to unfounded speculation and meritless claims that our election data is not secure.”

Minnesota: Partisan drama erupts over election security funds as Republicans skip possible vote | Twin Cities Pioneer Press

What was supposed to be one of the biggest no-brainers of the Minnesota Legislature has erupted into a partisan issue with Republican lawmakers blocking the spending of federal election dollars that every other state in the nation has put to use. On Tuesday, three Republican senators for the second time skipped a meeting that could have resulted in a vote on up to $6.6 million in federal funds that have been approved for more than a year for election cybersecurity as part of the Help America Vote Act, or HAVA. In an odd twist: the Republican Senators aren’t saying exactly why they’re blocking it. With the release of special counsel Robert Mueller’s report detailing Russian meddling in U.S. elections, and election officials warning that now is the time to gird against hacking attempts in the 2020 elections, the issue has taken on added urgency as the Legislature hurtles toward a tense final weeks when disagreements over larger issues often drags down smaller issues. That’s what happened last year when Gov. Mark Dayton vetoed a massive bill that contained volumes of unrelated matters, including a portion of the HAVA funds. The stalling of the money has caught Democrats, including Secretary of State Steve Simon, off guard because the money is sitting in a federal account; it’s not new money and requires only $167,000 in state spending for a local match to free up the federal funds. That’s a pittance of the state’s nearly $50 billion two-year budget.

Editorials: Whether our elections were hacked or not, New Jersey needs new voting machines, politician says | Brendan W. Gill/nj.com

As the election year of 2020 approaches, it is clear that technology has changed the world we live in. The overwhelming majority of the changes have been beneficial, but we must always remember that as time and technology progress, we must adapt accordingly. In the days, months, and years following our most recent presidential election, all of us have been bombarded with allegations and news coverage about the possibility that our elections were manipulated. I am compelled to express, emphatically, that protecting the accuracy and veracity of our election results is the most important issue that we need to address to protect our democracy. To that end, I wholeheartedly support Essex County purchasing voting machines that will employ the use of optical scanners and hand-written ballots. My decision to support the purchase and implementation of these voting machines is not driven by the results of the previous presidential election, or any election. There have been many occasions in which an entire segment of a given electorate has been disappointed with the outcome at the polls. However, we can all agree that the integrity of our voting process must be protected.

Utah: Election officials working to thwart cyberattacks like those detailed in Mueller report | Deseret News

While questions continue to resonate after last week’s release of the Mueller report, one of the few undisputed conclusions in the epic document was that the Russian government interfered with the 2016 U.S. elections “in sweeping and systematic fashion.” And special counsel Robert Mueller’s team unveiled new allegations about how Russian intelligence group GRU targeted the country’s election apparatus — even down to the level of county election offices — in an attempt to disrupt and manipulate outcomes. Techniques employed by those state actors underscored what continues to be the most vulnerable component of any cybersecurity system — human operators. Utah election officials say the impacts of those intrusion attempts, on their radars long before the Mueller report became public, have elevated the work and money that is going into keeping the state’s own election process free from bad actors. And the process is one that has no end in sight.

Bulgaria: Election Commission picks company to supply voting machines | The Sofia Globe

Bulgaria’s Central Election Commission (CEC) has picked a winner in the tender for the hire of 3000 voting machines for the country’s May 26 European Parliament elections. Three bidders submitted offers before the deadline, but CEC said that two were disqualified – one on the grounds that its bid was higher than the 7.5 million leva (about 3.8 million euro) cost ceiling set by CEC, the other because its offer did not meet the technical specifications set by the watchdog. The winner, Ciela Norma, said that it was prepared to meet all the deadlines even though it faced a slew of issues. A company official told public broadcaster Bulgarian National Television (BNT) that some voting machines were yet to be manufactured and shipped to Bulgaria and the software was not ready, given that CEC was yet to finalise its requirements on the printouts produced by the voting machines. Under the terms of CEC’s tender, the machines have to be delivered by May 10, with software installation due to be completed by May 15, followed by 10 days for certification and audits. The voting machines would be then shipped to voting precincts on May 25.

