California: Inside Contra Costa County’s election cybersecurity scare | San Jose Mercury News

The email that showed up in an employee’s inbox at the Contra Costa County elections office last month appeared harmless enough: It looked like it had been sent by a member of her church group and contained the innocuously named attachment “Request3.doc.” But when the employee clicked on the attachment on a work computer, malware laced into the document attempted to contact a Russian IP address, sparking a weeklong scare over the possibility of a foreign attempt to access county election internet systems. Emails from the elections office obtained by the Bay Area News Group through a public records request shed new light on the incident, which occurred the same week that Special Counsel Robert Mueller delivered his report on Russian interference in the 2016 election. The suspicious email was investigated by the FBI and the Department of Homeland Security, and state and federal authorities ultimately concluded that no county data had been compromised. State and local officials said they believe the elections office was not specifically targeted for the attack and it may have been a typical cyber scam motivated by money.

California: Hackers attacked California DMV voter registration system marred by bugs, glitches | Los Angeles Times

California has launched few government projects with higher stakes than its ambitious 2018 program for registering millions of new voters at the Department of Motor Vehicles, an effort with the potential to shape elections for years to come. Yet six days before the scheduled launch of the DMV’s new “motor voter” system last April, state computer security officials noticed something ominous: The department’s computer network was trying to connect to internet servers in Croatia. “This is pretty typical of a compromised device phoning home,” a California Department of Technology official wrote in an April 10, 2018, email obtained by The Times. “My Latin is a bit rusty, but I think Croatia translates to Hacker Heaven.” Although the email described the incident as the DMV system attempting “communication with foreign nations,” a department spokesperson later insisted voter information wasn’t at risk. The apparent hacking incident was the most glaring of several unexpected problems — never disclosed to the public — in rolling out a project that cost taxpayers close to $15 million. The Times conducted a four-month review of nearly 1,300 pages of documents and interviewed state employees and other individuals who worked on the project — most of whom declined to be identified for fear of reprisal. Neither the emails nor the interviews made clear who was ultimately responsible for the botched rollout, though an independent audit is expected to be released in the coming days.

California: Russian meddling and election integrity in California | Los Angeles Daily News

Now that Special Counsel Robert Mueller’s investigation “did not establish that members of the Trump campaign conspired or coordinated with the Russian government in its election interference activities,” we can all move on to fighting over whether those activities actually changed the outcome of the 2016 presidential election. Attorney General William Barr’s letter to Congress summarizing the Mueller report says the special counsel determined that there were two main Russian efforts to influence the 2016 election: “The first involved attempts by a Russian organization, the Internet Research Agency (IRA), to conduct disinformation and social media operations in the United States designed to sow social discord, eventually with the aim of interfering with the election. The second element involved the Russian government’s efforts to conduct computer hacking operations designed to gather and disseminate information to influence the election. The Special Counsel found that Russian government actors successfully hacked into computers and obtained emails from persons affiliated with the Clinton campaign and Democratic Party organizations, and publicly disseminated those materials through various intermediaries, including WikiLeaks.” Mueller has brought criminal charges against a number of Russian individuals, Russian military officers, and Russian companies or entities in connection with these activities. They’re never going to be in a U.S. courtroom, but the indictments tell us what happened.

California: Contra Costa County elections detects attempted hacking into system | San Jose Mercury News

An unknown hacker recently tried to access Contra Costa County’s election internet system, according to an email sent by the county’s elections chief. The unsuccessful hacking attempt “fits a pattern of other attempts/attacks that trace back to foreign interests,” Clerk-Recorder and Registrar of Voters Joe Canciamilla wrote, in an internal email to county staff on Friday morning. He said the elections office notified the California Secretary of State’s office, as well as the Department of Homeland Security, about the “attempted intrusion.” “Our security protocols captured and isolated the threat almost immediately,” Canciamilla wrote in the email. It’s unclear when the attack took place. Elections spokesman Paul Burgarino said the investigation into the incident is still in its early stages, but preliminary information indicated the attempt was unsuccessful.

California: Amendment would lower California voting age from 18 to 17 | The Sacramento Bee

A state lawmaker from the Silicon Valley has reintroduced a constitutional amendment that would lower the California voting age to 17, betting that a larger Democratic majority in the Legislature this year will help his proposal reach the ballot. An amendment requires the approval of two-thirds of the state Assembly and Senate, and the approval of voters. Last year, a similar proposal from Democratic Assemblyman Evan Low of Campbell failed to reach the necessary margin of 46-24. This time around, there are more Democrats in the Assembly, Low spokeswoman Maya Polon said, adding that the legislation enjoys bipartisan support.

