National: Has Congress already missed its chance to strengthen election security ahead of 2020? | Bryan Lowry/The Kansas City Star

Congress may have already missed its window to shore up state election systems against foreign cyber-attacks ahead of the 2020 election. Former Special Counsel Robert Mueller’s testimony this week on his investigation into Russia’s role in the 2016 election has reignited calls for the passage of a bipartisan election security bill. But Republican Senate leaders have balked at approving any such measure prior to 2020. GOP leadership said Mueller’s testimony did little to persuade them of the need for legislation. Moreover, one of the only GOP lawmakers pushing election security reforms on Capitol Hill said states have effectively run out of time to implement changes ahead of the next presidential election. Sen. James Lankford, R-Oklahoma, told reporters Thursday that Congress should shift its focus to the 2022 mid-term election. “I’ve had folks say we need to hurry and get money out the door so they can buy new systems, that’s not going to happen for 2020. There’s no way to do it for 2020 because you can’t buy the equipment, get it in, test it, evaluate it, train your volunteers on it when the first primary is six months away,” Lankford said. “The discussion now is not about 2020. That’s already resolved. They’re not going to add new stuff unless it’s already currently in the pipeline. It’s really 2022 at this point.”

National: State election offices made for an easy target for Russian hackers | Andrew Eversden/Fifth Domain

In the months before the 2016 presidential election, one U.S. state received a notification from a federally-backed cybersecurity group, warning about suspicious cyber activity directed at its networks. The state IT officials did not share the alert with other state government leaders and as late at January 2018, the same officials reported nothing “irregular, inconsistent, or suspicious” took place before the vote. In fact, GRU, Russia’s military intelligence agency, had scanned one of the state’s “election-related” domains, according to a new Senate report. In another state, leaders did not turn over to the Senate which of its systems had been targeted by Russians. Officials told Senate investigators they hadn’t seen evidence of scanning or attacks on its election infrastructure. Instead, they told the committee that they had seen a “probing” of its state systems. Again, DHS told the committee that GRU had scanned the state’s Secretary of State website. And in a third state, officials told Senate investigators they had not noticed a connection between their systems and the IP addresses listed in a warning from the federal government. And again, DHS told the committee that GRU scanned the state’s government domain.

National: Bring Back Paper Ballots: Senate Intelligence Committee report shows how electronic voting systems are inherently vulnerable to hackers. | Fred Kaplan/Slate

Just hours after Senate Republicans blocked a vote on a bill to make elections less vulnerable to cyberattacks, the Senate Intelligence Committee released a 67-page report, concluding that, leading up to the 2016 election, Russians hacked voting machines and registration rolls in all 50 states, and they are likely still doing so. The heavily redacted document, based on a two-year investigation, found no evidence that the hackers altered votes or vote tallies, though it says they could have if they’d wanted to. However, three former senior U.S. intelligence officials with backgrounds in cybersecurity told me that the absence of evidence isn’t the same as the evidence of an absence. One of them said, “I doubt very much that any changes would be detectable. Certainly, the hackers would be able to cover any tracks. The Russians aren’t stupid.” Hacking individual voting machines would be an inefficient way to throw an election. But J. Alex Halderman, a computer scientist who has tested vulnerabilities for more than a decade, testified to the Senate committee that he and his team “created attacks that can spread from machine to machine, like a computer virus, and silently change election outcomes.” They studied touch-screen and optical-scan systems, and “in every single case,” he said, “we found ways for attackers to sabotage machines and steal votes.”

National: Myriad election systems complicate efforts to stop hackers | Christina A. Cassidy and Colleen Long/Associated Press

A new Senate report on Russian interference in U.S. elections highlighted one of the biggest challenges to preventing foreign meddling: the limited powers and ability of the federal government to protect elections run by state and local officials. That has given fuel to those who argue that a larger federal role is needed. The Senate Select Committee on Intelligence issued the first part of its report into Russian interference in the 2016 election on Thursday, noting that Russian agents “exploited the seams” between federal government expertise and ill-equipped state and local election officials. The report also emphasized repeatedly that elections are controlled by states, not the federal government. It called for the reinforcement of state oversight of elections — a view blasted as inadequate by Sen. Ron Wyden, an Oregon Democrat on the committee. He called on Congress to establish mandatory cybersecurity requirements across the country. “We would not ask a local sheriff to go to war against the missiles, planes and tanks of the Russian Army,” Wyden wrote. “We shouldn’t ask a county election IT employee to fight a war against the full capabilities and vast resources of Russia’s cyber army. That approach failed in 2016 and it will fail again.”

