National: Push to bolster election security stalls in Senate | The Hill

Senators are running into roadblocks from state officials as they try to craft legislation to secure election systems before the midterms in November. Sens. James Lankford (R-Okla.) and Kamala Harris (D-Calif.) are pushing for legislation that would bolster the security of U.S. voting infrastructure, with an eye toward countering threats from adversaries like Russia. But Lankford on Wednesday was forced to table an amendment to a bill moving through the Senate that was aimed at improving information-sharing between federal and state election officials on election cyber threats. State officials objected to the amendment. The development sparked frustration on the Senate Homeland Security and Governmental Affairs Committee, where lawmakers have been agitating for action. … The amendment would also mandate that election service providers, including vendors and contractors, notify state officials promptly if election systems — including voting machines, voter registration databases and election agency email systems — are breached, and that state officials provide the information to their federal counterparts in a timely fashion. The secretaries of state questioned whether states would be penalized if a vendor or contractor failed to notify state election agencies of cybersecurity incidents.

National: US senator grills CEO over the myth of the hacker-proof voting machine | Ars Technica

A US senator is holding the nation’s biggest voting machine maker to account following a recent article that reported it has sold equipment that was pre-installed with remote-access software and has advised government customers to install the software on machines that didn’t already have it pre-installed. Use of remote-access software in e-voting systems was reported last month by The New York Times Magazine in an article headlined “The Myth of the Hacker-Proof Voting Machine.” The article challenged the oft-repeated assurance that voting machines are generally secured against malicious tampering because they’re not connected to the Internet. Exhibit A in the case built by freelance reporter Kim Zetter was an election-management computer used in 2016 by Pennsylvania’s Venango County. After voting machines the county bought from Election Systems & Software were suspected of “flipping” votes―meaning screens showed a different vote than the one selected by the voter―officials asked a computer scientist to examine the systems. The scientist ultimately concluded the flipping was the result of a simple calibration error, but during the analysis he found something much more alarming―remote-access software that allowed anyone with the correct password to remotely control the system.

National: U.S. Hasn’t Shared Enough About Cyber Risks, Official Says | Bloomberg

The U.S. government has failed to share enough information about cyber threats, including risks to election systems, with federal agencies and states, according to a top Trump administration intelligence official. Intelligence agencies are “kicking butt offensively,” but the U.S. needs to be better prepared to defend against future attacks as adversaries constantly learn about “our gaps and weaknesses,’’ William Evanina, director of the National Counterintelligence and Security Center, said Thursday at a conference in Washington.

National: Senators demand cyber deterrence strategy from Trump | The Hill

A bipartisan group of senators is pressing President Trump to issue a national strategy for deterring malicious activity in cyberspace “as soon as possible,” accusing successive administrations of not giving enough urgency to the issue. “The lack of decisive and clearly articulated consequences to cyberattacks against our country has served as an open invitation to foreign adversaries and malicious cyber actors to continue attacking the United States,” the senators wrote in the letter, obtained by The Hill. “The United States has failed to formulate, implement, and declare a comprehensive cyber doctrine with an appropriate sense of urgency,” they wrote. “We urge you to end this state of inaction immediately.”

National: Democrats want millions for FBI and states to protect elections | USA Today

Democrats — and some Republicans — are pushing to boost funding for FBI counterterrorism teams and grants to states to protect against Russian meddling in elections. Lawmakers want more than $700 million for election security added to a sweeping $1.3 trillion omnibus spending bill that Congress must pass by March 23 to keep the government open. The House could take up the spending bill as early as next week. “We cannot leave states to their own devices in defending against the sophisticated cyber tactics of foreign governments,” House Minority Whip Steny Hoyer, D-Md., and 14 other House Democrats wrote in a letter this week to leaders of the House Appropriations Committee. “An attack on the electoral infrastructure in one state is an attack on all of democracy in America.”

National: Senators ask voting machine vendors if they shared code with Russian entities | The Hill

Sens. Amy Klobuchar (D-Minn.) and Jeanne Shaheen (D-N.H.) sent a letter Wednesday to three election equipment vendors to ask whether they have shared information about their machines with Russian entities. The senators wrote to Election Systems & Software, Dominion Voting Systems Inc. and Hart InterCivic Inc. to ask if the companies had shared the source code, software or other sensitive details about their machines with Russians. “Foreign access to critical source code information and sensitive data continues to be an often overlooked vulnerability. Further, if such vulnerabilities are not quickly examined and mitigated, future elections will also remain vulnerable to attack,” the senators wrote.

