National: New Voting Machines Have Been Declared A National Security Priority. And Congress Looks Likely To Pay For Them. | Buzzfeed

Pressure is mounting for Congress to take dramatic steps to ensure the security of US voting systems with just seven months to go before the crucial 2018 midterm elections. On Wednesday, Homeland Security Secretary Kirstjen Nielsen called the need for new voting machines that produce a paper trail “a national security issue,” and Republican Sen. Richard Burr, the chair of the Senate Intelligence Committee, added his name as a cosponsor to a bill that would provide money to replace voting equipment that can’t be audited. But whether that funding will be appropriated remains uncertain. The Secure Elections Act has been slow to gain cosponsors, but its provisions were folded into the Senate’s must-pass omnibus spending bill to keep the government open as the Senate heads toward a Friday deadline to avoid another government shutdown.

National: GOP Shuts Down House Russia Probe Despite New Revelations | Bloomberg

Republicans shut down the House Intelligence Committee’s contentious Russia probe Thursday, despite new revelations that Donald Trump’s 2016 presidential campaign may have benefited from the exploitation of personal information from millions of Facebook users. In a closed-door meeting, the panel voted over Democrats’ objections to approve and release a Republican-written final report, said Michael Conaway, a Texas Republican who led the panel’s investigation. “House Intelligence Committee votes to release final report,” Trump said in a Twitter posting Friday morning in his first comment on the vote. “FINDINGS: (1) No evidence provided of Collusion between Trump Campaign & Russia. (2) The Obama Administrations Post election response was insufficient. (3) Clapper provided inconsistent testimony on media contacts.”

National: Senators introduced revised version of election cyber bill | The Hill

A bipartisan group of senators on Thursday unveiled revised legislation to secure U.S. voting systems from cyberattack. The bill, originally introduced in December, retains its original tenets, including authorizing grants for states to replace outdated voting systems with more secure technology. However, it contains several revisions that appear designed to address individual states’ concerns with the bill. The new bill, like its predecessor, aims to address future threats to voter registration databases and other systems following Russian interference in the 2016 presidential vote. The Department of Homeland Security has said that Russian hackers tried to break into election systems in 21 states before the election, as part of a broader interference plot. In one case, hackers successfully breached a voter registration database in Illinois.

National: Efforts to Secure Elections Moving Too Slowly, Senators Tell Homeland Security Chief | The New York Times

Members of the Senate Intelligence Committee pressured Kirstjen Nielsen, the secretary of homeland security, on Wednesday to speed up key election security measures, even as she trumpeted the adoption of important improvements ahead of November’s midterm elections. Ms. Nielsen told the senators, who are investigating Russia’s interference in the 2016 election, that the department made significant strides in recent months working with state and local election officials to improve communication about threats and share cybersecurity resources. Those efforts include comprehensive risk assessments and cyberscans meant to identify vulnerabilities in election systems. But under questioning, Ms. Nielsen signaled that one of those undertakings, to grant full security clearances to state election officials so they could receive classified information on cybersecurity threats in a timely way, had been slow going. Of the up to 150 state election officials designated to receive clearances, only about 20 have them, she said.

National: Old voting machines in the US can be hacked without people knowing it | Business Insider

For all the hubbub about election security in the US ahead of the 2018 midterms, there is one issue that almost no one seems to be talking about: old voting machines. A total of 41 states currently have voting machines that are at least a decade old, according to the Brennan Center for Justice, leaving thousands of systems vulnerable to hackers and other security risks that could compromise election results. With old voting machines come a whole host of issues: outdated software, machine breakdown, spare replacement parts that are near impossible to find. On Tuesday, the Senate Intelligence Committee, which is investigating Russia’s meddling in the 2016 US election, called on states to “rapidly replace outdated and vulnerable voting systems.”

National: Key Senate committee concludes Russian interference; calls for voting reforms | San Francisco Chronicle

With unanimity, both Republicans and Democrats on the Senate Intelligence Committee said Tuesday that Russia attempted to interfere in the 2016 presidential election and urged their congressional colleagues to help states upgrade their balloting systems to ensure the integrity of November’s midterm elections. California was among the 21 states whose election systems Russia attempted to infiltrate, committee members said during a news conference outlining their recommendations to improve election security. Russia succeeded in penetrating the voter database of one state, Illinois, but the committee said it found no evidence that any votes were altered. The committee plans to issue a full report and has scheduled a hearing Wednesday with testimony from Trump administration officials and the heads of national associations of state election officials.

