Australia: Electoral systems get 24×7 monitoring for 2019 election | iTnews

Australia’s electoral systems will be actively monitored around the clock by a new security operations centre during the upcoming federal election. The Australian Electoral Commission has put out the call for vendors capable of providing “short-term, event based security monitoring” of its internal systems in a bid to protect against unauthorised interference. The centre would be used to detect “common or generic system or network compromises or compromise attempts against the AEC’ systems” in the lead up to, during and following the election. It will also spot “defined specific compromise attempts against electoral systems”, according to a brief posted on the digital marketplace late last month.

Australia: Pencil manufacturers rejoice: Oz government doesn’t like e-voting – Paper’s safer, says parliamentary committee | The Register

An Australian parliamentary committee has nixed the idea of internet voting for federal elections Down Under, for now. The Joint Standing Committee on Electoral Matters has delivered its report into the 2013 federal election, and in it, the body decided that there are plenty of ways technology can help elections – but ditching the country’s pencil-and-paper ballots isn’t one of them. The committee said technology “is not sufficiently mature for an election to be conducted through a full scale electronic voting process.” “Despite public enthusiasm for electronic voting, there are a number of serious problems with regard to electronic voting – particularly in relation to cost, security and verification of results”, the committee reported.

Australia: Coalition pushes for voter identification laws and launches attack on GetUp | The Guardian

Coalition MPs and senators have called for voter identification laws but Labor has warned such a push would amount to “a pathway to voter suppression”. The recommendation is contained in joint standing committee on electoral matters report on the 2016 election, which also calls for a higher bar to register a minor party and consideration of higher penalties for non-voting and tax deductibility of political donations. The Liberal chair, James McGrath, also used his foreword to the report to launch a stinging attack on GetUp, accusing it of providing “misleading information”. He said this was a “potential contempt of the parliament”, a claim rejected on Wednesday by the Speaker of the House. The Coalition-controlled committee recommended voters be made to verify their identity or their address at polling places by producing documents such as a driver’s licence, Medicare card or utilities bill.

Australia: NSW government finally released ‘net vote system review, says everything’s just fine Including, wait for it, ‘security through obscurity’. No, really | The Register

Australia’s New South Wales Electoral Commission has given its electronic voting system a clean bill of health, dismissing hacking fears as “theoretical,” and accepting a PWC report saying the system to date was protected by “security through obscurity”. Reviews of election processes are routine, and in 2016, the NSW Joint Standing Committee on Electoral Matters kicked off the Wilkins report. It was completed in May of this year, but was only recently made public (PDF). NSW’s “iVote” system was used by nearly 300,000 citizens in the 2015 election, a week after Melbourne University crypto-boffins Dr Vanessa Teague and Dr Chris Culnane demonstrated a FREAK-bug-like “theoretical attack”.

Australia: Landslide state election loss rattles Australia’s minority government | Reuters

The Labor government in the Australian state of Victoria won an unexpectedly large majority in an election that analysts say is a warning to the country’s ruling conservative government ahead of national polls due in six months. Victoria is Australia’s second most populous state, and the poll is seen as a barometer of voter sentiment towards the nation’s conservative Liberal and National government. The governing coalition has been a minority government since October when they lost their one-seat majority after former Prime Minister Malcolm Turnbull, ousted by conservatives in a party-room coup, resigned.

Australia: Government rules out dual election option, says poll will be ‘next year’ | Sydney Morning Herald

The Morrison government has ruled out a “dual election” scenario where Australian voters would go to two federal elections next year, after talks about the option emerged in the media. Special Minister of State Alex Hawke dismissed the idea and insisted on the standard timetable for an election next year. “The government has no plans for a dual election. The election is due next year, as required,” Mr Hawke tweeted. Prime Minister Scott Morrison’s office also rejected the option, saying “the government has no plans for a dual election” and also stipulating the election would be next year, as Mr Morrison continues a bus tour in regional Queensland to listen to voters.