National: Mitch McConnell Received Donations from Voting Machine Lobbyists Before Blocking Election Security Bills | Nicole Goodkind/Newsweek

Senate Majority Leader Mitch McConnell squashed two bills intended to ensure voting security on Thursday, just one day after former special counsel Robert Mueller warned that Russians were attempting to sabotage the 2020 presidential elections “as we sit here.” McConnell said he wouldn’t allow a vote on the bills because they were “so partisan,” but, as previously reported, earlier this year McConnell received a slew of donations from four of the top voting machine lobbyists in the country. “Clearly this request is not a serious effort to make a law. Clearly something so partisan that it only received one single solitary Republican vote in the House is not going to travel through the Senate by unanimous consent,” said McConnell on the Senate floor. The plans would likely burden the two largest electronic voting machine vendors in the United States, Election Systems & Software and Dominion Voting Systems, with new regulations and financial burdens.

National: Russia Targeted Elections Systems in All 50 States, Report Finds | David E. Sanger and Catie Edmondson/The New York Times

The Senate Intelligence Committee concluded Thursday that election systems in all 50 states were targeted by Russia in 2016, an effort more far-reaching than previously acknowledged and one largely undetected by the states and federal officials at the time. But while the bipartisan report’s warning that the United States remains vulnerable in the next election is clear, its findings were so heavily redacted at the insistence of American intelligence agencies that even some key recommendations for 2020 were blacked out. The report — the first volume of several to be released from the committee’s investigation into Russia’s 2016 election interference — came 24 hours after the former special counsel Robert S. Mueller III warned that Russia was moving again to interfere “as we sit here.” While details of many of the hackings directed by Russian intelligence, particularly in Illinois and Arizona, are well known, the committee described “an unprecedented level of activity against state election infrastructure” intended largely to search for vulnerabilities in the security of the election systems.

National: Mueller Warns of Russian Sabotage and Rejects Trump’s ‘Witch Hunt’ Claims | Mark Mazzetti/The New York Times

Robert S. Mueller III warned lawmakers on Wednesday that Russia was again trying to sabotage American democracy before next year’s presidential election, defended his investigation’s conclusions about Moscow’s sweeping interference campaign in 2016 and publicly rejected President Trump’s criticism that he had conducted a “witch hunt.” The partisan war over Mr. Mueller’s inquiry reached a heated climax during nearly seven hours of his long-awaited testimony before two congressional committees. Lawmakers hunted for viral sound bites and tried to score political points, but Mr. Mueller consistently refused to accommodate them, returning over and over in a sometimes halting delivery to his damning and voluminous report. Mr. Mueller remained a spectral presence in Washington over the past two years as the president and his allies subjected the special counsel and his team of lawyers to withering attacks. Speaking in detail for the first time about his conclusions produced occasionally dramatic moments in which he ventured beyond his report to offer insights about Mr. Trump’s behavior.

National: Senate Intel finds ‘extensive’ Russian election interference going back to 2014 | Morgan Chalfant and Maggie Miller/The Hill

The Senate Intelligence Committee has released its long-awaited bipartisan report on election security and Russian interference in the 2016 presidential election. Among the key findings of the report, the committee writes that “the Russian government directed extensive activity, beginning in at least 2014 and carrying into at least 2017, against U.S. election infrastructure at the state and local level.” The report is heavily redacted in some areas and is 67 pages. The Senate panel, which has been investigating Russian interference for more than two years, released a summary version of its election security findings in May 2018. The panel released its redacted report one day after former special counsel Robert Mueller appeared on Capitol Hill to testify about his own 22-month investigation into Russian interference in the 2016 election and possible obstruction of justice by President Trump. The congressional document, which is the product of a bipartisan investigation led by Senate Intelligence Committee Chairman Richard Burr (R-N.C.) and Vice Chairman Mark Warner (D-Va.), recommended that officials give “renewed attention” to vulnerabilities in voting infrastructure, such as further securing voter registration databases.