Egypt: Referendum on Extending Sissi’s Rule Riddled with Irregularities | VoA News

As voters lined up outside the polls in Cairo Saturday, music blared and some among the crowds danced and waved Egyptian flags. Many people held flyers with a photograph of President Abdel-Fattah el-Sissi and a green checkmark. The message? Vote “yes.” If passed, the constitutional changes proposed in the ballot could extend the president’s rule to 2030, and deepen the military’s role in communities. The Egyptian Parliament overwhelmingly supported the changes and announced the national vote on Wednesday. Results are expected by April 27. Opponents to the measure say the changes will roll back the democratic dreams of 2011, when a popular uprising lead to the ousting of 30-year dictator, Hosni Mubarak and that the referendum is marred by corruption and coercion. Supporters say a secure leadership will make Egypt safer and help the country climb out of economic crisis. “The legislative impact would be basically handing over all powers to the presidency,” explained Hisham Kassem, a veteran Egyptian publisher and analyst in an interview ahead of the vote.

Ukraine: How IBM X-Force IRIS Prepared for the Ukraine Election | Security Intelligence

You may not have been aware there was a presidential election in Ukraine last Sunday, but all eyes in the cybersecurity and intelligence communities were keenly focused on this event. In the past few years, cyberattacks targeting elections in democratic countries, including the U.S., have become increasingly disruptive. And in the past few months, international observers have seen disinformation campaigns attempting to influence the outcome of the Ukraine election. Leading up to the election, the IBM X-Force Incident Response and Intelligence Services (IRIS) team had been preparing to observe and analyze possible attempts of foreign interference in the election. Although it appears that a major cyber disaster was averted, we were ready for the worst. After the cascading damage of the NotPetya attack in 2017 — which originally targeted Ukraine before hitting organizations and users in dozens of countries, at an estimated cost of up to $10 billion, according to Wired — we recognize that the risk of a major cyberattack on Ukraine could be the bleed-over to the rest of the world. IBM Security has many clients, including some of the largest financial and logistics companies, that need to be resilient in an attack or face potential damages in the millions or hundreds of millions of dollars. We needed to prepare a response to go at a moment’s notice.

National: America’s new voting machines bring new fears of election tampering | The Guardian

By design, tens of millions of votes are cast across America on machines that cannot be audited, where the votes cannot be verified, and there is no meaningful paper trail to catch problems – such as a major error or a hack. For almost 17 years, states and counties around the country have conducted elections on machines that have been repeatedly shown to be vulnerable to hacking, errors, breakdowns, and that leave behind no proof that the votes counted actually match the votes that were cast. Now, in a climate of fear and suspicion over attacks to America’s voting system sparked by Russia’s attacks on the 2016 elections, states and counties across the country are working to replace these outdated machines with new ones. The goal is to make the 2020 elections secure. “There’s a lot of work to do before 2020 but I think there’s definitely opportunities to make sure that the reported outcomes are correct in 2020,” said Marian Schneider, president of the election integrity watchdog Verified Voting. “I think that people are focusing on it in a way that has never happened before. It’s thanks to the Russians.” The purchases replace machines from the turn of the century that raise serious security concerns. But the same companies that made and sold those machines are behind the new generation of technology, and a history of distrust between election security advocates and voting machine vendors has led to a bitter debate over the viability of the new voting equipment – leaving some campaigners wondering if America’s election system in 2020 might still be just as vulnerable to attack.