Australia: Minority government confirmed as critical by-election result announced | Reuters

Australia’s conservative government has lost its parliamentary majority after an independent candidate was on Monday confirmed the winner in a critical by-election. Voters in the wealthy seaside constituency of Wentworth, in Sydney’s east, went to the polls on Oct 20 to chose a replacement for former prime minister Malcolm Turnbull, who quit politics in August after he was ousted by his own party. Widespread voter anger at Turnbull’s demise saw the ruling Liberal party hemorrhage votes, though the race narrowed to come down to a several thousand postal votes.

Australia: ​Electoral Commission seeks advice on overhauling 30-year-old systems | ZDNet

The Australian Electoral Commission (AEC) wants to overhaul its election systems, but it doesn’t exactly know how such overhaul will look, or what it will comprise of. The AEC published a request for information (RFI) this week, seeking specifically “innovative” ideas and approaches to designing and delivering an Election Systems Modernisation Program, asking the market for guidance on everything from procurement constraints to the end result. The core software platforms currently in place at the AEC have been in use for almost 30 years, the RFI revealed, with the AEC’s systems environment consisting of approximately 93 systems and supporting sub-systems. The 90-plus systems deliver services to citizens and political parties, support the work of the AEC, and provide integration and interface services, the AEC explained.

Australia: State government hacked in massive computer network attacks | WAToday

The state government has faced a massive onslaught of computer network attacks since the last election, with tens of millions of attempted intrusions and successful hacks on the Premier’s department, Main Roads, the finance and local government departments. In answers to parliamentary questions asked by opposition frontbencher Zak Kirkup, the government also revealed it had been subject to attacks on its information systems by “nation-state foreign actors”. The Department of Finance, which also provides information security for the Department of Treasury, bore the brunt of the attacks, recording 15.5 million intrusion attempts on its networks and website. Of these, 11 attacks were successful, but Treasurer Ben Wyatt said there had been “no indication that any Cabinet or customer-related material was compromised”.

Australia: E-voting systems are still too vulnerable to be feasible for Australia | Tech Wire Asia

Voting in Australia has long followed the same formula – use pencils to mark on a piece of paper behind a cardboard booth, then folding said paper and slotting it into a box. For years, having humans manually count paper ballots have created an electoral system that is deemed highly secure and tamper-resistant. Compulsory voting in the country has helped secure against suppression tactics that have affected elections in the US and the UK. In the digital age, it is tempting to move voting online; the Australian Electoral Commission (AEC) tried dabbling in e-voting in 2013. However, experts warned that e-voting brings more harm than good. The trouble of electronic voting has been in the spotlight for the past few years at DefCon, the world’s largest hacker conference taking place annually in the US, where hackers have been showcasing vulnerabilities to the US election equipment, databases, and infrastructure. In fact, this year an 11-year-old managed to hack into replica websites to manipulate vote tallies in just 10 minutes.

Australia: If it ain’t broke, don’t fix it: Australia should stay away from electronic voting | IDM Magazine

The civic experience of interacting with analogue voting interfaces is as Australian as the democracy sausage. Voters are confronted with tiny pencils, plus physical security measures that involve huddling in a cardboard booth and origami-scale folding. The use of paper ballots – and human counting of those ballots – creates one of the most secure electoral systems imaginable. And the Australian tradition provides another sometimes under-recognised component of electoral security: compulsory voting. This practice secures against the voter suppression tactics used to undermine elections in the United States. In the digital era, smartphones are so prevalent that it might seem tempting to move to voting online. In 2013 the Australian Electoral Commission (AEC) explored internet voting. But cyber security experts say: if it ain’t broke, don’t fix it. The problems the US has had with electronic voting provide a perfect illustration of what can go wrong.

