National: McConnell Blocking Plans to Prevent Russian Election Attack | Jonathan Chait/New York Magazine

The House Judiciary Committee held hearings today on the Mueller report and its devastating findings of the Trump campaign efforts to collude with Russia, and Trump’s obstruction of justice thereof. The Republican message, articulated by ranking member Doug Collins, is that this is all in the distant past — the Mueller report came out in early spring; it’s already late spring — and we should focus on the future. “We’re not bringing Russians front and center,” he complained. “If we were attacked, then the priorities should be to go on the battlefields and not to the sideshow.” Funny thing about that: There actually are a lot of bills to safeguard the 2020 elections from the next Russian attack. Mitch McConnell is blocking all of them.

National: 5 steps to critical infrastructure collaboration | Randy James/FCW

The days of simply protecting critical infrastructure with guns, gates and guards or combating cyber threats solely with IT data and network protection are fleeting. Today’s threats are many and varied, as our physical and digital worlds become increasingly interconnected. They stretch all the way from contested regions around the globe back to the U.S. homeland — a country that is no longer the sanctuary it once was. Emerging threats — including the proliferation of weapons of mass destruction, information warfare against our election system, cyberattacks targeting both defense and civilian networks and even the recent Huawei indictments — put our nation’s military capability, critical infrastructure, democratic institutions and even the safety of everyday civilians at risk. In today’s threat landscape, our national defense strategy must incorporate a new, more robust and integrated “whole-of-nation” approach to homeland security. The plan must coordinate the assessment of defense and homeland security threats and synchronize how we address civilian critical infrastructure security and military mission assurance interdependencies. But the million-dollar question among government and industry leaders is not why we must adopt this approach — it’s how.

National: New Election Security Bills Face a One-Man Roadblock: Mitch McConnell | Nicholas Fandos/The New York Times

A raft of legislation intended to better secure United States election systems after what the special counsel, Robert S. Mueller III, called a “sweeping and systematic” Russian attack in 2016 is running into a one-man roadblock in the form of the Senate majority leader, Mitch McConnell of Kentucky. The bills include a Democratic measure that would send more than $1 billion to state and local governments to tighten election security, but would also demand a national strategy to protect American democratic institutions against cyberattacks and require that states spend federal funds only on federally certified “election infrastructure vendors.” A bipartisan measure in both chambers would require internet companies like Facebook to disclose the purchasers of political ads. Another bipartisan Senate proposal would codify cyberinformation-sharing initiatives between federal intelligence services and state election officials, speed up the granting of security clearances to state officials and provide federal incentives for states to adopt paper ballots. But even bipartisan coalitions have begun to crumble in the face of the majority leader’s blockade. Mr. McConnell, long the Senate’s leading ideological opponent to federal regulation of elections, has told colleagues in recent months that he has no plans to consider stand-alone legislation on the matter this term, despite clamoring from members of his own conference and the growing pressure from Democrats who also sense a political advantage in trying to make the Republican response to Russia’s election attack look anemic.

National: Election Security Is Still Hurting at Every Level | Lily Hay Newman/WIRED

The Russian meddling that rocked the 2016 US presidential election gave the public a full view of something officials and advocates have warned about for years: weak voting infrastructure and election systems around the US, and a lack of political will and funding to strengthen them. Two and a half years later, real progress has been made in key areas. But with a new presidential election less than 18 months away, glaring systemic risks remain. Many of those inadequacies show up in a new report from the Stanford Cyber Policy Center, which breaks down the threats facing the 2020 election and beyond, and proposes paths to managing them. But as the report also makes clear, many of those necessary steps will not be completed before 2020. Smooth-running elections will require a clear-eyed view of those lingering deficiencies.

National: Stanford group calls for major overhaul on election security. Here are their recommendations | Joseph Marks/The Washington Post

A plan released this week by a Stanford University group that includes former top government and tech industry officials aims to be the equivalent of the 9/11 Commission report for election security. Like the 9/11 report, which fundamentally reorganized the nation’s homeland security and intelligence structure after the Sept. 11, 2001, terrorist attacks, “Securing American Elections” aims big. It argues Russia’s 2016 election interference operation was an attack on fundamental American values, and should provoke the government and private sector to step up “defenses against efforts to erode confidence in democracy.”  The report’s 108 pages include 45 recommendations ranging from securing voting systems and combating online disinformation campaigns to negotiating major election security norms with allies and punishing adversaries who violate them. Like the 9/11 commission leaders who spent years pushing the government to fully implement their reforms amid partisan bickering, this group is preparing for a fierce lobbying campaign to turn its recommendations into reality, said Nate Persily, a report author and director of Stanford’s Cyber Policy Center.