National: Mueller report highlights scope of election security challenge | The Washington Post

Special counsel Robert S. Mueller III’s investigation of the “sweeping and systematic fashion” in which Russia interfered in the 2016 election highlights the breadth and complexity of the U.S. voting infrastructure that needs protecting. From voter registration to the vote itself to election night tabulation, there are countless computers and databases that offer avenues for foreign adversaries to try to create havoc and undermine trust in the democratic process. In addition to targeting the Democratic Party and Clinton campaign in 2016, Mueller noted in his report, Russian hackers also went after election technology firms and county officials who administer the vote — officials often without the resources to hire information technology staffs. [Through email leaks and propaganda, Russians sought to elect Trump, Mueller finds] “The Mueller report makes clear that there’s a much larger infrastructure that we have to protect,” said Lawrence Norden, an election security expert at New York University Law School’s Brennan Center for Justice. “There’s clearly a lot to do before 2020.”

National: Cyber aspects of Mueller report tread familiar ground on ’16 election hacks | InsideCyberSecurity

The redacted Mueller report on Russia and the 2016 elections contains politically contentious elements on collusion and obstruction of justice, but the aspects directly related to cybersecurity largely have been released and absorbed through earlier reports and indictments. The document released Thursday by the Justice Department is in a format that’s not searchable, but there are parts on cyber issues such as botnets, which is heavily redacted, and lengthy discussion of what Russian agents did to hack into computers associated with the presidential campaign of Democrat Hillary Clinton. The basic cybersecurity issues involved have been known for some time and were reflected in the Senate Intelligence Committee’s election-security recommendations issued in March 2018. Intelligence Chairman Richard Burr (R-NC) said Thursday that final reports from his committee’s Russia probe will begin coming out in a matter of “weeks.”

National: Mueller Report: Russia Funded US Election Snooping, Manipulation with Bitcoin | GCN

It is no news by now that the long-awaited Mueller Report has revealed extensive Russian efforts to interfere with the 2016 U.S. presidential election. While much attention has been focused on whether or not president Donald Trump was in any way complicit with these efforts, what is less reported is that the report showed that state-backed Russian operatives used bitcoin extensively in their attempts to impede Hilary Clinton and help Donald Trump’s campaign. According to the report, agents working on behalf of Russian military intelligence used bitcoin to do everything from purchasing VPNs to buying domains hosting political propaganda. This was part of a wide-reaching and apparently successful attempt to hack the 2016 election that saw Trump emerge victorious against all expectations. While this may not be news to anyone familiar with cryptocurrencies, the Russian agents apparently worked under the mistaken assumption that the mere fact of their transactions being carried out using cryptocurrency made them anonymous and untraceable. In fact, as has been demonstrated several times, bitcoin transactions are not that difficult to trace, given the presence of some key data.

National: 2020 Campaigns Are Still Vulnerable to Cyber Attacks | Time

Most Americans aren’t yet paying a lot of attention to the 2020 presidential campaign. The same can’t be said for Russian spies. Aides and advisers to the vast field of Democratic hopefuls are ringing alarm bells, telling their bosses they should assume that Moscow is laying the groundwork to disrupt, if not derail, their campaigns, just as Russian intelligence did to Hillary Clinton’s in 2016. But interviews with the campaigns show cyber security is a secondary concern, with most of the campaigns contacted by TIME say they have not “finalized” their tech plan or hired a security chief. The biggest problem is money. Every campaign focuses vast amounts of effort raising money to compete on ground troops, ads and campaign offices in key locations. Spending precious cash on cyber tools, whose successful deployment results in a non-event, is hard to defend. “There’s nothing sexy about it,” says Mike Sager, the chief technology officer at EMILY’s List, a group that works to elect women who support abortion rights. But, he says, “the folks who have been through it, who know what happens when you don’t do this, get it.” Nobody disputes the threat. Russia’s larger goals remain the same as they were in 2016: making American democracy look bad. “It is about the legitimacy of democracy and about the trust people have in their democracy,” said Eric Rosenbach, a former Pentagon chief of staff who now heads Harvard’s Defending Digital Democracy program. “Unfortunately, there are a lot of different ways in the information age that bad actors and nefarious nation-states can undermine that.”