National: Election infrastructure bill remains stalled as Senate Intelligence panel releases first volume of Russia report | Niels Lesniewski/Roll Call

As the Senate Intelligence Committee was releasing the first volume of its comprehensive report into Russian election interference in 2016, a Republican senator was making clear that he still wants to get support for encouraging states to have paper audit trails and to boost the ability of election officials to get timely security clearances. Sen. James Lankford of Oklahoma, who has been working with Minnesota Democrat Amy Klobuchar, told reporters Thursday that with the 2020 primaries and caucuses just around the corner, security enhancements would be meant for the next midterms. “The discussion now is not about 2020. That’s already resolved,” Lankford said. “They’re not going to add new stuff unless its already currently in the pipeline. It’s really 2022 at this point.” Lankford said that if he and Klobuchar can find a way to overcome objections from lawmakers concerned about undue federal influence in state and local elections, they will be looking for a legislative vehicle for their measure.

National: GOP blocks election security bills after Mueller testimony | Jotdain Carney/The Hill

Senate Republicans blocked two election security bills and a cybersecurity measure on Wednesday in the wake of former special counsel Robert Muellerwarning about meddling attempts during his public testimony before congressional lawmakers. Democrats tried to get consent to pass two bills that would require campaigns to alert the FBI and Federal Election Commission about foreign offers of assistance, as well as a bill to let the Senate Sergeant at Arms offer voluntary cyber assistance for personal devices and accounts of senators and staff.  But Sen. Cindy Hyde-Smith (R-Miss.) blocked each of the bills. She didn’t give reason for her objections, or say if she was objecting on behalf of herself or the Senate GOP caucus. A spokesman didn’t immediately respond to a request for comment. Under Senate rules, any one senator can ask for consent to pass a bill, but any one senator is able to object. The floor drama comes after Mueller warned about election interference during his testimony before the House Intelligence Committee, saying Russia was laying the groundwork to interfere in the 2020 election “as we sit here.” “We are expecting them to do it again during the next campaign,” Mueller said.

National: DEF CON Invites Kids to Crack Campaign Finance Portals | Kelly Sheridan/Dark Reading

A new challenge at this year’s DEF CON will let kid hackers take aim at simulated election campaign financial disclosure portals and use their findings to stage disinformation campaigns. DEF CON’s Voting Village and AI Village have teamed up with r00tz Asylum, a nonprofit dedicated to educating kids about white-hat hacking, to teach budding infosec enthusiasts ages 8–16 about digital threats to democracy. Like the Voting Village, which lets adults explore flaws in election infrastructure, r00tz Asylum gives kids a chance to poke holes in election security. Last year, r00tz Asylum made its first foray into election security. Kids used SQL injection to access and manipulate synthetic state election results websites, where they could change the candidates and displayed vote counts. It took two 11-year-old hackers just 15 minutes to crack a replica of the Florida Secretary of State’s website and change its vote count reports.

National: Democrats paint McConnell as ‘lead opponent’ to election security in new report | Maggie Miller/The Hill

Senate Democrats labeled Senate Majority Leader Mitch McConnell (R-Ky.) as “the lead opponent” to election security efforts in a report released Tuesday. The attack came as Democrats continue to push McConnell to bring election security legislation to the Senate floor. The report, specifically released ahead of the House hearings featuring special counsel Robert Mueller on Wednesday, details what the Democrats see as steps taken by McConnell since 1999 to resist election security and voting reform efforts.  “For years, Sen. McConnell has fought to increase the impact of dark money and corporate spending in our elections,” the Senate Democrats wrote. “But now, after reportedly fighting efforts to expose Putin’s interference during the 2016 elections, Senator McConnell is blocking bipartisan reforms that would secure our elections from foreign interference.” The Senate Democrats pointed to efforts by McConnell and other Senate Republicans to block election security efforts in the Senate, accusing McConnell of “threatening the integrity of, and faith in, our democratic institutions.”