National: House subcommittee approves funding bill with $600 million for election security | Maggie Miller/The Hill

A House Appropriations subcommittee approved a bill Monday night that includes $600 million in funding for the Election Assistance Commission (EAC) meant for states to bolster election security, with the money specifically earmarked for states to buy voting systems with “voter-verified paper ballots.” The approval comes as recent remarks by special counsel Robert Mueller emphasizing the dangers posed by foreign interference in U.S. election systems injected new life into the election security debate on Capitol Hill. The Senate already approved a bill Monday night to ban foreign individuals who meddle in U.S. elections from entering the country. The funds are part of the Financial Services fiscal 2020 budget, and were approved by voice vote by the House Appropriations Subcommittee on Financial Services and General Government. The bill now goes to the full House Appropriations Committee for consideration.

National: Election Rules Are an Obstacle to Cybersecurity of Presidential Campaigns | Nicole Perlroth and Matthew Rosenberg/The New York Times

One year out from the 2020 elections, presidential candidates face legal roadblocks to acquiring the tools and assistance necessary to defend against the cyberattacks and disinformation campaigns that plagued the 2016 presidential campaign. Federal laws prohibit corporations from offering free or discounted cybersecurity services to federal candidates. The same law also blocks political parties from offering candidates cybersecurity assistance because it is considered an “in-kind donation.” The issue took on added urgency this week after lawyers for the Federal Election Commission advised the commission to block a request by a Silicon Valley company, Area 1 Security, which sought to provide services to 2020 presidential candidates at a discount. The commission questioned Area 1 about its request at a public meeting on Thursday, and asked the company to refile the request with a simpler explanation of how it would determine what campaigns qualified for discounted services. Cybersecurity and election experts say time is running out for campaigns to develop tough protections.

National: DHS needs help peeking into state and local networks, cybersecurity official says | Benjamin Freed/StateScoop

A top federal cybersecurity official said Wednesday the Department of Homeland Security often lacks a clear picture of state and local governments’ network security, even as foreign adversaries increase their attempts to disrupt all levels of the public sector. And while federal agencies are getting better at working with state and local authorities, they face an ongoing challenge of staying ahead of an evolving threat landscape. “We don’t have good visibility in the state and local dot-gov [domain],” Rick Driggers, the deputy assistant director for cybersecurity at DHS’s Cybersecurity and Infrastructure Agency, said at FedScoop’s FedTalks event in Washington. Driggers said one of the most immediate steps state and local governments can take is to enact more robust information sharing with federal cybersecurity authorities. He said hackers, especially those backed by foreign governments, have increased their focus on state and local governments, raising the threat that a local population could suffer the brunt of a successful cyberattack.

National: NGA selects six states for election cybersecurity policy academy | Benjamin Freed/StateScoop

The National Governors Association announced Wednesday the six states that will participate in the organization’s latest cybersecurity policy academy. Officials from Arizona, Hawaii, Idaho, Minnesota, Nevada and Virginia will spend the next six months studying election security to come up with plans and practices to protect the integrity of their voting systems ahead of the 2020 presidential election. The NGA has convened the cybersecurity policy academies, which are run by the group’s Homeland Security and Public Safety division, since 2016. Last year’s program — which included Indiana, North Carolina, West Virginia and Wisconsin — focused broadly on IT security, ultimately producing a set of recommendations for greater collaboration between state and local governments.

National: States, experts ask EAC for more flexibility in voting machine standards | Derek B. Johnson/FCW

State officials and security experts say security updates contained in the Election Assistance Commission’s new Voluntary Voting System Guidelines 2.0 are badly needed, but there is concern that the bureaucratic process the agency has set up to approve and update those standards can’t keep up with the pace of technological change. Later this year, the commission is expected to vote to approve a five-page document outlining principles that will guide the development of VVSG 2.0, including a new emphasis on security. That process will be followed up with far more detailed technical guidance and standards that companies will rely on to design their new voting machines. At a May 21 hearing, the commission heard from a number of stakeholders who advised that the agency refrain from requiring a full vote to approve the technical portions of the guidelines, saying it would run counter to the goal of ensuring that voting machine standards account for the latest developments in technology.

