California: Primary season cyberattacks illuminate campaign vulnerabilities | The Hill

The spotlight on cyber vulnerabilities of political campaigns has grown brighter after three Democratic campaigns in California were hacked during the state’s primary elections. The campaigns of Bryan Caforio, Hans Keirstead and David Min all fell victim to cyber intrusions this year, underscoring a shortcoming that applies to political operations of various sizes: insufficient protections to guard against cyberattacks. The problem is particularly acute for smaller-scale campaigns, which often have fewer resources to ensure their technology and communications are secure, while incumbents can draw from bigger campaign accounts. But having more cash on hand doesn’t always mean it’ll be used to beef up protections. A recent McClatchy analysis of Federal Election Commission filings found that only six candidates running for seats in the House and Senate this election cycle have spent more than $1,000 on cybersecurity measures.

California: State bans bots secretly trying to sway elections | CNET

California has declared open season on the use of bots to try to secretly influence elections. Legislation signed by California Gov. Jerry Brown on Friday makes it illegal to use automated online programs, or bots, to try to influence voters’ opinions during an election without revealing the source’s artificial nature. The law also applies to bots trying to sell merchandise or services. Bots are everywhere in technology, ranging from search engine spiders that crawl the internet looking for new web pages, to malicious bots that come with a virus. They’ve also been traced to Russian attempts to sow the seeds of discontent among Americans by spreading false or deceptive information during the 2016 election.

California: Los Angeles County Supervisors Approve Investigation For Voter Registration ‘Errors’ | KHTS

The board unanimously approved a motion by Supervisor Kathryn Barger calling for an investigation into voter registration errors as a result of the new “motor voter” program managed by the California Department of Motor Vehicles. Created by the Motor Voter Act of 2015 and implemented in April 2018, the program automatically registers any eligible voters who apply for a driver’s license or identification card and transmits this data to the county where that person lives unless the individual specifically declines to participate. The state reported that 23,000 instances of voter registration errors occurred between mid-April and early August. The “motor voter” program has experienced other implementation issues as well, with 77,000 voter records allegedly being misreported in May by the DMV, according to officials.

California: Taking A Page From UPS, State To Allow Voters To Track Mail-In Ballots | KPBS

A bill recently signed by Gov. Brown designates the California Secretary of State to come up with the tracking system that will be optional for counties, including San Diego, to use. San Diego County Registrar of Voters Michael Vu said infrastructure would need to be built to use the vote by mail tracking system locally. Vu said the county will consider it. Vu added that already voters can check online when their ballot was issued and received. This new tracking system would allow voters to get a text or email about their ballot. Notifications would come when ballots are sent in the mail and once they have been picked up and officially counted. The system must be in place by 2020, and the bill designates the secretary of state to create it.

California: State Launches New Effort To Fight Election Disinformation | NPR

California election officials are launching a new effort to fight the kind of disinformation campaigns that plagued the 2016 elections — an effort that comes with thorny legal and political questions. The state’s new Office of Elections Cybersecurity will focus on combating social media campaigns that try to confuse voters or discourage them from casting ballots. During the 2016 election, in addition to hacking email accounts and attacking voting systems, Russian agents used social media to plant disinformation intended to drive down voter turnout.

California: Democrat hit with DDoS attacks during failed primary bid: report | The Hill

The campaign website of a Democratic congressional candidate in California was taken down by cyberattacks several times during the primary election season, according to cybersecurity experts. Rolling Stone reported on Thursday that cybersecurity experts who reviewed forensic server data and emails concluded that the website for Bryan Caforio, who finished third in the June primary, was hit with distributed denial of service (DDoS) attacks while he was campaigning. The attacks, which amount to artificially heavy website traffic that forces hosting companies to shut down or slow website services, were not advanced enough to access any data on the campaign site, but they succeeded in blocking access to bryancaforio.com four times before the primary, including during a crucial debate and in the week before the election.

California: State Launches New Effort To Fight Election Disinformation | Capitol Radio

California election officials are launching a new effort to fight the kind of disinformation campaigns that plagued the 2016 elections — an effort that comes with thorny legal and political questions. The state’s new Office of Election Cybersecurity will focus on social media efforts to discourage or confuse voters into not casting a ballot. During the 2016 election, in addition to hacking email accounts and attacking voting systems, Russian agents used social media also planted disinformation intended to drive down voter turnout.