National: FBI Director Wray: Russia intent on interfering with U.S. elections | Doina Chiacu/Reuters

Russia is determined to interfere in U.S. elections despite sanctions and other efforts to deter such actions before the next presidential election in 2020, FBI Director Christopher Wray said on Tuesday. “The Russians are absolutely intent on trying to interfere with our elections,” Wray said during a Senate Judiciary Committee hearing. Wray appeared at an oversight hearing a day before Robert Mueller, the former special counsel, was due to testify publicly before Congress about his two-year investigation of Russian interference to sway the 2016 presidential race toward President Donald Trump. “Everything we’ve done against Russia has not deterred them enough?” asked Senator Lindsey Graham, the Republican committee chairman. “All the sanctions, all the talk, they’re still at it?” “Yes. My view is until they stop they haven’t been deterred enough,” Wray responded. Mueller’s investigation disclosed an elaborate campaign of hacking and propaganda during the 2016 presidential race and resulted in indictments that charged 25 Russian individuals and three Russian companies.

National: U.S. Elections Are Still Not Safe From Attack | Lawrence Norden And Daniel I. Weiner/Foreign Affairs

Russia’s attack on American elections in 2016, described in Special Counsel Robert Mueller’s recent report as “sweeping and systematic,” came as a shock to many. It shouldn’t have. Experts had been warning of the danger of foreign meddling in U.S. elections for years. Already by 2016, the wholesale adoption of computerized voting had weakened safeguards against interference and left the United States vulnerable to an attack. So, too, the shift to digital media and communications had opened new gaps in security and the law that could be used for manipulation and blackmail.  Russia—and perhaps other powers like China and Iran—will likely try to exploit these vulnerabilities once again in 2020. The United States was caught flatfooted the last time. Now, nearly three years after the Russian efforts first came to light, the United States has made relatively little progress toward hardening its electoral system against interference. Each day it waits to do so raises the likelihood of another election tainted by significant foreign meddling.  Fortunately, there are still measures that Congress, the Federal Election Commission, and other policymakers can take to substantially blunt a future attack. With just over six months remaining until the New Hampshire primary and the start of 2020 voting, lawmakers and executive branch agencies should make election security a priority by upgrading equipment, guarding against hacking, and combatting foreign influence operations.

National: First look at the DEFCON Voting Village | Eric Geller, Mary Lee and Natasha Bertrand/Politico

Sen. Ron Wyden (D-Ore.) and former 2020 presidential candidate Rep. Eric Swalwell (D-Calif.) will speak at this year’s DEFCON Voting Village, MC can reveal. The lawmakers will join California Secretary of State Alex Padilla and former NSA national threat operations director Sherri Ramsay in the election security-focused corner of the cybersecurity conference, which runs Aug. 8-11 in Las Vegas. “The overwhelming interest we are seeing from government leaders demonstrates that securing our democracy is a national security priority,” Voting Village co-founder Harri Hursti says in a press release set to go out this morning, “and we need policy solutions that address the concerns brought to light each year by this Village.” The Voting Village sparked controversy last year when the National Association of Secretaries of State dismissed its findings about voting technology vulnerabilities by saying the test conditions were unrealistic. NASS said at the time that it looked forward to working more closely with the village’s organizers this year. That appears to have happened: This year’s event will “feature a significant increase” in government speakers, including “prominent state and local election authorities,” the organizers said. Other speakers will hail from the DHS Cybersecurity and Infrastructure Security Agency, the Defense Advanced Research Projects Agency and the Pentagon. And good news for attendees seeking a hands-on experience: Per the organizers, there will also be “a more extensive array of voting equipment” this year.