National: Democrats Urge Judge Not to Dismiss Russian Hacking Suit | Bloomberg

While much of the U.S. was poring over the Mueller Report, the Democratic National Committee argued Thursday that its civil suit against President Donald Trump, the Russian Federation, WikiLeaks and members of the Trump campaign and White House should go forward. The DNC claims the defendants violated U.S. racketeering, computer fraud and other laws by conspiring to hack emails from DNC computers and leak them in advance of the 2016 election in a “brazen attack on American democracy.” The conspiracy sought to help Trump become president and continued into his presidency, according to the DNC. “After securing Trump’s grip on power, defendants worked tirelessly to keep it, lying to the American public, Congress, the Justice Department and the FBI to conceal any misconduct that jeopardized Trump’s presidency,” the DNC said in court papers filed late Thursday in Manhattan federal court.

Editorials: It’s up to Congress to prevent Russian interference from happening again | The Washington Post

Whether President Trump obstructed justice is a crucial question, the answer to which special counsel Robert S. Mueller III implied but did not state clearly. What is crystal clear in his 448-page report is a conclusion that Mr. Trump, charged with making the highest-level national security decisions, has routinely denied: “The Russian government interfered in the 2016 presidential election in sweeping and systematic fashion.” One reaction from Congress must be to weigh the evidence of obstruction. The other must be to ensure that Russia — and any other hostile actor — does not succeed in interfering again. Mr. Mueller, confirming the long-standing conclusions of the U.S. intelligence community, found that the Kremlin ran a social media campaign that evolved from a program “to provoke and amplify political and social discord in the United States” and “to sow discord in the U.S. political system through what it termed ‘information warfare’” into one “that favored presidential candidate Donald J. Trump and disparaged presidential candidate Hillary Clinton.” Meanwhile, Russian military intelligence hacked the Democratic National Committee’s servers and the Clinton campaign, then released damaging material at strategic times. It remains outrageous that Mr. Trump, having benefited from the Kremlin’s meddling, continually plays down Russia’s election-year activities — and, indeed, has pursued a closer relationship with Russian President Vladimir Putin — even while the leaders he picked to run the U.S. intelligence community repeat that Russia is culpable and likely to try again.

Editorials: Russia’s next election hack | Alan Berger/The Boston Globe

It is hardly surprising that coverage of the Mueller report centers on the domestic political effects of the special counsel’s findings. But we Americans would be making a serious mistake if we overlook the international repercussions of a Kremlin influence operation that historians may recognize as Vladimir Putin’s American putsch. It may be that Putin’s troll farms did not need the polling data that Trump backers provided. The hackers employed by Russia’s military intelligence service might have had their own means of determining how to target Bernie Sanders supporters who could be persuaded to stay home or vote for Jill Stein; black voters who could be reminded about Hillary Clinton’s allusions to “super predators”;’ or industrial workers in Michigan, Wisconsin, and western Pennsylvania who voted twice for Barack Obama but were persuaded to vote for Donald Trump to protect their jobs from an imaginary tidal wave of immigrants. However much these operational details might bedevil investigators and the American public, the crucial lesson for autocrats and spy chiefs around the world is that a cheap hacking operation by Putin’s hired temps could shape the political destiny of the most powerful country in the world. And if Trump could be elevated to the White House by Putin’s spooks, maybe he could be replaced by a candidate who would be even more convenient — for Russia and for select friends of the Kremlin.

Arizona: Mueller report says Russian hacking once went through Arizona server | Cronkite News

The road from Washington to St. Petersburg apparently passes through Arizona – at least the cyber-road does. That’s according to the long-awaited Mueller report on the two-year investigation into possible Russian meddling in the 2016 presidential election. Buried in the 448-page report is a little more than a page that said Russian intelligence officers used a “leased computer” in Arizona to help funnel information that was stolen from hacked Democratic Party computers. About half of the page on the Arizona server is redacted because the information relates to an “investigative technique” – one of the areas blacked out from the report, along with information about grand jury testimony, ongoing investigation and privacy concerns. The unredacted portions do not reveal where in Arizona the leased computer was located or which company might have leased it.