National: Democracy’s Gatekeepers: 2018’s Secretary of State Elections | Harvard Political Review

In state politics, the most enviable marker of power is the so-called “triplex.” To achieve a triplex, a political party must sweep the state’s three most influential offices. The first two are the governor and attorney general positions, the former due to extensive executive powers and the latter due to their power to sue the federal government. But it is the third and most frequently overlooked member of the triplex who may have the most influence over democracy: the secretary of state. The duties of the secretary of state encompass serving as the state’s chief election official, along with such administrative duties as permitting and business authentication. Because of their role in the electoral process, secretaries of state have critical influence over who can vote and how easy it is to do so.

National: Top U.S. intel official insists White House engaged on election security | Reuters

The top U.S. intelligence official insisted on Tuesday that President Donald Trump’s administration is “actively engaged” in countering Russian efforts to influence the November elections, even as he warned of Moscow’s continuing “malign activities.”  “The White House is actively engaged,” Director of National Intelligence Dan Coats told a Senate hearing, where lawmakers pressed for answers on election security. “This is a high priority for them,” he said. Coats and other intelligence officials have warned repeatedly that Russia is already trying to interfere in the 2018 mid-term elections by using social media to spread propaganda and misleading reports, much as it did during the 2016 presidential race.

National: Election Assistance Commission Carries On Despite GOP Resistance | GovExec

These could be tumultuous times for the tiny federal agency called the U.S. Election Assistance Commission. In a mid-term election year in which the threat of Russian meddling in American balloting continues as front-page news, the 30-person staff in Silver Spring, Md., with its $9.2 million budget is forging ahead to help states and localities modernize voting equipment, recruit poll workers and make polling stations more accessible. Some Republican critics in Congress, however, have continued a years-old bid to defund the agency set up in 2002, calling it duplicative and proposing during this year’s continuing budget battle to move some functions to the Federal Election Commission.

National: Trump floats idea to secure elections: ‘It’s always good to have a paper backup’ | Politico

President Donald Trump has one idea to blunt the impact of Russian meddling in U.S. elections: “It’s called paper.” “One of the things we’re learning is, it’s always good — It’s old-fashioned — but it’s always good to have a paper back-up system of voting,” the president said Tuesday during a joint press conference with Swedish Prime Minister Stefan Löfven. “It’s called paper. Not highly complex computers, paper. A lot of states are doing that. They’re going to a paper back-up. And I think that’s a great idea. We’re studying it closely. Various agencies, including homeland security, are studying it very carefully.” Trump, who has acknowledged Russia meddled in the 2016 election but has said his team was not involved in the effort, has been adamant that Russia had “no impact” on votes. He told reporters Tuesday that other countries “probably” were involved in presidential-election meddling as well.

National: Senators make new push to improve election cybersecurity | The Hill

The coming week could bring movement on legislation aimed at securing U.S. voting infrastructure from cyber threats. Sen. Kamala Harris (D-Calif.) said Wednesday that she and Sen. James Lankford (R-Okla.) are planning to introduce an amendment to a bill reauthorizing the Department of Homeland Security (DHS) that would help states modernize their election systems. Harris and Lankford are both sponsors of the Secure Elections Act, a bill they introduced in December that would set up a grant program for states to replace outdated paperless voting machines and take other steps to bolster cybersecurity. Harris said at a Senate Homeland Security and Governmental Affairs Committee meeting that the amendment will implement “bipartisan election security measures to modernize election cybersecurity across America and protect against foreign interference on future elections.”

National: Jailed Russian: Here’s How I Hacked The U.S. Election | Fast Company

Konstantin Kozlovsky is ready to talk. The 29-year-old blonde-haired Russian hacker at the center of the intrigue surrounding the Kremlin’s cyberattacks on the 2016 U.S. presidential election currently sits in a high-security prison with the forbidding name of Matrosskaya Tishina (Sailor’s Silence) in northeastern Moscow. Kozlovsky is officially charged with stealing millions from Russian banks, but he’d prefer to brag about how he built the software used to hack the Democratic National Committee (DNC) and other U.S. targets. At a small hearing in a Moscow court earlier this month, with only a handful of media outlets present, Kozlovsky said he was ready to present detailed evidence that the Kremlin was directly involved in a series of high-profile attacks, including compromising the DNC’s computer systems in 2016, as well as those of the U.S. government, military, social media companies, and leading U.S. publishers. In an interview with Fast Company conducted over the last two weeks via a verified representative, Kozlovsky was able to provide more details for his claims about the role of the Russian government, and how the program he developed was designed to wreak havoc.