National: Senate Intel Committee gives Homeland Security its election security wish list | TechCrunch

In a press conference today, the Senate Select Committee on Intelligence presented its urgent recommendations for protecting election systems as the U.S. moves toward midterm elections later this year. “Currently we have an election upon us, and the past tells us that the future will probably hold another set of threats if we are not prepared,” Senator Kamala Harris said. The bipartisan committee offered a set of measures to defend domestic election infrastructure against hostile foreign nations. Before launching into the findings from its committee-wide examination of current practices, written up in an accompanying report, the group emphasized that states are “firmly in the lead” in conducting elections, although the federal government should work closely to provide funds and information.

National: Senators release election security recommendations to deter meddling | The Guardian

A bipartisan group of senators leading an inquiry into Russian meddling in the 2016 US election called on Tuesday for urgent action by Congress to help states protect their voting systems from future threats of foreign interference. With the 2018 congressional primaries already under way, members of the senate intelligence committee outlined a series of recommendations – the first public release from the panel’s yearlong investigation – that they say will help improve the cybersecurity of the nation’s election infrastructure. “We’re now at a point where we’ve wrapped up one piece of our investigation, which deals with election security,” said Republican senator Richard Burr, the chairman of the committee, who spoke alongside the Democratic vice-chair, Senator Mark Warner, and members of the committee. By and large, he said, “we need to be more effective at deterring our adversaries.”

National: Facebook’s Cambridge Analytica scandal, explained | Ars Technica

Facebook is reeling from a series of revelations about private user data being leaked to Cambridge Analytica, a shadowy political consulting firm that did work for the Donald Trump campaign. Last Friday, reporters from The New York Times and The Observer of London told Facebook that Cambridge had retained copies of private data for about 50 million Facebook users. Facebook says Cambridge promised in 2015 that the data would be deleted. Facebook responded to the new revelations by banning Cambridge and several of its associates from Facebook. But this week the controversy surrounding Facebook’s ties to Cambridge—and its handling of private user data more generally—has mushroomed. British members of Parliament accused Facebook of misleading them about the breach and asked CEO Mark Zuckerberg to come to the UK to clear up the issue personally. Facebook has scheduled a surprise all-hands meeting to answer employee questions about the controversy.

National: Senate Committee Launches Effort to Prevent Election Hacking | Associated Press

With the 2018 primary season already underway, leaders of the Senate intelligence committee are launching an effort to protect U.S. elections from a repeat episode of foreign interference. Senate Intelligence Committee Chairman Richard Burr, R-N.C., and Virginia Sen. Mark Warner, the top Democrat on the panel, will preview some of the committee’s recommendations for improving the nation’s election infrastructure at a news conference Tuesday. On Wednesday, the committee will hold a hearing examining attempted hacks on state elections systems in 2016 and the federal and state response to those efforts.

National: House approves legislation to authorize Homeland Security cyber teams | The Hill

House lawmakers on Monday passed legislation that would codify into law the Department of Homeland Security’s cyber incident response teams that help protect federal networks and critical infrastructure from cyberattacks. Lawmakers passed the bill, sponsored by House Homeland Security Committee Chairman Michael McCaul (R-Texas), in a voice vote Monday afternoon. The legislation would authorize the “cyber hunt and incident response teams” at Homeland Security to help owners and operators of critical infrastructure respond to cyberattacks as well as provide strategies for mitigating cybersecurity risks.

National: Cambridge Analytica boasts of dirty tricks to swing elections | The Guardian

The company at the centre of the Facebook data breach boasted of using honey traps, fake news campaigns and operations with ex-spies to swing election campaigns around the world, a new investigation reveals. Executives from Cambridge Analytica spoke to undercover reporters from Channel 4 News about the dark arts used by the company to help clients, which included entrapping rival candidates in fake bribery stings and hiring prostitutes to seduce them. In one exchange, the company chief executive, Alexander Nix, is recorded telling reporters: “It sounds a dreadful thing to say, but these are things that don’t necessarily need to be true as long as they’re believed.” The Channel 4 News investigation, broadcast on Monday, comes two days after the Observer reported Cambridge Analytica had unauthorised access to tens of millions of Facebook profiles in one of the social media company’s biggest data breaches.

National: FEC probes whether NRA got illegal Russian donations | Politico

The Federal Election Commission has launched a preliminary investigation into whether Russian entities gave illegal contributions to the National Rifle Association that were intended to benefit the Trump campaign during the 2016 presidential election, according to people who were notified of the probe. The inquiry stems in part from a complaint from a liberal advocacy group, the American Democracy Legal Fund, which asked the FEC to look into media reports about links between the rifle association and Russian entities, including a banker with close ties to Russian President Vladimir Putin. A spokesman for the NRA and its lobbying arm, the Institute for Legislative Action, which together contributed $30 million to Trump’s presidential campaign, declined to comment on the FEC’s probe.