National: Democratic base fired up by effort to ban Internet-connected voting machines | Joseph Marks/The Washington Post

As the 2020 election approaches, voting security groups are trying to rally the public behind an effort to ban Internet connections from U.S. voting machines that could be hacked by Russia and other foreign adversaries. And they’re getting an assist from activists on the left, who are still burned by the 2016 election, when Russia hacked troves of Democratic emails and strategically released them to damage the Hillary Clinton campaign. The joint effort has resulted in a staggering number of people — 50,000 — submitting comments on the issue to the Election Assistance Commission, a federal body that’s rewriting voluntary guidelines for voting machines, the organizing groups told me. The fact that a topic this technical can be an effective rallying cry for tens of thousands of people underscores that election security has become an increasingly pivotal issue in the 2020 contest — and tangible proof it’s resonating with a Democratic base that fears Russia, which sought to help the Trump campaign in 2016, might try to deliver the president a second term.

National: Voatz has raised $7 million in Series A funding for its mobile voting technology | Connie Loizos/TechCrunch

Voatz, the four-year-old, Boston, Mass.-based voting and citizen engagement platform that has been at the center of debate over the merits and dangers of mobile voting, has raised $7 million in Series A funding. The round was co-led by Medici Ventures and Techstars, with participation from Urban Innovation Fund and Oakhouse Partners. Voatz, which currently employs 17 people, is modeled after other software-as-a-service companies but geared toward election jurisdictions, working with state and local governments to conduct elections and provide related election management and cybersecurity services. As we reported back in March, the city of Denver agreed to implement a mobile voting pilot in its May municipal election using Voatz’s technology, an opportunity that was offered exclusively to active-duty military, their eligible dependents and overseas voters using their smartphones.

National: ES&S reverses position on election security, promises paper ballots | Zack Whittaker/TechCrunch

Voting machine maker ES&S has said it “will no longer sell” paperless voting machines as the primary device for casting ballots in a jurisdiction. ES&S chief executive Tom Burt confirmed the news in an op-ed. TechCrunch understands the decision was made around the time that four senior Democratic lawmakers demanded to know why ES&S, and two other major voting machine makers, were still selling decade-old machines known to contain security flaws. Burt’s op-ed said voting machines “must have physical paper records of votes” to prevent mistakes or tampering that could lead to improperly cast votes. Sen. Ron Wyden introduced a bill a year ago that would mandate voter-verified paper ballots for all election machines. The chief executive also called on Congress to pass legislation mandating a stronger election machine testing program. Burt’s remarks are a sharp turnaround from the company’s position just a year ago, in which the election systems maker drew ire from the security community for denouncing vulnerabilities found by hackers at the annual Defcon conference.

National: FEC allows nonprofit to provide free cybersecurity services to campaigns | Shannon Vavra/CyberScoop

The Federal Election Commission has decided that a nonprofit spinoff of Harvard’s Defending Digital Democracy Project may provide free and low-cost cybersecurity services to political campaigns without violating campaign finance laws, given the fact that there is a “highly unusual and serious threat” posed to U.S. elections by foreign adversaries. The driving force behind the FEC’s advisory opinion, which FEC Chair Ellen Weintraub issued Tuesday, is the fact that there is a “demonstrated, currently enhanced threat of foreign cyberattacks against party and candidate committees,” she writes in the advisory. The nonprofit, Defending Digital Campaigns, has political campaign veterans Matt Rhoades and Robby Mook among its board members, as well as former National Security Agency executive Debora Plunkett. In the ruling, Weintraub notes the FEC’s decision is partly due to the other efforts by the government, primarily to expose and prosecute foreign adversaries, that she indicates have not done enough to protect campaigns and political parties.