National: Microsoft Data Shows Hackers Still Targeting U.S. Elections | Alyza Sebenius and Kartikay Mehrotra/Bloomberg

State-backed hackers have attempted to infiltrate targets related to U.S. elections more than 700 times in the past year, furthering concerns about potential meddling in upcoming races, according to a blog posted Wednesday by Microsoft Corp. The hackers responsible are mostly from Russia and North Korea, said Tom Burt, Microsoft’s vice president for customer security & trust, in an interview. The company has counted nearly 10,000 hacks globally stemming from state-sponsored attacks in the past year. Of those, 781 have been to democracy-focused organizations, particularly non-governmental organizations and think tanks, and nearly all of those attacks, 95 %, are against U.S.-based organizations. “We have uncovered attacks specifically targeting organizations that are fundamental to democracy,” Burt wrote. “Democracy-focused organizations in the United States should be particularly concerned.” The attacks on democratic institutions are a likely precursor to hacking attempts on campaigns and election systems ahead of the 2020 presidential elections, according to the blog. However, the North Korea-based hackers may be conducting espionage on issues of special interest like nuclear disarmament, rather than seeking to hack elections, Burt said in the interview.

National: Russia Is Using Cold War Strategy to Undermine the Faith of Americans in the 2020 Election—Will It Work? | Adam Piore/Newsweek

Three events occurring in rapid succession on October 7, 2016, stand out in Robby Mook’s memory.The first came at about 3:30 pm. The Obama Administration issued a statement that publicly blamed Russia for hacking the Democratic National Committee and orchestrating the release of the thousands of emails roiling the Democratic Party, which, it said, were “intended to interfere with the US election process.” In the day’s crazy news cycle, that highly-unusual announcement never had a chance.At 4 pm, The Washington Post unveiled the infamous Access Hollywood Tape, on which then-candidate Donald Trump was recorded boasting about his own sexual harassment of women. “When you’re a star, they let you do it. You can do anything. Grab ’em by the pussy. You can do anything.”Within the hour, yet another media bomb dropped. Wikileaks released another trove of emails—the first 20,000 pages of 50,000 hacked emails stolen from the account of Hillary Clinton’s Campaign Chairman John Podesta. “It was so clear what was happening,” recalls Mook, who at the time was a 35-year-old political operative running the Clinton campaign. In time, reporters would dig out old transcripts of paid speeches to Wall Street banks, controversial comments about Catholic voters and other documents that turned out to be damaging to the Clinton campaign. U.S. intelligence has since linked the Podesta trove to the Russian military.

National: Hill Democrats target McConnell in election security push | Derek B. Johnson/FCW

Congressional Democrats are banding together to sound the alarm on the looming security threats facing the 2020 elections — and bash the senator they believe is most responsible for legislative inaction. In a July 23 press conference scheduled one day before Special Counsel Robert Mueller heads to Capitol Hill to testify on his report that found “sweeping and systemic” efforts on the part of the Russian government to interfere in the 2016 elections, a group of Democrats pledged to barnstorm around the country serving as “Paul Reveres” to warn about the continuing need for comprehensive election security legislation. They spent most of their time taking aim at Senate Majority Leader Mitch McConnell (R-Ky.), who has become in many respects the primary target of ire for election security advocates after congressional Republicans acknowledged in a Rules Committee hearing earlier this year that he was blocking legislation from reaching the floor of the Senate. “The remarkable thing is on an issue where there is broad bipartisan support…McConnell has not brought a single piece of election security legislation to the floor even though the president’s own security team has said that we’re in jeopardy,” Sen. Mark Warner (D-Va.) said.

National: Intelligence Chief Names New Election Security Oversight Official | Julian E. Barnes/The New York Times

An experienced official will oversee election security intelligence across the government in a newly created senior position, the director of national intelligence announced on Friday as part of an effort to improve coordination and speed response to attacks by foreign governments. Intelligence officials said the new post reflects the reality that influence operations by Russia, China and other countries are likely to continue indefinitely. Shelby Pierson, who worked on intelligence issues surrounding the 2018 midterm elections, was named to the post, which will cover both potential attacks on voting infrastructure and influence campaigns. Administration critics praised the appointment but said it did not obviate the need for a director at the National Security Council to coordinate not just intelligence but also the response to foreign interference campaigns. And critics in Congress warned that President Trump’s skepticism over foreign influence campaigns continues to undermine the government response. Ms. Pierson’s appointment will help intelligence agencies direct resources to election security and “bring the strongest level of support to this critical issue,” said Dan Coats, the director of national intelligence, who called it an “enduring challenge.” Mr. Coats also said he was ordering all of the intelligence agencies with a role in election security to appoint a senior official to oversee issues of foreign influence and infrastructure attacks. These officials will form an Election Executive and Leadership Board to ensure intelligence agencies are properly focused on voting security issues.