Florida: Scott demands FBI information on Russian hacking | Politico

Sen. Rick Scott today demanded that the FBI release information about a suspected Russian hack of at least one Florida county, a revelation that came to light in Thursday’s report from special counsel Robert Mueller. The Florida Republican, in a letter to FBI Director Christopher Wray, asked the agency to provide information to both Congress and the Florida Department of State. He asked the FBI to identify which Florida county had been compromised and gave the agency seven days to comply. “It is my goal to have free and fair elections with zero fraud,” wrote Scott, who noted his push to spend money on election cybersecurity ahead of the 2018 elections. “This is a very serious issue that needs the immediate attention of the FBI.” The FBI did not immediately reply to a request for comment.

Minnesota: While hackers threaten 2020 election systems, politics intruding on security fixes | Minneapolis Star Tribune

Despite broad agreement that foreign hackers will again target American voting systems in 2020, partisan friction in St. Paul and Washington has stalled efforts to bolster election security, with less than a year to go before Minnesotans cast presidential primary ballots. The delay has alarmed elections officials and cybersecurity experts who warn of a repeat of 2016, when Russians targeted Minnesota and 20 other states in what special counsel Robert Mueller’s report, released Thursday, called a “sweeping and systematic fashion.” “Hackers learn from hackers: The question becomes if [Russia] can do it, why wouldn’t any hacker around the world do it?” said Clint Watts, a former FBI agent and cybersecurity scholar. “We can talk Russia all day, but everybody knows this can be done now.” Amid the warnings of Russian interference, Minnesota lawmakers remain at odds over using more than $6 million in federal funds approved by Congress more than a year ago to shore up election security. Minnesota is the only state that has yet to touch its share of the $380 million federal appropriation. At the same time, a measure co-sponsored by Minnesota U.S. Sen. Amy Klobuchar to improve cybersecurity information sharing between federal agencies and local election workers also is at a standstill. Local officials warn that time is running out.

New Jersey: Who will pay to upgrade New Jersey’s voting technology? | WKXW

Counties are preparing to adopt the latest in election technology – but progress could depend on whether and when the state pays for the upgrade. As part of their effort to get lawmakers, freeholders and others familiar with what’s available, the New Jersey Association of Election Officials recently held a trade show at the Trenton War Memorial showing off the current state of technology – items common in some states but rare, for now, in New Jersey. Cape May County Clerk Rita Fulginiti said the pace for the updates will depend on state law and state funding. “It will cost a lot to upgrade to better equipment, but it’s all about the voter and making voting systems accessible to the voter,” Fulginiti said. New Jersey would need to spend $64 million to upgrade all the voting machines in the state, New York University’s Brennan Center for Justice estimates.

North Carolina: Mueller report: Did Russian government hack 2016 North Carolina voting? | Raleigh News & Observer

The Mueller report released Thursday found that Russian spies successfully hacked into a U.S. voting software company during the 2016 elections, and North Carolina officials think there’s a chance it was software that’s in use here. The N.C. Board of Elections now has sent a letter to VR Systems, whose voting software was used by 21 North Carolina counties in 2016. The letter, which was first reported by WRAL, asks the company to “provide immediate, written insurance regarding the security of your network.” The Mueller report didn’t specifically name the company. But VR Systems confirmed in a written statement that it’s the company in question. The company’s software can’t be used to count or change votes. Instead, it manages the electronic polling books used to check in voters, to make sure people don’t vote twice. The Mueller report found that “Russian cyber actors in 2016 targeted” the company, and “installed malware on the company network.” Durham County, which had numerous problems and delays in the 2016 elections, was using the company’s check-in software at the time. The Mueller report does not go into the full extent of the hacking, and while it does say at least one Florida county was hacked, the report does not name any North Carolina successes for the hackers.