California: Can DMV be trusted to register voters after 23,000 botched registrations? | San Jose Mercury News

The California Department of Motor Vehicles’ acknowledgement this week that it botched 23,000 voter registrations is raising new questions about whether it can be trusted to register voters at a time when election integrity is under renewed scrutiny nationwide. The DMV said the errors are being corrected and that new safeguards — put in place after the mistakes surfaced — seem to be working. But the registration mistakes come at a time when the DMV is already under fire over massive backlogs in processing new federally compliant IDs, known as Real IDs. “Waiting in line is one thing, but having your voter registration tampered with without your knowledge or consent is a very disturbing development,” Assemblyman Jim Patterson, R-Fresno, said Thursday. “This touches on the very security and honestly the sacredness of a person’s registration and votes. This calls into question the ability of the DMV to manage voter registration.”

California: DMV mishandled thousands of voter registrations | The Sacramento Bee

The California Department of Motor Vehicles on Wednesday said it has discovered it sent the Secretary of State’s Office 23,000 erroneous voter registrations. The agency said the errors occurred within the state’s Motor Voter program — which allows eligible applicants getting a driver license to be automatically registered to vote. The DMV said the errors stem from technicians toggling between multiple screens and registration information being improperly merged. According to the agency, 1,600 residents did not complete a voter registration affidavit and had their information sent to the secretary of state, which maintains the state’s list of registered voters. The DMV said none of the applicants were undocumented immigrants. “We are committed to getting this right and are working closely with the Secretary of State’s office to correct the errors that occurred,” DMV Director Jean Shiomoto said in a statement.

California: Los Angeles County’s new ‘open source’ vote tallying system isn’t open source just yet | Statescoop

Election officials in Los Angeles County are touting the state’s approval of a new system of tallying absentee votes, one they say will allow the county to distribute redesigned mail-in ballots in time for the Nov. 6 general election. The system runs on technology owned by the county, rather than a private vendor, and in what officials say is a first for California, it’s an open source platform. “With security on the minds of elections officials and the public, open source technology has the potential to further modernize election administration, security, and transparency,” California Secretary of State Alex Padilla, who certified the new system on Tuesday, said in a press release. The one catch? The new system might not count as “open source” just yet, as the agency that created it hasn’t shared the underlying code with the wider programming community.

California: No, You Can’t Vote Through Twitter: California’s Unprecedented Plan to Tackle Fake Election News | Governing

With less than three months to the midterm elections, American voters remain vulnerable to the same type of information warfare that Russia used to interfere with the 2016 presidential race. Election officials say voting systems are better protected against hackers than they were two years ago, but intelligence experts say the federal government hasn’t tackled the threat of foreign-created disinformation on social media. The risk endures after Russian nationals used hundreds of fake social media accounts to stoke political discord in the U.S. in 2016, according to an indictment earlier this year by Special Counsel Robert Mueller. “The spreading of misinformation and disinformation is one of the single greatest threats to our democratic process,” says National Association of Secretaries of State President Jim Condos, a Democrat who is also Vermont’s Secretary of State. “As we saw in 2016, our foreign adversaries used these tactics to sow doubt with voters and weaken voter confidence in the integrity of our elections.” Now the nation’s most populous state is pushing back, launching an unprecedented effort to address the issue.

California: State Certifies Los Angeles County’s New Open-Source Vote Tally System | MyNewsLA

Los Angeles County’s open-source vote tally system was certified by the secretary of state Tuesday, clearing the way for redesigned vote-by-mail ballots to be used in the November election. “With security on the minds of elections officials and the public, open-source technology has the potential to further modernize election administration, security and transparency,” Secretary of State Alex Padilla said. “Los Angeles County’s VSAP vote tally system is now California’s first certified election system to use open-source technology. This publicly-owned technology represents a significant step in the future of elections in California and across the country.”