California: L.A. County and state to purge 1.5 million inactive voters from rolls | Los Angeles Daily News

California and Los Angeles County have agreed to purge as many as 1.5 million inactive voter registrations across the state as part of a court settlement finalized Wednesday with Judicial Watch, a conservative activist group. Judicial Watch sued the county and state voter-registration agencies in Los Angeles federal court, arguing that the state was not complying with a federal law requiring the removal of inactive registrations that remain after two general elections, or two to four years. Inactive voter registrations usually occur when voters move to another country or state or pass away but remain on the rolls. The lawsuit alleged that Los Angeles County, with more than 10 million residents, has more voter registrations than it has citizens old enough to register with a registration rate of 112 percent of its adult citizen population. The lawsuit also uncovered that neither California nor Los Angeles County had been removing inactive voters from the voter registration rolls for the past 20 years, according to Judicial Watch.

California: State probing whether DMV’s delay of voter registration applications affected election | San Francisco Chronicle

Hundreds of voter registration applications were delayed last fall at California’s trouble-plagued Department of Motor Vehicles, and the state is trying to determine whether any election results were affected, officials said Tuesday. The DMV acknowledged that it had received 589 registration applications that it failed to forward to Secretary of State Alex Padilla’s office before the deadline for the Nov. 6 election. Of that number, 329 were from people who had not previously registered to vote, and the other 260 had moved to a different county and were trying to re-register. It’s not known yet how many of those voters tried to cast ballots and were either turned away or failed to have their votes counted. But in papers filed in a San Francisco federal court, which is overseeing the settlement of a suit by voting-rights advocates against the DMV, Padilla agreed to make sure every vote was counted if the application was properly submitted by the Oct. 22 registration deadline, and to determine whether any election outcomes would be affected.

California: California Voting Rights Act survives legal challenge, but it’s not over | San Francisco Chronicle

A federal judge has rejected a challenge to the California Voting Rights Act, which has required numerous local governments to switch from at-large to district elections to empower their minority populations. But the conservative who won a U.S. Supreme Court ruling striking down a key section of the federal voting-rights law says the California case is headed for higher courts. “We are disappointed with the ruling. We have every intention of seeking an appeal (in) the Ninth Circuit (Court of Appeals), and beyond if necessary,” Edward Blum, president of the nonprofit Project on Fair Representation, said Tuesday. The California law, passed in 2002, requires local governments and districts that hold at-large elections, drawing all candidates from the entire area, to change to district elections if a local minority group can show that voting in the community favors the majority because of racial polarization. That requires proof that a majority racial group has historically voted as a bloc to elect its own candidates or to pass race-related ballot measures opposed by minorities.

California: Election officials said DMV wasn’t ready to launch Motor Voter. California went ahead anyway | The Sacramento Bee

As California prepared to launch its new Motor Voter program last year, top elections officials say they asked Secretary of State Alex Padilla to hold off on the roll-out. The plan called for the Department of Motor Vehicles to automatically register people who came into its offices, one of several efforts by Democrats controlling California politics to make it easier for more people to vote. With the June 2018 primary approaching, election officials said they warned that the department that manages car registration and boat licenses was not yet prepared to register voters. “There wasn’t the appropriate readiness to go forward in April, and that was brought to the Secretary of State,” said Dean Logan, registrar for Los Angeles County, adding that he “definitely expressed concern” to the Secretary of State’s Office, as well as Padilla himself.

California: Bill Would Give Voting Rights to Parolees | Courthouse News

Nearly 50,000 Californians currently on parole could regain the right to vote under a voting rights bill introduced on Monday. A group of Democratic lawmakers are pushing for a state constitutional amendment already coined the Free the Vote Act and are hoping to restore parolees’ voting rights in an effort to cut down statewide recidivism rates. Assemblyman Kevin McCarty, D-Sacramento, wants California to build on momentum gained last November in Florida where voters overwhelmingly passed a measure that restored voting rights to most felons who have completed sentences.  He said that “roughly half of the states in the country are more progressive” than California in allowing felons and parolees the chance to vote, including Republican-led states like Maine, North Dakota and Utah. 

California: Explaining The Three New Landmark California Voting Laws | KXTV

Come New Year’s Day, three major voting bills will become law in California, changing the way voters use vote by mail ballots. Assembly Bill 216 and Assembly Bill 306, both introduced to the legislature by Assemblymember Lorena Gonzalez-Fletcher, will expand voting rights in the state and clarify certain aspects of vote by mail ballots to make voting easier for Californians. Assembly Bill 2218, which increases transparency of vote by mail ballots was also passed after being introduced by Assemblymember Marc Berman. AB 216 simplifies the use of vote by mail ballots—the elections official is required to deliver all supplies necessary for the use and return of the ballot, including an identification envelope with prepaid postage. Prepaid postage!