National: “We’re not ready” for foreign election interference in 2020, says Rep. Adam Schiff | Eric Johnson/Vox

In May, Facebook refused to remove a deceptively edited viral video that made Speaker of the House Nancy Pelosi look drunk — a decision that does not bode well for how Silicon Valley will handle disinformation and election interference in 2020, Rep. Adam Schiff says. And for that matter, he said on the latest episode of Recode Decode with Kara Swisher, Congress and the voting public aren’t prepared to deal with those things either. “The tech companies aren’t ready,” Schiff said. “They don’t have, I think, their policies fully thought out yet. The government isn’t ready. We don’t have the technologies yet to be able to detect more sophisticated fakes.” “And the public, by and large, when you bring up ‘deepfake,’ they don’t know what you’re referring to,” he added. “And so we don’t have much time. It’s eight months until the primaries begin to try to prepare the public, prepare ourselves, determine what other steps need to be taken to protect ourselves from this kind of disinformation.”

National: Election security to take back seat at Mueller hearing | Maggie Miller/TheHill

This week’s much-anticipated hearing with former special counsel Robert Mueller promises to be full of high political drama. But election security — a key focus of the Mueller report — isn’t likely to garner much attention from lawmakers. Mueller is scheduled to testify before the House Judiciary and Intelligence committees in back-to-back hearings Wednesday to discuss the findings of his 448-page report on Russian interference in the 2016 presidential election. The first volume of the report was devoted to Russian efforts to interfere in the elections through social media and hacking operations, with Mueller later emphasizing in rare public remarks that election security is an issue that “deserves the attention of every American.” “I will close by reiterating the central allegation of our indictments, that there were multiple, systematic efforts to interfere in our elections,” Mueller said in a public statement to the press in May. His lengthy report detailed how Russian actors hacked into the computer system of the Democratic National Committee, engineered a social media disinformation campaign that favored President Trump and conducted “computer intrusion operations” against those working on former Secretary of State Hillary Clinton’s presidential campaign. In the wake of the report’s release, election security debates ramped up on Capitol Hill, with Republicans and Democrats strongly disagreeing on what steps, if any, Congress should take ahead of the 2020 elections. The Democratic-led House has passed several election security bills, while the GOP-controlled Senate has mostly avoided voting on them and others, with Senate Majority Leader Mitch McConnell (R-Ky.) citing concerns about federalizing elections and claiming agencies already doing enough to address the problem.

National: Microsoft reveals election-related investigation findings | CISO Magazine

Microsoft says it has detected more than 740 intrusion attempts by state-sponsored attackers last year targeting the U.S.-based political parties, campaigns, and other democracy-focused organizations, who are subscribed to Microsoft’s AccountGuard service. The Microsoft AccountGuard provides free cyber threat detection services to election-related candidates, campaigns, and other groups. The Tech giant revealed the probe findings at the Aspen Security Forum, where it demonstrated a voting system ElectionGuard software. Microsoft said the new voting system offers secure and verifiable voting experience. “Since the launch of Microsoft AccountGuard last August, we have uncovered attacks specifically targeting organizations that are fundamental to democracy. We have steadily expanded AccountGuard, our threat notification service for political campaigns, parties, and democracy-focused nongovernmental organizations (NGOs), to include 26 countries across four continents,” Microsoft said in a blog post.

National: Democrats to Press Republicans on Election Security Ahead of Mueller Testimony | VoA News

Democrats in the U.S. House and Senate are expected to issue a call Tuesday for Republicans to join in passing legislation to improve election security. The move comes a day ahead of special counsel Robert Mueller’s testimony to two House committees Wednesday about Russia’s interference in the 2016 election. Democrats plan to highlight several House-passed bills and Senate proposals in increased security ahead of the next national elections in 2020. Congressional Democrats and Republicans remain at odds over how to address election security issues three years after Russia’s interference. Last month, the Democratic-controlled House passed a bill requiring paper ballots at all polling stations. However, almost all House Republicans opposed the measure, arguing that paper ballots are more susceptible to tampering.