National: ‘Off the rails’: House Russia probe hits new low | Politico

Mistrust, anger and charges of skulduggery between Democrats and Republicans have hobbled the House Intelligence Committee’s Russia investigation for months. Hope Hicks and a pair of frustrated senators may have finally broken it. There are new signs that Republicans may soon conclude a probe that Democrats call far from complete following Wednesday’s testimony by President Donald Trump’s confidante, Hicks. Leaks revealed that Hicks had admitted to sometimes telling white lies on Trump’s behalf — a fact that Republicans called an unfair distortion of the departing White House communications director’s testimony. The next day, House Speaker Paul Ryan’s office confirmed that the top two members of the Senate Intelligence Committee paid an extraordinary visit to Ryan to express their “concerns” about how the House panel is operating — and, according to one report, to accuse Republicans of their own dishonest leaking.

National: 1 State? 7 States? Uncertainty Persists About Russian Cyberattacks On U.S. Election | NPR

Even as Americans begin voting in the earliest 2018 midterm primaries, the public still doesn’t have solid answers about what happened to its election systems in 2016. Instead it has conflicting accounts and official denials. The latest example this week came from the Department of Homeland Security, which slammed a report by NBC News that said the intelligence community had evidence in early 2017 to believe Russian operatives compromised more state voter systems in 2016 than previously known. DHS said NBC’s story was “factually inaccurate and misleading” and stood by its previous assessment, that just one state, Illinois, had its system breached. NBC then slammed that response in a subsequent defense of its story, which quoted a former cyber-expert from the Obama administration, Michael Daniel, who said that when he was in the White House, it believed seven states had been compromised. What’s the real story? How serious were the Russian cyberattacks across the United States?

National: White House Has Given No Orders to Counter Russian Meddling, N.S.A. Chief Says | The New York Times

Faced with unrelenting interference in its election systems, the United States has not forced Russia to pay enough of a price to persuade President Vladimir V. Putin to stop meddling, a senior American intelligence official said on Tuesday. Adm. Michael S. Rogers, the departing head of the National Security Agency and the military’s Cyber Command, said that he was using the authorities he had to combat the Russian attacks. But under questioning during testimony before the Senate Armed Services Committee, he acknowledged that the White House had not asked his agencies — the main American spy and defense arms charged with conducting cyberoperations — to find ways to counter Moscow, or granted them new authorities to do so. “President Putin has clearly come to the conclusion that there’s little price to pay and that therefore ‘I can continue this activity,’” said Admiral Rogers, who is set to retire in April. “Clearly what we have done hasn’t been enough.”

National: Trump NSA pick says response to Russian election interference has fallen short | The Hill

President Trump’s choice to lead the National Security Agency (NSA) said Thursday that the United States’ response to Russian election interference has not been sufficient enough to change Moscow’s behavior. Lt. Gen. Paul Nakasone, nominated to lead both NSA and U.S. Cyber Command, was asked at his confirmation hearing whether he agreed with outgoing NSA Director Adm. Michael Rogers’s statement that the response to Russian meddling in the 2016 election has not been strong enough. “It has not changed their behavior,” Nakasone told Sen. Ben Sasse (R-Neb.), who asked the question.  Nakasone appeared before the Senate Armed Services Committee two days after Rogers, who faced tough questions over the Trump administration’s response to Russia’s interference in the 2016 presidential election during a hearing on the 2019 budget request for U.S. Cyber Command. Rogers heads that command in addition to the NSA.

National: The surprising consequence of lowering the voting age | The Washington Post

In November 2013, voters in Takoma Park, Md., made history. The city became the first place in the United States to grant 16- and 17-year-olds the right to vote in local elections. Since then at least one other community — neighboring Hyattsville, another suburb of Washington, D.C. — has followed that example. Activists have been campaigning for that right in communities across the country, from Memphis to Fresno, Calif. Fifteen states now allow 17-year-olds to vote in primaries for elections that will be held after they turn 18. There are two good reasons to reduce the voting age. First, it is likely to help young people establish the habit of voting lifelong. Second, as my recently published research shows, it makes their parents more likely to vote as well.