Australia: Intelligence officials plan to repel fake news in Australian federal election | Financial Review

Australian intelligence and government officials are working on the best means to repel attacks from foreign actors attempting to cause unrest and interfere with the 2019 federal election via the dissemination of fake news of platforms such as Facebook, Twitter and Google. A new wave of election interference came into the spotlight following the shock election of Donald Trump as US president in 2016. Russia-linked accounts were discovered to have been circulating false stories over Facebook, Twitter and Google before the election in an attempt to whip up social and political unrest with outlandish claims which many Americans believed.

Australia: Facebook working with Australian authorities to improve election integrity | AdNews

Facebook’s Australia boss Will Easton says the social media giant is working with local authorities to ensure next year’s federal election is not influenced by fake accounts and bad actors manipulating users on the social media platform, according to an interview with Fairfax Media. Easton said its policy team is working with the government on election integrity in a effort to prevent an Australian version of the Cambridge Analytica scandal where user data was harvested and then used by political strategists to manipulate and influence users to vote for Donald Trump in the US election. “Our policy team are in constant connection with the government around a number of different areas and election integrity is clearly a part of that. We’re very proactively talking to the election authorities in Australia about potential elections coming up,” he told the Fairfax Media.

Australia: If it ain’t broke, don’t fix it: Australia should stay away from electronic voting | The Conversation

The civic experience of interacting with analogue voting interfaces is as Australian as the democracy sausage. Voters are confronted with tiny pencils, plus physical security measures that involve huddling in a cardboard booth and origami-scale folding. The use of paper ballots – and human counting of those ballots – creates one of the most secure electoral systems imaginable. And the Australian tradition provides another sometimes under-recognised component of electoral security: compulsory voting. This practice secures against the voter suppression tactics used to undermine elections in the United States. In the digital era, smartphones are so prevalent that it might seem tempting to move to voting online. In 2013 the Australian Electoral Commission (AEC) explored internet voting. But cyber security experts say: if it ain’t broke, don’t fix it.

Australia: MP warns of cyber threat to Australian elections | Computerworld

The shadow assistant minister for cyber security, Gai Brodtmann, has called for the government to classify Australia’s election systems as a “critical infrastructure sector” under the Trusted Information Sharing Network in order to “overlay the appropriate scrutiny and assurance mechanisms to assure the Australian people of the cyber resilience of their democracy”. The Labor MP, who earlier this month announced she would not contest the next election, cited concerns over alleged attempts to influence the US and French elections as well as the denial of service attacks on the 2016 Census. The TISN is an initiative to boost information sharing and collaboration between critical infrastructure operators.

Australia: Want to hack the Western Australia government? Try ‘Password123’ | Computerworld

A staggering 60,000 out of 234,0000 active accounts at a range of WA government agencies were potentially at risk of a dictionary attack due to their weak passwords, a review by the state’s auditor general has found. The state’s auditor general today upheld a venerable WA government information security tradition, slamming agencies for poor practices when it came to passwords and other protective measures. For the report, the WA Office of the Auditor General obtained encrypted password data from 23 Active Directory environments across 17 agencies. Using a selection of password dictionaries it found that tens of thousands of users had chosen weak passwords including “Password123” (1464 accounts), “password1” (813), “password” (184), “password2” (142) and “Password01” (118). “‘After repeatedly raising password risks with agencies, it is unacceptable that people are still using Password123 and abcd1234 to access critical agency systems and information,” said Western Australia’s auditor general, Caroline Spencer.

Australia: Flaws in ACT election systems could reveal voters’ votes | ZDNet

Two newly revealed flaws in the Australian Capital Territory (ACT) electronic voting systems could have allowed voters to be linked to their votes, breaking the core democratic concept of the secret ballot. The vulnerabilities were disclosed in a detailed technical write-up on Monday by independent security researcher T Wilson-Brown, who originally discovered and confirmed the flaws in early January. Elections ACT had agreed in March to public disclosure on April 9, but on April 10 it pulled out. Four months later, Wilson-Brown has published them, to allow time for changes to be made before the next ACT election in 2020. The first vulnerability stems from Elections ACT publishing online the individual, and their preference allocations under the ACT’s preferential voting system, for later analysis.