California: Millions of California voters saw same-party races on November’s ballot and left the space blank | Los Angeles Times

As November’s election results become clear, so does a new California conundrum: Voters may like the top-two primary — which doesn’t guarantee any political party a spot on the fall ballot — but a lot of them skipped last month’s contests in which the only choices were candidates with the same party affiliation. It was not a lack of enthusiasm for the election. The percentage of registered voters who turned out was the highest for a regular gubernatorial election since 1982. Final results, expected later this week, will show about 12.7 million ballots cast statewide. But some races were left blank, in what elections officials call an “under-vote.” The reasons vary — some voters get confused or forget, and others simply don’t like either of the two contenders.

California: California doesn’t need better voting machines — it needs better audits, experts say | The Peninsula Press

When voters in Alameda and Santa Clara County head to the polls on Nov. 6, about one percent will cast their ballots on electronic voting machines that have known security vulnerabilities. California has safeguards in place. In addition to requiring paper records for votes cast on electronic machines, California also manually audits one percent of all ballots cast, to make sure there’s no discrepancy in the numbers. Now, experts like David Dill, a computer science professor at Stanford and founder of Verified Voting, are saying that isn’t enough, and are pushing states like California to implement more rigorous auditing methods. “The problem of protecting machines is pretty unmanageable, even with the best and most modern hardware … so what you need to do is select a bunch of ballots at random and hand count them in order to make sure the electronic counts are accurate,” says Dill.

California: FBI investigating cyberattacks targeting California Democrat: report | The Hill

The FBI has opened up an investigation into cyberattacks that targeted a California Democrat who eventually lost a tight House primary race earlier this year, according to Rolling Stone, citing a source close to the campaign. The inquiry centers on distributed denial of service (DDoS) attacks against the campaign website for Bryan Caforio, who finished third in the June primary. He was running in California’s 25th Congressional District, which is represented by Republican Rep. Steve Knight and is considered a seat that Democrats could flip in November. The attacks involved creating artificially heavy traffic on his website that forced the hosting company to block access to bryancaforio.com four times before the primary, including during a crucial debate and in the week before the primary. No website data was accessed from the site during the attacks.

California: Secretary Of State Rips DMV For Voter Enrollment Error | Associated Press

Calling it unacceptable, Secretary of State Alex Padilla angrily criticized Department of Motor Vehicles officials Tuesday after they improperly registered about 1,500 people to vote in November’s election. Padilla did not mince words when it came to the error. “These mistakes from the DMV are totally unacceptable,” he told reporters. “It risks jeopardizing confidence in the electoral process which is why yesterday I called for an independent audit of the DMV’s technology and their practices…The DMV needs to get it together here real quick.” The focus is on the national Motor Voter Law that allows voters to register at DMV offices. Padilla said reports that all 1,500 people registered in error were non-citizens was not correct.

California: Primary season cyberattacks illuminate campaign vulnerabilities | The Hill

The spotlight on cyber vulnerabilities of political campaigns has grown brighter after three Democratic campaigns in California were hacked during the state’s primary elections. The campaigns of Bryan Caforio, Hans Keirstead and David Min all fell victim to cyber intrusions this year, underscoring a shortcoming that applies to political operations of various sizes: insufficient protections to guard against cyberattacks. The problem is particularly acute for smaller-scale campaigns, which often have fewer resources to ensure their technology and communications are secure, while incumbents can draw from bigger campaign accounts. But having more cash on hand doesn’t always mean it’ll be used to beef up protections. A recent McClatchy analysis of Federal Election Commission filings found that only six candidates running for seats in the House and Senate this election cycle have spent more than $1,000 on cybersecurity measures.

California: State bans bots secretly trying to sway elections | CNET

California has declared open season on the use of bots to try to secretly influence elections. Legislation signed by California Gov. Jerry Brown on Friday makes it illegal to use automated online programs, or bots, to try to influence voters’ opinions during an election without revealing the source’s artificial nature. The law also applies to bots trying to sell merchandise or services. Bots are everywhere in technology, ranging from search engine spiders that crawl the internet looking for new web pages, to malicious bots that come with a virus. They’ve also been traced to Russian attempts to sow the seeds of discontent among Americans by spreading false or deceptive information during the 2016 election.