National: Mueller preparing charges against Russians who hacked Dem emails: report | The Hill

Special counsel Robert Mueller is preparing charges against Russians who hacked and leaked information designed to hurt Democrats in the 2016 presidential election, NBC News reported Thursday. The charges would center around Russian hackers who leaked emails from the Democratic National Committee (DNC) and Clinton campaign chairman John Podesta, according to NBC. Sources told NBC that the charges could be filed in the coming weeks or months, and could involve conspiracy statute and election law violations.

National: Governors Fear for Election Security Amid Russian Cyberattacks | Assocated Press

Will your vote be safe this year from foreign adversaries working to undermine U.S. democracy? Some of the nation’s governors aren’t so sure. State leaders of both parties worried aloud Sunday about the security of America’s election systems against possible cyberattacks ahead of this fall’s midterm elections, aware that Russian agents targeted more than 20 states little more a year ago, and the Trump administration has taken a mostly hands-off approach to the continued interference. U.S. intelligence leaders report Russian hackers are already working to undermine this November’s elections, which will decide the balance of power in Congress and in statehouses across the nation.

National: Russian Election Assault Poses Quandary for 2018 Campaigns | Associated Press

Encrypted messages. Two-factor authentication. Real-time monitoring of social media for malicious internet bot activity. This is the new reality for candidates running in 2018, scared of email hacks and elaborate misinformation schemes like the ones Russia used to disrupt the 2016 campaign. And many candidates say they’re concerned they can’t rely on Congress or the White House for advice, or protection. “Since many in Washington continue to bury their head in the sand over the dangers our Democracy faces, our campaign has taken deliberate steps to guard against cyberattacks by mandating extensive security measures,” said Gareth Rhodes, a Democrat running for an upstate New York House seat. He said he’s put his campaign staff through training on how to identify phishing and hacking attempts.

National: Too political to wear? Supreme Court debates voter apparel law | Reuters

U.S. Supreme Court justices on Wednesday debated the legality of a Minnesota law barring voters from wearing political apparel at polling places, struggling to draw the line between protecting free speech and preventing voter intimidation. Minnesota’s law, challenged by conservative activists, prohibits badges, buttons, hats, T-shirts or other items with overly political messages inside polling sites during elections. At least nine other states have similar laws. During a one-hour argument before the nine-member court, several justices peppered attorneys on both sides with hypothetical examples of apparel, challenging them to say whether they would be acceptable in a voting site or not. Liberal Justice Elena Kagan wondered about “Make America Great Again” and “Resist,” popular slogans for supporters or opponents of President Donald Trump.

National: U.S. intel: Russia ‘compromised’ seven states prior to 2016 election | NBC

The U.S. intelligence community developed substantial evidence that state websites or voter registration systems in seven states were compromised by Russian-backed covert operatives prior to the 2016 election — but never told the states involved, according to multiple U.S. officials. Top-secret intelligence requested by President Barack Obama in his last weeks in office identified seven states where analysts — synthesizing months of work — had reason to believe Russian operatives had compromised state websites or databases. Three senior intelligence officials told NBC News that the intelligence community believed the states as of January 2017 were Alaska, Arizona, California, Florida, Illinois, Texas and Wisconsin.

National: New EAC chairman will continue to focus on election security | Cyberscoop

Thomas Hicks has been tapped to chair the Election Assistance Commission, an agency that is considered central to protecting the U.S. election infrastructure from cyberthreats, the commission announced on Friday. Reuters reported on Thursday that Republican House Speaker, Rep. Paul Ryan, decided not to recommend former chairman Matthew Masterson for a second term as one of the EAC’s four commissioners. Commissioners are recommended by congressional leadership, nominated by the president and confirmed by the Senate. According to Reuters, some state officials were surprised that Masterson was not considered for a second term as commissioner, given that he has focused much of his tenure on cybersecurity.

National: State Department launches $40M offensive against foreign propaganda | The Hill

The State Department is launching a $40 million initiative to crack down on foreign propaganda and disinformation amid widespread concerns about future Russian efforts to interfere in elections. The department announced Monday that it signed a deal with the Pentagon to transfer $40 million from the Defense Department’s coffers to bolster the Global Engagement Center, an office set up at State during the Obama years to expose and counter foreign propaganda and disinformation. The new influx of funds will bolster the center’s operations in the current fiscal year.