National: How Trump Consultants Exploited the Facebook Data of Millions | The New York Times

As the upstart voter-profiling company Cambridge Analytica prepared to wade into the 2014 American midterm elections, it had a problem. The firm had secured a $15 million investment from Robert Mercer, the wealthy Republican donor, and wooed his political adviser, Stephen K. Bannon, with the promise of tools that could identify the personalities of American voters and influence their behavior. But it did not have the data to make its new products work. So the firm harvested private information from the Facebook profiles of more than 50 million users without their permission, according to former Cambridge employees, associates and documents, making it one of the largest data leaks in the social network’s history. The breach allowed the company to exploit the private social media activity of a huge swath of the American electorate, developing techniques that underpinned its work on President Trump’s campaign in 2016.

National: Spooked by election hacking, states are moving to paper ballots | Cyberscoop

Paper ballots may seem like an antiquated voting practice, but hacking fears are now pushing an increasing number of states toward a return to the basics. State legislatures and election directors are heeding warnings from Washington that hackers may tamper with electronic voting systems in the 2018 midterm elections. The U.S. intelligence community has said that Russian President Vladimir Putin launched a campaign to interfere with the 2016 presidential election and that the Kremlin will try to do so again. On the national level, lawmakers have made several attempts to push legislation aiming to strengthen election cybersecurity through grants to upgrade equipment and to increase cooperation between the federal government and lower jurisdictions. So far, no such legislation has passed either chamber of Congress. Amid all this national attention, a number of states have started to act on their own bolster the integrity of elections they run. With these states, the focus has been on doing away with direct-recording electronic voting machines (DREs) that don’t produce a paper record.

National: How the U.S. can prepare for a major election hack | The Washington Post

Before the 2016 election, at least 21 U.S. states’ registration databases or websites were targeted by hackers and seven states were successfully “compromised,” although there’s no evidence that votes were altered. As U.S. intelligence agencies recently made clear, the risk to voting systems continues in 2018. Foreign actors could target registration records, electronic voting machines or vote tabulations. Because American elections are controlled by individual states that employ a wide array of voting systems, a localized breach is especially feasible. Amplifying the danger is that many Americans will react to vote manipulation somewhere in the United States with doubts about election results everywhere. Even if this interference does not actually change an election outcome, people may use any breach to cast doubt on outcomes they don’t want to believe. This havoc is precisely what Russia wants.

National: Trump Administration Penalizes Russians Over Election Meddling and Cyberattacks | The New York Times

The Trump administration imposed sanctions on a series of Russian organizations and individuals on Thursday in retaliation for interference in the 2016 presidential election and other “malicious cyberattacks,” its most significant action against Moscow since President Trump took office. The sanctions came as the United States joined with Britain, France and Germany in denouncing Russia for its apparent role in a nerve-gas attack on a former Russian spy and his daughter on British soil, calling it a “clear violation” of international law. But the joint statement said nothing about any collective action in response. In his first comment on the poison attack, Mr. Trump agreed that, despite its denials, Russia was likely behind it. “It looks like it,” he told reporters in the Oval Office, adding that he had spoken with Prime Minister Theresa May of Britain.

National: Is Your County Elections Clerk Ready for Russian Hackers? | Stateline

The weakest link in any local voting system is that one county clerk who’s been on the job for three days and opens up an email file that could take down the whole system. The head of every U.S. intelligence agency says Russia attempted to penetrate elections systems nationwide during the 2016 presidential election, and will try again during this year’s midterm elections. In a decentralized election system with more than 10,000 separate jurisdictions, the onus for security is on local officials. “That keeps me awake at night,” said Nancy Blankenship, the clerk for Deschutes County, Oregon. Blankenship, like thousands of other county clerks, is the chief elections official for her area. It’s not so much the threat of foreign hackers changing votes that concerns Blankenship — Oregon is not only a vote-by-mail state, but also does its ballot counting without an internet connection — it’s the possibility that hacking could undermine public confidence in the system.

National: Schiff Says Russia Probe ‘Far From Done’ After GOP Shuts It Down | Bloomberg

The top Democrat on the House Intelligence panel said he plans to continue work on the Russia probe despite Republican moves to shut it down, saying 30 witnesses still need to be interviewed. “Our work is far from done,” Representative Adam Schiff told reporters Tuesday, a day after Republicans said they were ending the inquiry after finding no evidence of collusion between President Donald Trump’s campaign and Russian operatives who meddled in the 2016 presidential campaign. Schiff said that Democrats will write their own conclusions and plan to release transcripts of the panel’s interviews at that time.