California: Los Angeles County Supervisors Approve Investigation For Voter Registration ‘Errors’ | KHTS

The board unanimously approved a motion by Supervisor Kathryn Barger calling for an investigation into voter registration errors as a result of the new “motor voter” program managed by the California Department of Motor Vehicles. Created by the Motor Voter Act of 2015 and implemented in April 2018, the program automatically registers any eligible voters who apply for a driver’s license or identification card and transmits this data to the county where that person lives unless the individual specifically declines to participate. The state reported that 23,000 instances of voter registration errors occurred between mid-April and early August. The “motor voter” program has experienced other implementation issues as well, with 77,000 voter records allegedly being misreported in May by the DMV, according to officials.

California: Taking A Page From UPS, State To Allow Voters To Track Mail-In Ballots | KPBS

A bill recently signed by Gov. Brown designates the California Secretary of State to come up with the tracking system that will be optional for counties, including San Diego, to use. San Diego County Registrar of Voters Michael Vu said infrastructure would need to be built to use the vote by mail tracking system locally. Vu said the county will consider it. Vu added that already voters can check online when their ballot was issued and received. This new tracking system would allow voters to get a text or email about their ballot. Notifications would come when ballots are sent in the mail and once they have been picked up and officially counted. The system must be in place by 2020, and the bill designates the secretary of state to create it.

California: State Launches New Effort To Fight Election Disinformation | NPR

California election officials are launching a new effort to fight the kind of disinformation campaigns that plagued the 2016 elections — an effort that comes with thorny legal and political questions. The state’s new Office of Elections Cybersecurity will focus on combating social media campaigns that try to confuse voters or discourage them from casting ballots. During the 2016 election, in addition to hacking email accounts and attacking voting systems, Russian agents used social media to plant disinformation intended to drive down voter turnout.

California: Democrat hit with DDoS attacks during failed primary bid: report | The Hill

The campaign website of a Democratic congressional candidate in California was taken down by cyberattacks several times during the primary election season, according to cybersecurity experts. Rolling Stone reported on Thursday that cybersecurity experts who reviewed forensic server data and emails concluded that the website for Bryan Caforio, who finished third in the June primary, was hit with distributed denial of service (DDoS) attacks while he was campaigning. The attacks, which amount to artificially heavy website traffic that forces hosting companies to shut down or slow website services, were not advanced enough to access any data on the campaign site, but they succeeded in blocking access to bryancaforio.com four times before the primary, including during a crucial debate and in the week before the election.

California: State Launches New Effort To Fight Election Disinformation | Capitol Radio

California election officials are launching a new effort to fight the kind of disinformation campaigns that plagued the 2016 elections — an effort that comes with thorny legal and political questions. The state’s new Office of Election Cybersecurity will focus on social media efforts to discourage or confuse voters into not casting a ballot. During the 2016 election, in addition to hacking email accounts and attacking voting systems, Russian agents used social media also planted disinformation intended to drive down voter turnout.

California: Can DMV be trusted to register voters after 23,000 botched registrations? | San Jose Mercury News

The California Department of Motor Vehicles’ acknowledgement this week that it botched 23,000 voter registrations is raising new questions about whether it can be trusted to register voters at a time when election integrity is under renewed scrutiny nationwide. The DMV said the errors are being corrected and that new safeguards — put in place after the mistakes surfaced — seem to be working. But the registration mistakes come at a time when the DMV is already under fire over massive backlogs in processing new federally compliant IDs, known as Real IDs. “Waiting in line is one thing, but having your voter registration tampered with without your knowledge or consent is a very disturbing development,” Assemblyman Jim Patterson, R-Fresno, said Thursday. “This touches on the very security and honestly the sacredness of a person’s registration and votes. This calls into question the ability of the DMV to manage voter registration.”

California: DMV mishandled thousands of voter registrations | The Sacramento Bee

The California Department of Motor Vehicles on Wednesday said it has discovered it sent the Secretary of State’s Office 23,000 erroneous voter registrations. The agency said the errors occurred within the state’s Motor Voter program — which allows eligible applicants getting a driver license to be automatically registered to vote. The DMV said the errors stem from technicians toggling between multiple screens and registration information being improperly merged. According to the agency, 1,600 residents did not complete a voter registration affidavit and had their information sent to the secretary of state, which maintains the state’s list of registered voters. The DMV said none of the applicants were undocumented immigrants. “We are committed to getting this right and are working closely with the Secretary of State’s office to correct the errors that occurred,” DMV Director Jean Shiomoto said in a statement.