National: Senate intelligence panel may miss target for election security recommendations | Politico

The Senate Intelligence Committee may miss its target for making election security recommendations to states facing potential Russian disruption during the midterms — but its GOP chairman is eyeing a contingency plan. Sen. Richard Burr (R-N.C.) and the panel’s Democratic vice chairman, Sen. Mark Warner of Virginia, have long eyed next week’s first congressional primaries as their ideal date to release election-protection recommendations. The intelligence committee’s counsel to states would amount to the first formal fruits of their yearlong bipartisan investigation into Russian meddling in the 2016 election.

National: Most states disenfranchise felons. Maine and Vermont allow inmates to vote from prison. | NBC

Joseph Jackson was one of the millions of Americans inspired by Barack Obama’s 2008 White House bid. A black man in the nation’s whitest state, he coordinated voter registration drives and cast his first-ever ballot for the candidate who would become the nation’s first African-American president. And he did it all while incarcerated in a maximum-security prison, serving 19 years for manslaughter. That’s because Jackson, 52, was convicted in Maine, one of just two states that allow felons to vote from behind bars. In the U.S., nearly all convicted felons are disenfranchised during their prison sentences and, often, barred from the ballot for years after release. Sometimes, offenders lose the right to vote for life.

National: Russia fears have election vendors feeling the heat | Politico

The furor over fake news and Russian bots is overshadowing another weak link in the security of U.S. elections — the computer equipment and software that do everything from store voters’ data to record the votes themselves. Now the voting vendor industry is receiving increased attention from Congress and facing the prospect of new regulations, after more than a decade of warnings from cybersecurity researchers and recent revelations about the extent of Russian intrusions in 2016. … In 2006, a team of security researchers published a report saying that touchscreen voting machines made by the notably litigious vendor Diebold were vulnerable to “extremely serious attacks.” The researchers were so afraid of being sued by Diebold — now a subsidiary of the voting technology behemoth Dominion — that they broke with longstanding practice and didn’t tell the company about their findings before publishing. The team was “afraid that [Diebold] would try to stop us from speaking publicly about the problems,” said J. Alex Halderman, a University of Michigan computer science professor who was one of the report’s authors.

National: US mobilises to counter Russian interference in midterm elections | Financial Times

US intelligence and election officials have stepped up efforts to protect this year’s midterm elections over fears that Russia is seeking to influence the public vote and tamper with voting systems. State election officials gathered for two “unprecedented” briefings from intelligence officials last week. “Advanced persistent threats are out there,” said Matthew Masterson, outgoing chairman of the bipartisan US Election Assistance Commission who attended the briefing. Those familiar with the briefing said it focused on the threat from Russia and encouraged states to back up voter databases, regularly patch cyber security lesions and alert authorities of anything suspicious.

National: Homeland Security’s tall order: A hacker-free election | CNET

As lawmakers and federal investigators continue to try to understand the chaos foreign actors were able to create during the 2016 election, the US Department of Homeland Security has taken a central role in helping secure the next election. The agency declared the US election system, which is run by a fragmented group of officials in all 50 states as well as dozens of smaller local governments, to be a part of the nation’s “critical infrastructure” in January 2017. The agency doesn’t have any legal authority over election officials, but it offers programs to help them keep hackers out of voting machines, voter registration databases and public-facing election websites.

National: What’s The Best Way To Verify Votes? | NPR

What’s the best way to safeguard elections from hackers? Good old-fashioned paper ballots, says Marian Schneider, President of Verified Voting. She talks with NPR’s Scott Simon.

SCOTT SIMON, HOST: Remember hanging chads – harried poll workers staring at punched paper ballots trying to determine what a dangling chad or stray mark may have indicated how somebody wanted to cast their ballot in the presidential election of 2000? Punch-card ballots and paper got a bad rap in favor of smooth, sleek, instantaneous electronic voting systems that were supposed to remove doubt. With those advancements came bigger problems. The major fear is now hacking, and more voices now urge a return to paper ballots. Marian Schneider is president of Verified Voting, a nonpartisan, not-for-profit organization that’s dedicated to verifiability in elections. She joins us from the studios of WHYY in Philadelphia. Thanks so much for being with us.

MARIAN SCHNEIDER: Thank you for having me.

SIMON: Should we return to paper?

SCHNEIDER: Short answer – yes. But I want to point out that 70 percent of the country already uses an electronic voting system with either a voter-marked paper ballot or a paper record, so it’s not exactly a return to paper. There’s just a few locations that still use what we perceive as unverifiable voting systems, and that’s what we need to change.