National: Why getting election security right for 2020 matters | J.M. Porup/CSO Online

How much election security is enough? The answer: Enough to convince a losing candidate that they lost. Will that happen for the 2020 elections? Probably not. “Is it enough? How much is enough?” Herb Lin, Senior Research Scholar at the Center for International Security and Cooperation at Stanford University, and co-author of the Stanford Cyber Policy Center’s “Securing American Elections” report, asks. “Unfortunately it’s not a technical answer. Enough means you’ve done enough so that you can persuade the loser of an election that in fact the voting machines weren’t hacked.” “You have to take into account the possibility that the loser will rally his troops and complain about the result,” he adds. “The election machinery, both organizational and technical, all of that has to be of sufficiently high quality, and resistant to attack, that you can persuade the loser of an election that they fairly lost.” That makes election security as much of a political problem as it is a technical problem. Voters must have confidence that the voting was fair, regardless of how much money is spent or what security controls are put in place. That makes securing election infrastructure categorically different than almost any other information security challenge today. At present many jurisdictions are struggling to escape the bottomless pit of despair paperless voting, and that’s a no-brainer. But once we raise the bar from wow-crazy-bad to meh-just-not-great, how do we reach a plateau of sustainably trustworthy voting security?

National: Russian oligarchs in Britain scrutinised by US investigation into election meddling | Con Coughlin/Telegraph

US Senators investigating Russian interference in the 2016 presidential election are renewing their focus on the activities of Russian oligarchs based in Britain. US congressional investigators say they are particularly interested in interviewing alleged associates of Russian Oligarch Oleg Deripaska, who is known to have close ties with Russian President Vladimir Putin. As part of its ongoing investigation into Russian meddling in the 2016 election campaign, the US Senate Intelligence Committee has now written a formal letter to a London-based security consultant requesting his presence in Washington to give evidence. In the letter, a copy of which has been seen by The Telegraph, the bipartisan committee of US Senators wants British-based security consultant Walter Soriano to attend a special closed session in Washington to answer questions about his alleged association with Mr Deripaska, who has consistently denied any wrongdoing, as well as other key figures named in its Russian investigation. The committee also expressed an interest in Mr Soriano’s possible links with two former MI6 officers, Christopher Steele and Christopher Burrows, who were responsible for producing a highly damaging “dossier” on US President Donald Trump’s alleged ties with Russia.

National: Election Assistance Commission, Hungry for Funds, Now Pays for Officials to Get to Office | Jessica Huseman/ProPublica

For years, it was how things worked at the Election Assistance Commission, the federal agency charged with helping America’s thousands of local officials run elections: If you served as one of the agency’s four commissioners, making more than $150,000 a year, you lived in and around Silver Spring, Maryland, where the agency’s office is located. The reasons were straightforward: The agency’s small staff needed daily guidance from its leadership, and its modest budget was not meant to pay for commissioners to travel from out of state. But this year, the EAC’s executive director, Brian Newby, allowed two of the four commissioners — including the agency’s chairwoman — to work outside the Washington, D.C., area and agreed to pick up the costs of their travel to and from the office. Christie McCormick and Donald Palmer, the two Republican commissioners, work most days from out of state — McCormick, the agency chairwoman, in Charlottesville, Virginia, and Palmer in a suburb of Jacksonville, Florida. Newby appears to have approved the changes on his own. Current and former employees of the agency say no formal announcement was made, and the agency’s full slate of commissioners, which includes two Democrats, does not appear to have taken a vote on the change in practice. The disclosures, contained in answers to questions the EAC provided to a congressional oversight committee, come as the agency has repeatedly claimed it is underfinanced and critics say it is not doing enough to assist election administrators around the country at a time of genuine threats to the integrity of the nation’s elections. Rep. Zoe Lofgren, the Democratic chairwoman of the House Administration Committee, which oversees the EAC, said in a letter to the commission that news of the working arrangements for McCormick and Palmer “raises concerns about how much taxpayer money is being used to accommodate travel between duty stations and agency headquarters when the agency is avowedly struggling with its current funding levels.”