California: Los Angeles County’s new ‘open source’ vote tallying system isn’t open source just yet | Statescoop

Election officials in Los Angeles County are touting the state’s approval of a new system of tallying absentee votes, one they say will allow the county to distribute redesigned mail-in ballots in time for the Nov. 6 general election. The system runs on technology owned by the county, rather than a private vendor, and in what officials say is a first for California, it’s an open source platform. “With security on the minds of elections officials and the public, open source technology has the potential to further modernize election administration, security, and transparency,” California Secretary of State Alex Padilla, who certified the new system on Tuesday, said in a press release. The one catch? The new system might not count as “open source” just yet, as the agency that created it hasn’t shared the underlying code with the wider programming community.

California: No, You Can’t Vote Through Twitter: California’s Unprecedented Plan to Tackle Fake Election News | Governing

With less than three months to the midterm elections, American voters remain vulnerable to the same type of information warfare that Russia used to interfere with the 2016 presidential race. Election officials say voting systems are better protected against hackers than they were two years ago, but intelligence experts say the federal government hasn’t tackled the threat of foreign-created disinformation on social media. The risk endures after Russian nationals used hundreds of fake social media accounts to stoke political discord in the U.S. in 2016, according to an indictment earlier this year by Special Counsel Robert Mueller. “The spreading of misinformation and disinformation is one of the single greatest threats to our democratic process,” says National Association of Secretaries of State President Jim Condos, a Democrat who is also Vermont’s Secretary of State. “As we saw in 2016, our foreign adversaries used these tactics to sow doubt with voters and weaken voter confidence in the integrity of our elections.” Now the nation’s most populous state is pushing back, launching an unprecedented effort to address the issue.

California: State Certifies Los Angeles County’s New Open-Source Vote Tally System | MyNewsLA

Los Angeles County’s open-source vote tally system was certified by the secretary of state Tuesday, clearing the way for redesigned vote-by-mail ballots to be used in the November election. “With security on the minds of elections officials and the public, open-source technology has the potential to further modernize election administration, security and transparency,” Secretary of State Alex Padilla said. “Los Angeles County’s VSAP vote tally system is now California’s first certified election system to use open-source technology. This publicly-owned technology represents a significant step in the future of elections in California and across the country.”

California: FBI probing cyber attack on congressional campaign in California – sources | Reuters

The U.S. Federal Bureau of Investigation is investigating a cyber attack on the congressional campaign of a Democratic candidate in California, according to three people close to the campaign. The hackers successfully infiltrated the election campaign computer of David Min, a Democratic candidate for the House of Representatives who was later defeated in the June primary for California’s 45th Congressional district. The incident, which has not been previously reported, follows an article in Rolling Stone earlier this week that the FBI has also been investigating a cyber attack against Hans Keirstead, a California Democrat. He was defeated in a primary in the 48th Congressional district, neighboring Min’s. Paige Hutchinson, Min’s former campaign manager, declined to comment. An FBI spokeswoman said the bureau cannot confirm or deny an investigation.

California: Documents Reveal Successful Cyberattack in California Congressional Race | Rolling Stone

FBI agents in California and Washington, D.C., have investigated a series of cyberattacks over the past year that targeted a Democratic opponent of Rep. Dana Rohrabacher (R-CA). Rohrabacher is a 15-term incumbent who is widely seen as the most pro-Russia and pro-Putin member of Congress and is a staunch supporter of President Trump. The hacking attempts and the FBI’s involvement are described in dozens of emails and forensic records obtained by Rolling Stone. The target of these attacks, Dr. Hans Keirstead, a stem-cell scientist and the CEO of a biomedical research company, finished third in California’s nonpartisan “top-two” primary on June 5th, falling 125 votes short of advancing to the general election in one of the narrowest margins of any congressional primary this year. He has since endorsed Harley Rouda, the Democrat who finished in second place and will face Rohrabacher in the November election.

California: Legislature approves new Office of Elections Cybersecurity to repel attacks and combat disinformation | StateScoop

California is poised to officially create an Office of Elections Cybersecurity, a new bureau dedicated to combating cyberattacks directed at the state’s voting systems and correcting disinformation directed at voters. The new agency, which will be housed under the secretary of state’s office, was approved this week by both houses of the state legislature. The Office of Elections Cybersecurity will be responsible for disseminating information on cyberthreats against voting systems to county- and city-level elections officials. It is also designed to be a point of contact for federal officials to coordinate responses and to oversee cybersecurity training for local boards of elections, which are often less equipped than larger government agencies to fend off threats from foreign intelligence agencies. Federal officials have said that Russian hackers attempted to penetrate voter registration systems in at least 21 states — including California — during the 2016 presidential race, and have said this year that Kremlin-backed actors continue to target U.S. election infrastructure.