California: FBI probing cyber attack on congressional campaign in California – sources | Reuters

The U.S. Federal Bureau of Investigation is investigating a cyber attack on the congressional campaign of a Democratic candidate in California, according to three people close to the campaign. The hackers successfully infiltrated the election campaign computer of David Min, a Democratic candidate for the House of Representatives who was later defeated in the June primary for California’s 45th Congressional district. The incident, which has not been previously reported, follows an article in Rolling Stone earlier this week that the FBI has also been investigating a cyber attack against Hans Keirstead, a California Democrat. He was defeated in a primary in the 48th Congressional district, neighboring Min’s. Paige Hutchinson, Min’s former campaign manager, declined to comment. An FBI spokeswoman said the bureau cannot confirm or deny an investigation.

California: Documents Reveal Successful Cyberattack in California Congressional Race | Rolling Stone

FBI agents in California and Washington, D.C., have investigated a series of cyberattacks over the past year that targeted a Democratic opponent of Rep. Dana Rohrabacher (R-CA). Rohrabacher is a 15-term incumbent who is widely seen as the most pro-Russia and pro-Putin member of Congress and is a staunch supporter of President Trump. The hacking attempts and the FBI’s involvement are described in dozens of emails and forensic records obtained by Rolling Stone. The target of these attacks, Dr. Hans Keirstead, a stem-cell scientist and the CEO of a biomedical research company, finished third in California’s nonpartisan “top-two” primary on June 5th, falling 125 votes short of advancing to the general election in one of the narrowest margins of any congressional primary this year. He has since endorsed Harley Rouda, the Democrat who finished in second place and will face Rohrabacher in the November election.

California: Legislature approves new Office of Elections Cybersecurity to repel attacks and combat disinformation | StateScoop

California is poised to officially create an Office of Elections Cybersecurity, a new bureau dedicated to combating cyberattacks directed at the state’s voting systems and correcting disinformation directed at voters. The new agency, which will be housed under the secretary of state’s office, was approved this week by both houses of the state legislature. The Office of Elections Cybersecurity will be responsible for disseminating information on cyberthreats against voting systems to county- and city-level elections officials. It is also designed to be a point of contact for federal officials to coordinate responses and to oversee cybersecurity training for local boards of elections, which are often less equipped than larger government agencies to fend off threats from foreign intelligence agencies. Federal officials have said that Russian hackers attempted to penetrate voter registration systems in at least 21 states — including California — during the 2016 presidential race, and have said this year that Kremlin-backed actors continue to target U.S. election infrastructure.

California: Voting Machines Aren’t the Only Vectors for Attack, California Election Officials Say | Government Technology

California election officials are guarding their voting machines and registration lists against Russian hackers — although no one has spotted any. “I operate under the assumption that hacking is actually happening and California is a target,” Secretary of State Alex Padilla says. “This year, there’s a big focus on several congressional races that could determine the House majority. The stakes in California have national implications.” But would the Russians actually try to change election outcomes? “I have no doubt that if they could, they would,” says Padilla, a Democrat who’s heavily favored to win reelection in November. Hacking into California’s voting system and altering votes, however, is considered by most experts to be practically impossible. That’s because voting machines aren’t hooked up to the internet. State law forbids it. A hacker might attack one machine but couldn’t reach into the entire vote-collecting system.

California: Software incompatibilities cited in review of missing Los Angeles County voter names | Los Angeles Times

Los Angeles County’s election software was unable to process a formatting change in state voter data, contributing to 118,500 names being omitted from eligible-voter rosters on election day in June, according to an executive summary of an independent review released Wednesday. There was no evidence of a security breach, the summary said. The county paid IBM Security Services $230,000 to investigate the foul-up, which officials said affected roughly 2.3% of registered voters across the county and 35% of voting locations. L.A. County elections chief Dean Logan said in June that the problem had no impact on voter eligibility and that poll workers were instructed on election day to give provisional ballots to people whose names did not appear on rosters. But the omissions prompted elected officials and civil rights groups to demand that the county review its election process.