Australia: Election rejection: Tasmanian activists launch inquiry into 2018 result | The Guardian

A March election would usually be a distant memory by August. But not so in Tasmania, where anger over the 2018 campaign remains white-hot. A group of community activists will tap into that sentiment on Wednesday, launching a novel concept in a state with the weakest political donations laws in the country – fed up over a lack of political transparency, the group will hold its own inquiry into the 2018 state election.

Australia: Cyber security experts warn Australia not immune from election meddling via Facebook | ABC

Facebook’s latest move to shut down accounts involved in interference in the US democratic process has prompted concern about possible election meddling in Australia. A former cyber security expert with the US State Department today issued a stark warning to Australians: we are not immune to the threat. Black Elevation, Mindful Being and Resisters are the names of just a few Facebook pages that had thousands of followers Facebook said were possibly linked to Russia, and involved in co-ordinated, inauthentic behaviour.

Australia: Political parties to get cyber subsidy for electoral databases | iTnews

Australia’s four major political parties have been granted $300,000 to shore-up their systems following Russia’s alleged cyber interference in the 2016 US election. The funding will be made available to the parties in the form of voter information protection grants that will be administered by the Department of Finance over the second half of 2018. The Liberal, Nationals, Labor and Greens parties will use the grants to “improve security of their constituent management systems and associated data, including information pertaining to the electoral rolls and voter information”. The funding follows a series of briefings on the security threat to Australia’s elections between Australian Signals Directorate (ASD) and party leaders in early 2017.

Australia: Typeform Breach Update: TEC, ARM, And UK’s LibDems Also Affected | Hacking News

The Typeform data breach that shook the internet world last week now appears much more shocking and far-reaching then initially speculated. At that time, Typeform did not clearly mention the affected customers. Rather it summed up by saying that it is notifying the affected customers directly. However, the recent reports and repeated confessions about data breach from a number of organizations give us a hint of the Typeform’s victimized clientele. In this Typeform breach update, we report the data breaches faced by various political parties. One of the initial entities that confirmed data breach right after the news about Typeform breach surfaced online, is the Tasmanian Electoral Commission (TEC). After receiving the notification from Typeform, they quickly published a media release about the incident. 

Australia: Tasmanian electoral body caught up in Typeform data breach | ZDNet

The Tasmanian Electoral Commission says an “unknown attacker” has breached a server’s security and downloaded a back-up file containing the names, addresses, emails, and date-of-birth information of electors. The breach occurred through a server of the Barcelona-based company Typeform, whose online forms have been used on the TEC website since 2015 for election services, the commission said in a statement on Saturday. Typeform said the breach was identified on June 27, with the vulnerability closed down within half an hour of detection.

Australia: Tasmanian voters caught in data breach | iTnews

Data on Tasmanian voters that applied for an express vote at recent elections has been stolen by hackers, the state’s electoral commission has warned. The commission is one of a growing list of victims of a breach at Spanish web form maker, Typeform, in which hackers were able to exfiltrate a “partial backup” file containing a range of client data. The Tasmanian Electoral Commission said in a statement that data collected through five forms on its website had been stolen. … Express voting offers a chance for constituents to cast their vote via email or fax. It is used when the voter is going to be interstate or overseas, or if they simply live too remotely to get to a polling station.

Australia: Dual citizenship crisis: four MPs resign after court rules Katy Gallagher ineligible | The Guardian

A high court decision ruling Labor senator Katy Gallagher ineligible to sit in parliament has triggered four MPs – including three Labor MPs – to resign over dual citizenship issues. In a litmus test for both Malcolm Turnbull and Bill Shorten the four MPs will now fight to retain their seats in a “super Saturday” string of byelections in states that will be crucial to the next federal election including Queensland and Western Australia. While the Turnbull government dials up its rhetoric on Shorten’s failure to force his MPs to resign sooner, Shorten has attempted to frame the looming contests – to be held as early as June – as a chance to cast judgment on the Coalition’s big business tax cuts.