National: Intel chief Coats establishes election security adviser position | Maggie Miller/The Hill

The intelligence community has crafted a position to oversee threats to election security, officials announced Friday, the latest effort to shore up security heading into the 2020 presidential elections. Director of National Intelligence (DNI) Daniel Coats has appointed Shelby Pierson to serve as the first “election threats executive” (ETE), tasking her to be the intelligence community’s “principal advisor” on election security threats. Pierson served as the crisis manager for election security for the Office of the Director of National Intelligence during the 2018 midterm elections, and has worked in the intelligence community for more than 20 years. Coats praised Pierson and said her “knowledge and experience make her the right person to lead this critical mission.” The DNI noted in a statement that “Election security is an enduring challenge and a top priority for the IC [intelligence community]. In order to build on our successful approach to the 2018 elections, the IC must properly align its resources to bring the strongest level of support to this critical issue.” Along with establishing the new position, Coats also directed all intelligence agencies that have a role in securing elections to designate a lead executive to work with the ETE to help coordinate election security efforts for the administration.

National: What six states reveal about the price of 2020 election security | Bill Theobald/The Fulcrum

States are taking steps to protect their voting systems from the sort of cyberattacks that marked the 2016 presidential election, but they lack the funds to do all that’s needed. That is the conclusion of a report released Thursday by four groups that monitor voting security or advocate for additional federal intervention to bolster cybersecurity for the political system: the Brennan Center for Justice, R Street Institute, Alliance for Securing Democracy and the University of Pittsburgh. They sampled what is happening in six states, chosen in part because hacking was attempted in several of them in the past few years. In Illinois, for example, special counsel Robert Mueller’s report found that Russian operatives hacked into the state database of registered voters and extracted some data before they were blocked. One common theme among the states is their hunger for more federal aid to replace aging voting machines. As the report points out, the states all tapped into the $380 million approved by Congress last year for election security grants to the states — but could have used far more. The House has voted to allocate another $600 million for security grants before November 2020, but the Senate has not yet begun to write the spending bill that might contain similar funding. The delay is knotted up in a much larger debate about the overall size of the federal budget for the coming year.

National: U.S. Senator Schumer asks FBI, FTC to probe Russia’s FaceApp over security concerns | Elizabeth Culliford and Kanishka Singh/Reuters

U.S. Senate minority leader Chuck Schumer called on the FBI and the Federal Trade Commission to conduct a national security and privacy investigation into FaceApp, a face-editing photo app developed in Russia, in a letter sent on Wednesday. The viral smartphone application, which has seen a new surge of popularity due to a filter that ages photos of users’ faces, requires “full and irrevocable access to their personal photos and data,” which could pose “national security and privacy risks for millions of U.S. citizens,” Schumer said in his letter to FBI Director Christopher Wray and FTC Chairman Joe Simons. The Democratic National Committee also sent out an alert to the party’s 2020 presidential candidates on Wednesday warning them against using the app, pointing to its Russian provenance. In the email, seen by Reuters and first reported by CNN, DNC security chief Bob Lord also urged Democratic presidential campaigns to delete the app immediately if they or their staff had already used it. There is no evidence that FaceApp provides user data to the Russian government.

National: Voting by Phone Is Easy. But Is It Secure? | Matt Vasilogambros/Stateline

For the first time in a presidential election, voters in two upcoming Democratic caucuses will be able to vote using their phones. The Democratic Party announced this month that Iowans and Nevadans in February will be able to opt out of the traditional caucus experience and vote using the keypads on their cellphones or landlines. Party leaders say the change will make the caucus process more inclusive, especially for members of the military and others who can’t easily caucus in person, such as people with disabilities and voters who live in remote areas. … Voting by phone is voting through the internet, either through mobile apps or the tabulating and downloading process, said Marian Schneider, president of Verified Voting, an election integrity nonprofit that advocates for a paper trail in voting. That opens the door to malicious actors, like the foreign intelligence agents who attempted to hack U.S. state and local voting systems during the last presidential race. In light of those attempts, many states are going back to paper ballots or requiring a paper trail to back up electronic systems. “Did people not get any lessons learned from 2016?” Schneider said. “It’s really an odd time to be doing this.”