California: Code, Software, Servers Bedeviled Marin County Election Website | Techwire

Old code, software problems and server configuration in Marin County, combined with heavy traffic, caused the blooper that made it impossible for the public to view results on election night June 5, county officials said this week. “We determined that it was a combination of three things,” said Liza Lowery Massey, director of Marin County’s Department of Information Services and Technology. The Registrar of Voters website, which had been redesigned to feature more graphs and other visual elements to make the data more accessible to the general public, remained inaccessible most of the night. Specifically, Massey said there was some antiquated legacy software code in some of the county’s Web pages.

California: A Fight Over Voter Rights in California | Wall Street Journal

Santa Monica, Calif., with a “well-being index” to gauge the happiness of its residents and a fleet of city buses powered by natural gas, often lives up to its reputation as a wealthy, liberal enclave on California’s coast. But this month, a trial in a Los Angeles courtroom has put the seaside city on the same side as a conservative legal activist who is challenging the state’s voting-rights law. The fight revolves around the city’s at-large election system for its seven City Council seats. Instead of winning office by capturing the majority in any particular district, council members are elected citywide.

California: Marin County officials detail glitches behind election-night web foulup | Marin Independent Journal

Old code, software problems and server configuration combined with heavy traffic caused the blooper that made it impossible for the public to view results on election night June 5, county officials said this week. “We determined that it was a combination of three things,” said Liza Lowery Massey, director of Marin County’s Department of Information Services and Technology. The Registrar of Voters’ website, which had been redesigned to feature more graphs and other visual elements to make the data more accessible to the general public, remained inaccessible most of the night.

California: Prepare to Vote on Android Tablets | San Francisco Weekly

A potential new voting system may not guarantee San Franciscans night-of election results, but agonizing, eight-day waits for a new mayor are likely behind us. That scenario unfolded in June, mostly thanks to the sheer amount of mail-in ballots that streamed in days after the polls had closed. But this past week, voters and the San Francisco Department of Elections had the chance to engineer a smoother, less tedious process on several fronts. For future elections, Dominion Voting Systems has an alternative that will allow voters to select their choices on a huge Android tablet complete with ADA-friendly accessibility options, a language bar, a review page, and companion printer to track their choices on paper. To extend the ranked-choice voting confusion, voters can rank up to 10 candidates on the screen. “This system is much more versatile than the existing system,” says Larry Korb, a sales engineer for Dominion.

California: Incompatible file formats led Los Angeles County to drop 118,000 voters in California primary | StateScoop

Multiple factors contributed to Los Angeles County eliminating more than 118,000 registered voters from the rolls during the June 5 California primary election, according to a report published Wednesday. The document, prepared by IBM Security Services, explains that software incompatibilities and clashing file formats between the state’s official voter list and the county’s system led to the voters being dropped from the roster. At the time, county officials attributed the cut names to a printing error. The affected voters accounted for about 2.3 percent of the county’s registered voters, and were spread across about one-third of the sprawling county’s precincts. The most populous in the United States, the county spans from the city of Los Angeles to the edge of the Mojave Desert, and boasts more than 5.1 million registered voters, more than one-quarter of California’s statewide total. People who showed up to vote but were told their names were not on the rolls were still allowed to cast provisional ballots.

California: San Francisco Tests New Election Voting System | NBC

A pilot program in San Francisco aims to make the voting process easier both on casting a vote and how that vote is counted. San Francisco residents have until Tuesday to test the pilot program out, which includes electronic voting on large tablets. “It’s absolutely amazing,” voter Charles Esler said of trying out the pilot. “It’s a lot more user friendly.” San Francisco’s Department of Elections is hoping voters will offer plenty of opinions after they come test them out. The machines being used in the new voting process are built by Dominion Voting Systems.

California: Elections business serving San Luis Obispo County has legal issues | The Tribune

A business that for years provided key election services to San Luis Obispo County is barred from doing business in California and has a federal tax lien of $270,000, records show. Now, San Luis Obispo County and five other California counties have contracted for the same election services with what business executives assert is a new company. But there’s evidence the two are related — if not the same business. The new business, Integrated Voting Systems, shares a working name, address and other details with the original business: Integrated Voting Solutions. And for nearly two years, Integrated Voting Systems has done business as Integrated Voting Solutions. In June, that company caused a critical ballot error that required a recount in a Colorado county, leading to news stories that linked the company to the one in “hot water” in California.