Australia: Electoral Commission strengthens defences against foreign hacking | AFR

The Australian Electoral Commission wants a stress test of ageing IT infrastructure completed ahead of the next election, part of international efforts to protect against foreign hacking such as Russia’s interference in the 2016 US presidential vote. Electoral Commissioner Tom Rogers has conceded authorities in Australia and New Zealand remain “nervous” about the risk of domestic or overseas hacking and disruption to “front-facing services” including the online enrolment system, postal vote application system and virtual tally room. The Council of Australian Governments has ordered health checks of electoral systems, with intelligence organisations including the Australian Signals Directorate and the Australian Cyber Security Centre co-operating with the AEC ahead of a possible federal election in late 2018 or early 2019.

Australia: New South Wales Electoral Commission appoints Scytl for iVote refresh project | Computerworld

Scytl has won a $1.9 million contract to upgrade the NSW Electoral Commission’s iVote application. The 2017-18 state budget included funding to enhance the iVote system, which provides browser-based Internet voting and telephone voting. iVote has been used in two NSW elections, as well as the 2017 WA election and nine NSW by-elections. There have been two versions of iVote; Scytl developed the core voting system used by the application from the 2015 NSW election onward. iVote has three key components: A registration and credential management system, which were both developed by the NSW EC; the Scytl core voting system; and a telephone system built by the electoral commission for vote verification.

Australia: Boundary changes set to trigger Labor factional jostling | The Guardian

New boundaries set to be released by the Australian Electoral Commission on Friday are expected to deliver two new seats to the Labor party at the next federal election – and trigger a fresh round of factional jostling in Melbourne. The AEC is expected on Friday morning to publish redistributions creating a new inner-city seat in Canberra and a new electorate in the western or north-western suburbs of Melbourne. Given that Canberra and Melbourne’s west are considered Labor strongholds, major-party operatives think both seats will be a plus in the Labor column at the time of the next federal election – although the Greens will also have their eye on the new Canberra seat.  But the picture could be more mixed for Labor depending on the flow-on consequences of the Victorian redistribution – with boundary changes potentially altering the balance in surrounding electorates, including McEwen, Casey and Gorton – and in the city’s east.

Australia: Electoral Commission ‘satisfied’ with security risks absorbed ahead of the 2016 election | ZDNet

A report from the Australian National Audit Office (ANAO) last month called out the Australian Electoral Commission (AEC) for ditching compliance with Australian government IT security frameworks. In particular, the ANAO said insufficient attention was paid to assuring the security and integrity of the data generated both during and after operation, as the focus was on delivering a Senate scanning system by polling day. Facing Senate Estimates on Tuesday night, Electoral Commissioner Tom Rogers said he was satisfied with the risks that the AEC accepted ahead of its go-live. “They were not untreated risks — we were aware of them,” Rogers clarified.

Australia: Parliamentary inquiry finds Western Australia’s electoral system ‘stuck in the past’ | Perth Now

Western Australia’s electoral system has become “stuck in the past” amid outdated legislation and a lack of funding, a parliamentary inquiry into the 2017 state election has found. The final report from the standing committee inquiry highlighted several problems with the security of internet voting, poor transparency for political donations and the state’s ageing Electoral Act. Inquiry chair Peter Katsambanis says the state’s 111-year old electoral legislation is a “hodgepodge of contradictory provisions that make no sense“, which prevented the use of electronic voting systems.

Australia: Vision-impaired voters to have access to electronic voting at state election | In Daily

The State Government has approved the use of VoteAssist, a computer-based application developed by the Western Australian Electoral Commission for its 2013 state election. The software uses specially designed computer terminals, headphones and a numeric keypad to provide audio prompts to guide the elector through the voting process. The Government passed legislation last year to…