National: There’s more to Russia’s cyber interference than the Mueller probe suggests | The Washington Post

An underlying theme running through special counsel Robert S. Mueller III’s investigation is that Russia’s ultimate goal was to make sure Donald Trump was elected president. That’s just part of the picture. Last month, Mueller’s team released the details of the grand jury indictments of 13 Russian nationals, as well as a shadowy Russian firm known as the Internet Research Agency, for conducting information warfare against the United States and breaking three U.S. federal laws. Our research looks at Russian cyber and information warfare activity — and distinct patterns begin to emerge. But this is a nonlinear strategy and a long-term assault on Russia’s adversaries. Although boosting the Trump campaign may have been one of Russia’s primary goals in 2016, the 2020 goal could just as easily be helping the president’s Democratic challenger.

National: Senator: On Cyberwarfare, Russia Has The U.S. “Behind The Eight Ball” | Fast Company

The Russians have punched far beyond their weight when it comes to cyberwarfare, a prominent U.S. Senator said Saturday, and America isn’t keeping up. Speaking at the SXSW conference in Austin, Mark Warner, Democrat of Virginia, noted that Vladimir Putin’s government got “great bang for their dollars, or bang for their rubles” by exploiting vulnerabilities on social media during the 2016 presidential elections, and that it may be time for the U.S. to rethink its military budget. “I come from one of the most pro-defense states,” Warner said, “but if you look at what we’re spending [on the military], $700 billion, the Russians are spending $68 billion.” Warner said that Putin’s government has acknowledged that it can’t keep up with us militarily. But he added that it has managed to use cyberwarfare to sow divisiveness in the U.S. by using sophisticated techniques to spread disinformation. It uses small, targeted election advertising buys, and leaves the kind of obvious fingerprints on state election systems that could have been used to defend President Trump’s original claims that the 2016 election was “rigged.”

National: 137 House Democrats sign letter urging action against Russia | Reuters

Over two-thirds of U.S. House of Representatives Democrats urged President Donald Trump to enact sanctions on Russia, the latest push by lawmakers for a response to investigators’ findings that Russia interfered in the 2016 U.S. election. At least 137 of the Democrats in the House signed a letter, seen by Reuters on Monday,“strongly urging” Trump to adhere to a law he signed last summer imposing sanctions on those who do business with Russia’s military and intelligence sectors. “We strongly urge you to reverse course, follow the letter and spirit of the law, and demonstrate that the security of our country and integrity of elections are sacrosanct,” the letter said.

National: Secretaries of state slam provision to allow Secret Service at polling places | CNN

More than a dozen secretaries of state slammed a rider attached to legislation to reauthorize the Department of Homeland Security that would allow Secret Service to be dispatched to polling places nationwide during a federal election. “This is an alarming proposal which raises the possibility that armed federal agents will be patrolling neighborhood precincts and vote centers,” according to the letter, which was obtained by CNN. In the letter, which was sent Friday to Senate leaders Mitch McConnell, a Kentucky Republican, and Chuck Schumer, a New York Democrat, the 19 secretaries of state write that they believe the proposal is “unprecedented and shocking.”

National: Despite Mueller’s Push, House Republicans Declare No Evidence of Collusion | The New York Times

Even as the special counsel expands his inquiry and pursues criminal charges against at least four Trump associates, House Intelligence Committee Republicans said on Monday that their investigation had found no evidence of collusion between Donald J. Trump’s presidential campaign and Russia to sway the 2016 election. Representative K. Michael Conaway, the Texas Republican who is leading the investigation, said committee Republicans agreed with the conclusions of American intelligence agencies that Russia had interfered with the election, but they broke with the agencies on one crucial point: that the Russians had favored Mr. Trump’s candidacy. “The bottom line: The Russians did commit active measures against our election in ’16, and we think they will do that in the future,” Mr. Conaway said. But, he added, “We disagree with the narrative that they were trying to help Trump.”

National: States aren’t shifting voting tech, despite ballot security concerns | FCW

In 2015, the Brennan Center for Justice conducted a major study on voting machine security that found most states were relying on dangerously outdated hardware and software, leaving them vulnerable to hackers while doing little to provide for accurate post-election auditing. On March 8, 2018, the center released an update to that report and found that not much has changed. Jurisdictions in 41 states are using voting systems at least a decade out of date going into the 2018 elections, barely an improvement from the 2015 study, when 44 states reported long-obsolete voting tech. The number of states in which election officials said they must replace voting equipment by 2020 actually increased, from 31 in 2015 to 33 in 2018.