California: Could Russia hack California’s elections? It would be hard, but not impossible | San Francisco Chronicle

Although California has received an “all-clear” from government agencies looking into Russian attempts to hack into voting data for states across the nation, safe today doesn’t mean safe tomorrow, a leading computer security expert warned. “The bottom line is, be nervous,” said Matt Bishop, a UC Davis computer science professor who specializes in computer security. California has been pushing hard to make its voting systems more secure and more efficient since Florida’s famous “hanging chad” election of 2000. …  San Francisco’s system is typical, said John Arntz, the city’s elections chief. There’s an “air gap” in the electronic voting machines and the equipment that tallies the votes, he said.

California: State Supreme Court Squashes Bid To Split State Into Three | NPR

California will be staying in one piece, at least for now, after the state’s supreme court ruled that a proposal to divide California into three cannot be placed on the ballot in November. Tim Draper, a wealthy venture capitalist, has spent years arguing that the Golden State would be better off as several smaller states. He says California is too large to be governed effectively and that splitting up would result in “better decision making and real solutions closer to home.” This year, he got enough signatures to put it before voters — although experts said that even if the proposal passed, it would face a range of daunting legal and political hurdles. Then the Planning and Conservation League (PCL), a nonprofit environmental group in California, filed a lawsuit to block the measure from getting to a vote.

California: New law requires voter data breach reporting | Associated Press

Journalists, researchers and political campaigns that receive voter data must tell California officials if it may have been stolen under a new law Gov. Jerry Brown announced he signed Monday. It requires people and organizations that have California voter registration data to report security breaches affecting the storage of that information, which can include names, birth dates and addresses. Counties and the secretary of state’s office provide voter registration information to people and organizations who agree to use the data only for journalistic, scholarly, political or government purposes. The new law directs the secretary of state to develop guidelines for how such information should be securely stored. Additionally, it makes intentionally misinforming a voter about voting locations, eligibility or times a misdemeanor.

California: Fresno ballot vendor has trouble in Colorado, warned by state of California | The Fresno Bee

The company that has a multimillion-dollar contract to provide voting services to Fresno County and others across at least two states is in hot water for printing outdated ballots in Colorado, triggering a manual recount. The company, Integrated Voting Systems, also shares a working name, address and other details with a corporation that owes more than $270,000 in back taxes and is barred from doing business in California. These companies are linked to still more printing companies which have had millions of dollars worth of liens and civil judgments levied against them. For nearly two years, Integrated Voting Systems has done business as Integrated Voting Solutions, both based in Fresno and Dinuba. Although leadership for the former vehemently denies any association with the latter, it’s clear the two companies are related – if not the same business.

California: With Russian meddling in mind, California invests $134 million to safeguard election systems | The Sacramento Bee

Alex Padilla says California’s voting system wasn’t compromised by Russia’s attempt to interfere with the 2016 U.S. election. But the issue is in the back of his mind as he looks to safeguard the integrity of the vote. With increased attention to cybersecurity lately, California is making a sizable investment in its election infrastructure. This year’s state budget provides $134 million for counties to modernize voting systems. It also provides $3 million for the creation of the Office of Elections Cybersecurity and the Office of Enterprise Risk Management. Because the budget was signed so recently, there hasn’t been enough time for counties to request funding and have contracts generated. Even so, the budget allows counties that recently bought new systems to request reimbursement.

California: The November election just got a lot less confusing for California voters | Los Angeles Times

Californians won’t vote on the nation’s toughest privacy protections after all — because the Legislature did its job and handled the matter. That’s one less confusing ballot proposition and hundreds fewer annoying TV ads that voters will be pestered with in November. Same with a complex local tax measure. The soft drink industry was scared of local governments slapping taxes on sugary soda. So soda makers qualified a ballot initiative making it harder to increase local taxes period. But they withdrew the measure last week after the Legislature passed a bill to ban new soda taxes for 12 years. There also won’t be a squirrely ballot measure sponsored by paint manufacturers asking taxpayers to subsidize their lead paint cleanup. Outraged legislators responded to the initiative by introducing bills to penalize the companies. In the end, everyone holstered their weapons and agreed to negotiate.