National: Election Assistance Commission staff ‘strained to the breaking point’ | Christopher Bing/Reuters

As the U.S. government prepares to defend the 2020 presidential election from cyber threats, the federal agency charged with helping administer elections, the Election Assistance Commission, says it is “strained to the breaking point,” according to Chairwoman Christy McCormick. “Obviously we’re a very small agency and quite under funded,” McCormick said on Wednesday during a…

National: Trump not doing enough to thwart Russian 2020 meddling, experts say | Peter Stone/The Guardian

Intelligence warnings are growing that Russia will probably meddle in the 2020 elections, but Donald Trump and a powerful Senate ally are downplaying these concerns and not doing enough to thwart interfering, say Russia and cyber experts and key congressional Democrats. Despite fears that Moscow may seek to influence the 2020 elections by launching cyber attacks, social media disinformation, covert agent operations and other “active measures” as it did in the 2016 election, adequate funding and White House focus to counter any new Russian meddling are lagging, experts and officials say. Election security concerns that critics say require more resources and attention include: a paper ballot system to replace or backup electronic voting machines vulnerable to hacking; more resources and attention for cybersecurity programs at the Department of Homeland Security (DHS); a requirement that campaigns report to the FBI any contacts with foreign nationals; and a strong public commitment from the president to an interference-free election. Federal efforts to beef up election security, critics say, have been undercut by Trump’s apparent willingness to accept Russian president Vladimir Putin’s word that the country did not interfere in 2016, and Trump’s slighting of intelligence community conclusions about Russian meddling.

National: NGA selects six states for election cybersecurity policy academy | Benjamin Freed/StateScoop

The National Governors Association announced Wednesday the six states that will participate in the organization’s latest cybersecurity policy academy. Officials from Arizona, Hawaii, Idaho, Minnesota, Nevada and Virginia will spend the next six months studying election security to come up with plans and practices to protect the integrity of their voting systems ahead of the 2020 presidential election. The NGA has convened the cybersecurity policy academies, which are run by the group’s Homeland Security and Public Safety division, since 2016. Last year’s program — which included Indiana, North Carolina, West Virginia and Wisconsin — focused broadly on IT security, ultimately producing a set of recommendations for greater collaboration between state and local governments. The 2019 academy will focus more closely on issues related to election security, from building protections around voter registration databases to developing better communications between agencies. Participants will include governors’ office staffers, election directors and statewide cabinet agencies, the NGA said.

National: Technology has made voting lines move faster but also made elections less secure | Miles Parks/NPR

From 8 a.m. to noon on Election Day last November, voting in Johnson County, Ind., ground to a halt. Lines at precincts across the county, just south of Indianapolis, swelled. Some voters waited hours to cast a ballot; some left furious that they were unable to do so. “People weren’t happy. People had to leave and go to work,” said Cindy Rapp, the Democratic member on Johnson County’s election board. The county votes on electronic voting machines, which don’t provide a paper trail — something cybersecurity experts vehemently warn against. But those machines weren’t what caused the issue in November. Instead, the problem came from the computer system, known as an electronic poll book, that poll workers were using to check people in. Increasingly, more and more states and voting jurisdictions are using these systems to speed up and improve in-person voting. According to federal data, nearly half of all voters who voted in person in 2016 signed in at their polling place using an electronic poll book. That’s up from 27 percent just one presidential election prior. Like many issues surrounding elections, moving from paper to a digital process may bring convenience, but it also brings big questions about security and reliability.

National: Republicans make alleged conservative bias top priority at election security hearing | Cat Zakrzewski/The Washington Post

Google, Facebook and Twitter executives came to Capitol Hill to testify about election security. Instead they faced a grilling about whether their platforms are biased against conservatives. A string of Republicans on the House Oversight and Reform Committee skipped questions about how the companies were tackling disinformation campaigns or preventing Russians from purchasing political ads on their platforms in the run-up to the 2020 election. They were more interested in whether Facebook and Twitter were “shadow-banning” — quietly blocking or restricting — conservatives’ accounts on their platform. “The minute you start putting your hand on the scale of freedom and justice to tilt it one way or another, quite frankly we’ve got to act as members of Congress,” warned Rep. Mark Meadows (R-N.C.). The technology executives vehemently denied that they engage in shadow banning. There is no evidence that the platforms have been systematically biased against one political party.

National: U.S. House bill would require feds to notify public of election hacking | Benjamin Freed/StateScoop

Two members of the U.S. House of Representatives from Florida said Thursday they will introduce a bill that would require federal officials to inform Congress, state and local authorities and the public if an election-related computer system is hacked. The measure, from Democrat Stephanie Murphy and Republican Michael Waltz, comes as a response to federal authorities’ refusal to publicly name the two Florida counties where voter registration databases were successfully breached by Russian military intelligence hackers during the 2016 presidential election. Under the bill, text of which has not yet been released, federal law enforcement and cybersecurity authorities who detect unlawful access of election systems would be required to “promptly” notify the relevant state and local officials, as well as members of Congress representing the targeted jurisdiction. In turn, state and local officials would be obligated to notify any potentially affected voters.