National: Trump wants new authority over polling places. Top election officials say no | The Boston Globe

President Trump would be able to dispatch Secret Service agents to polling places nationwide during a federal election, a vast expansion of executive authority, if a provision in a Homeland Security reauthorization bill remains intact. The rider has prompted outrage from more than a dozen top elections officials around the country, including Secretary of State William F. Galvin of Massachusetts, a Democrat, who says he is worried that it could be used to intimidate voters and said there is “no basis” for providing Trump with this new authority. “This is worthy of a Third World country,” said Galvin in an interview. “I’m not going to tolerate people showing up to our polling places. I would not want to have federal agents showing up in largely Hispanic areas.” “The potential for mischief here is enormous,” Galvin added. The provision alarming him and others is a rider attached to legislation that would re-authorize the Department of Homeland Security. The legislation already cleared the House of Representatives with bipartisan support.

National: Democrats take first step toward curtailing superdelegates | The Washington Post

Democrats took their first official steps Saturday to reduce the power of unpledged delegates in presidential primaries, with the Democratic National Committee voting to “revise the role and ­reduce the perceived influence” of superdelegates before the next election. That vote, which is likely to reduce the number of superdelegates by at least half, came after 21 months of debate that began at the party’s 2016 convention in Philadelphia. Saturday’s discussion found a party determined to move past the 2016 primaries ­between Hillary Clinton and Sen. Bernie Sanders (I-Vt.), in large part by reducing the power of the party’s establishment to pick a nominee. “These are changes that I’m confident that people all over this country want to see,” said Rep. Keith Ellison (D-Minn.), the party’s deputy chairman and one of few Democratic members of Congress who backed Sanders for president. “I’m prepared to tell you that as a member of Congress, I don’t need more power than anybody else.”

National: State Department Was Granted $120 Million to Fight Russian Meddling. It Has Spent $0. | The New York Times

As Russia’s virtual war against the United States continues unabated with the midterm elections approaching, the State Department has yet to spend any of the $120 million it has been allocated since late 2016 to counter foreign efforts to meddle in elections or sow distrust in democracy. As a result, not one of the 23 analysts working in the department’s Global Engagement Center — which has been tasked with countering Moscow’s disinformation campaign — speaks Russian, and a department hiring freeze has hindered efforts to recruit the computer experts needed to track the Russian efforts. The delay is just one symptom of the largely passive response to the Russian interference by President Trump, who has made little if any public effort to rally the nation to confront Moscow and defend democratic institutions. More broadly, the funding lag reflects a deep lack of confidence by Secretary of State Rex W. Tillerson in his department’s ability to execute its historically wide-ranging mission and spend its money wisely.

National: Push to bolster election security stalls in Senate | The Hill

Senators are running into roadblocks from state officials as they try to craft legislation to secure election systems before the midterms in November. Sens. James Lankford (R-Okla.) and Kamala Harris (D-Calif.) are pushing for legislation that would bolster the security of U.S. voting infrastructure, with an eye toward countering threats from adversaries like Russia. But Lankford on Wednesday was forced to table an amendment to a bill moving through the Senate that was aimed at improving information-sharing between federal and state election officials on election cyber threats. State officials objected to the amendment. The development sparked frustration on the Senate Homeland Security and Governmental Affairs Committee, where lawmakers have been agitating for action. … The amendment would also mandate that election service providers, including vendors and contractors, notify state officials promptly if election systems — including voting machines, voter registration databases and election agency email systems — are breached, and that state officials provide the information to their federal counterparts in a timely fashion. The secretaries of state questioned whether states would be penalized if a vendor or contractor failed to notify state election agencies of cybersecurity incidents.

National: US senator grills CEO over the myth of the hacker-proof voting machine | Ars Technica

A US senator is holding the nation’s biggest voting machine maker to account following a recent article that reported it has sold equipment that was pre-installed with remote-access software and has advised government customers to install the software on machines that didn’t already have it pre-installed. Use of remote-access software in e-voting systems was reported last month by The New York Times Magazine in an article headlined “The Myth of the Hacker-Proof Voting Machine.” The article challenged the oft-repeated assurance that voting machines are generally secured against malicious tampering because they’re not connected to the Internet. Exhibit A in the case built by freelance reporter Kim Zetter was an election-management computer used in 2016 by Pennsylvania’s Venango County. After voting machines the county bought from Election Systems & Software were suspected of “flipping” votes―meaning screens showed a different vote than the one selected by the voter―officials asked a computer scientist to examine the systems. The scientist ultimately concluded the flipping was the result of a simple calibration error, but during the analysis he found something much more alarming―remote-access software that allowed anyone with the correct password to remotely control the system.