National: Mueller remarks put renewed focus on election security bills | Maggie Miller/The Hill

Legislation aimed at securing U.S. elections got an unexpected shot in the arm this week when Robert Mueller devoted a fair share of his first remarks on the Russia probe to the threat posed by foreign actors seeking to undermine democracy at the ballot box. Election security bills have been languishing in Congress for months, due in large part to Republicans who do not want to shine a light on Russia’s actions and risk the fury of President Trump. The president weighed in on the issue Thursday, telling reporters that “we are doing a lot, and we are trying to do paper ballots as a backup system as much as possible, because going to good old-fashioned paper in this modern age is the best way to do it.” Those remarks came after he said Russia did not help him secure the presidency — his first on-camera response to Mueller’s comments, though he tweeted earlier in the day that Russia helped him win the election. The president’s comments came a day after Mueller shined a spotlight on Russia’s attempts to interfere in the 2016 U.S. presidential election. Mueller emphasized that “the central allegation of our indictments” was “there were multiple, systematic efforts to interfere in our election.” He ended his 10-minute statement by saying this “deserves the attention of every American.”

National: Keeping voting security standards from bureaucracy | Derek B. Johnson/GCN

Although the security updates to the Election Assistance Commission’s new Voluntary Voting System Guidelines 2.0 are sorely needed, its approval and updating process can’t keep up with the technological changes. Later this year, the full commission is expected to vote to approve a five-page document outlining principles that will guide the development of VVSG 2.0, including a new emphasis on security. At a May 21 hearing, however, a number of stakeholders advised the agency to refrain from requiring a full vote to approve the technical portions of the guidelines, saying it could keep the latest technology from being incorporated into voting machine standards. “We cannot wait weeks or months for a decision on a federal level when there’s a need to act immediately,” Iowa Secretary of State Paul Pate said. “I’m asking all of you to have a dialogue about what happens if we run into that situation again when there is not a full quorum on the EAC. How will decisions be made, and will that make it more difficult for state election officials to protect the security and integrity of the vote?”

National: Top Republican says Senate unlikely to vote on any election security bills | Maggie Miller/The Hill

Sen. Roy Blunt (R-Mo.), a member of Senate GOP leadership, said Wednesday that the chamber is unlikely to vote on any election security legislation, despite requests from a federal agency for more funding to improve election systems nationwide. Blunt made the remarks at a Senate Rules Committee hearing where Election Assistance Commission (EAC) officials highlighted what they said is an urgent need for more resources. His comments were in response to Senate Minority Whip Dick Durbin (D-Ill.) pointedly asking during the hearing whether the Rules Committee, chaired by Blunt, would mark up any election security bills already introduced this Congress. “At this point I don’t see any likelihood that those bills would get to the floor if we mark them up,” Blunt said. When Durbin asked why that was the case, Blunt said, “I think the majority leader is of the view that this debate reaches no conclusion. And frankly, I think the extreme nature of H.R. 1 from the House makes it even less likely we are going to have that debate.”

National: Americans may vote in 2020 using old, unsecured machines | Gopal Ratnam/Roll Call

The first primary in the 2020 presidential race is a little more than 250 days away, but lawmakers and experts worry that elections will be held on voting machines that are woefully outdated and that any tampering by adversaries could lead to disputed results. Although states want to upgrade their voting systems, they don’t have the money to do so, election officials told lawmakers last week. Overhauling the nation’s election systems would mean injecting as much as $1 billion in federal grants that would then be supplemented by states, but top Senate Republicans have said they are unlikely to take up any election security bills or give more money to the states. The deadlock could mean that even as federal government and private companies spend tens of billions of cybersecurity dollars annually to protect their computers and networks from attacks, the cornerstone of American democracy could remain vulnerable in the upcoming elections.

National: EAC rattles the cup on Capitol Hill | Derek B. Johnson/FCW

For the first time in nearly a decade, the Election Assistance Commission has a full slate of commissioners in place. Now, with the agency sitting at the center of several key election security debates, they’re asking Congress to make their budget whole too. At a May 15 Senate Rules Committee hearing, Christy McCormick, who chairs the EAC, said the commission is at “a critical crossroads with regard to having sufficient resources necessary to better support state and local election administrators and the voters they serve” and asked members of Congress for more funding. “With additional resources, the EAC would have the opportunity to fund additional election security activities within its election technology program,” said McCormick. There is no shortage of ambition at EAC when it comes to supporting this work, but there is a stark shortage of funds for such activities.”

National: EAC hires 2 tech experts for testing and certification program | Sean Lyngaas/CyberScoop

The U.S. Election Assistance Commission has added two experienced hands to its voting system certification program amid concerns it had a shortage of technical experts overseeing election infrastructure. The agency is staffing up its crucial certification program by hiring Jessica Bowers, a former executive at Dominion Voting Systems, one of the country’s three largest voting system vendors, and Paul Aumayr, a former Maryland election official. Both new hires will work as senior election technology specialists. In an email announcement to staff obtained by CyberScoop, EAC Executive Director Brian Newby touted Bowers and Aumayr’s technical acumen. Bowers has “over 18 years of software development and product support experience,” while Aumayr is a “Microsoft-certified systems engineer,” Newby wrote.

National: Here’s how the military’s hacking arm is gearing up to protect the 2020 election |The Washington Post

Russia viewed the midterm elections as a “warm-up” for 2020. The U.S. military’s hacking division is treating it that way, too. In the run-up to the presidential election, U.S. Cyber Command is surging election defense efforts that proved useful during the midterms, officials told reporters Tuesday — including probing allies’ computer networks to glean insights about Russian threats. Cybercom is also working more closely with election defense teams at the Department of Homeland Security and the FBI, and with industry sectors that are targeted by Kremlin hackers and might have early warnings about threats facing the election, my colleague Ellen Nakashima reported from that briefing. “Our goal is to have no interference in our elections,” said Maj. Gen. Tim Haugh, who heads the command’s cyber national mission force. “Ideally, no foreign actor is going to target our electoral process.” Cybercom is the only outfit among the myriad federal state and local government agencies tasked with protecting the 2020 election that is allowed to punch back against Russian hackers — and it’s using its new authorities granted during the Trump administration to be more aggressive in cyberspace.

National: Congress focuses on money and staffing in election security | Derek B. Johnson/FCW

The Election Assistance Commission and the Cybersecurity and Infrastructure Security Agency were sharply questioned in hearings this week by lawmakers about human resource decisions. The EAC has just a small handful of employees dedicated to testing and certification of voting machines, and the acting director of testing and certification stepped down earlier this month. While the agency quickly hired a new director and has worked to bring on more personnel, there’s concern that EAC staff could be under-resourced heading into the 2020 election cycle and beyond. The agency had nearly 50 full-time employees and a budget of $17 million budget in 2009. Today they have a headcount in the low twenties and a budget of $10 million despite an expanded role in election cybersecurity. Chair Christy McCormick and other commissioners were questioned over a host of perceived staffing and management failures at a May 21 House Administration committee hearing.

National: Foreign election hacking inevitable, say US officials | Eric Tucker and Colleen Long/Associated Press

The hacking of U.S. election systems, including by foreign adversaries, is inevitable, and the real challenge is ensuring the country is resilient enough to withstand catastrophic problems from cyber breaches, government officials said Wednesday. The comments by representatives from the departments of Justice and Homeland Security underscored the challenges for federal and state governments in trying to ward off interference from Russia and other countries in the 2020 election. Special counsel Robert Mueller has documented a sweeping effort by Moscow to meddle in the 2016 election in Donald Trump’s favor by hacking Democrats and spreading disinformation online, and FBI Director Chris Wray said in April that the government regarded last November’s midterm election was “as just kind of a dress rehearsal for the big show in 2020.”

National: Report: U.S. political parties need to shore up cyber | Derek B. Johnson/FCW

Three years after the 2016 election, major political parties in the U.S. are still displaying sloppy digital security practices, according to a report from Security Scorecard. In new research released May 21, the company found vulnerabilities for the public facing, internet-connected digital assets of two major political parties. The Green Party and the Libertarian Party websites also displayed weaknesses. Vulnerabilities range from smaller sins like serving expired security certificates and sending unencrypted data to larger ones like leaking personally identifiable information and failing to put in place anti-spoofing protocols. In one case, an unnamed U.S. party was caught leaking data from a voting validation application containing the names, dates of birth and addresses of voters to the internet.