National: Trump’s fraud commission plans to create a massive voter database. Former national security officials say it could be hacked. | The Washington Post

More than a half-dozen technology experts and former national security officials filed an amicus brief Tuesday urging a federal court to halt the collection of voter information for a planned government database. Former national intelligence director James R. Clapper Jr., one of the co-signatories of the brief, warned that a White House plan to create a centralized database containing sensitive information on millions of American voters will become an attractive target for nation states and criminal hackers. This summer, the Presidential Advisory Commission on Election Integrity issued a sweeping request to state officials to submit voter data to “analyze vulnerabilities and issues related to voter registration and voting.” The commission, which is chaired by Vice President Pence and Kansas Secretary of State Kris Kobach (R), was established after President Trump claimed that he would have won the popular vote if not for as many as 5 million illegally cast ballots. State officials haven’t found any indication that there was widespread voter fraud.

National: States raise security concerns about Crosscheck voter database during call with Kobach’s office | Lawrence Journal World

Officials from Kansas Secretary of State Kris Kobach’s office conducted a conference call Thursday with election officials from several other states to discuss concerns about the Crosscheck program, a multistate database of voter registration information that Kansas manages and that some critics have said is not secure. Bryan Caskey, director of elections in the secretary of state’s office, confirmed Thursday that the conference call took place, but he said the issue of security concerns only came up “at a very high level.” “I would describe it as more of a kickoff conference call that we do at the start of every election year,” Caskey said. The Crosscheck database was originally launched in the early 2000s when Ron Thornburgh served as secretary of state.

National: Apparent White House pick to lead census sparks concern about partisanship | The Washington Post

This week the Population Association of America and the Association of Population Research Centers, whose members include over 3,000 scientists and over 40 federally-funded organizations, sounded an alarm bell about one of their most sacred cows: the United States Census Bureau. Reports had surfaced saying the White House planned to install as the bureau’s deputy director Thomas Brunell, a political science professor with scant managerial experience who is best known for his testimony as an expert witness on behalf of Republican redistricting plans and a book that argues against competitive electoral districts. News of the appointment, which sources close to the bureau say is imminent, sparked handwringing among statisticians, former bureau directors, and civil rights leaders.

National: Donald Trump Jr back to Congress to face questioning on Russia links | The Guardian

Donald Trump’s eldest son, Donald Trump Jr, returned to Congress on Wednesday to face questions from lawmakers about alleged Russian efforts to influence the 2016 US election and possible collusion with Moscow by his father’s presidential campaign. Trump arrived shortly before 10am for what was expected to be several hours of questioning by members of the House of Representatives intelligence committee, one of three main congressional committees investigating the matter. The session was conducted behind closed doors, and Trump Jr was not seen by reporters waiting outside the meeting room, although congressional officials confirmed he had arrived.

National: House Urging States to Secure Voting Infrastructures Before 2018 Elections | MeriTalk

With the midterm elections of 2018 fewer than 12 months away, Congress is showing heightened concern over the potential for disastrous cyber attacks on the nation’s electronic voting systems. “Like anything else in the digital age, electronic voting is vulnerable to hacking,” said Will Hurd, R-Texas, chairman of the House Subcommittee on Information Technology. “Our voting machines are no exception.” Hurd, in opening remarks at a Nov. 29 joint hearing with the House Subcommittee on Intergovernmental Affairs on the cybersecurity of voting machines, said subcommittee members wanted to explore what impact the Department of Homeland Security designation last January of U.S. election systems as “critical infrastructure” has had on states. “It is essential that states take appropriate steps to secure their voting infrastructure,” he said.

National: Lawyers for Trump election commission respond to lawsuit | Union Leader

Attorneys for President Donald Trump’s commission on election fraud maintain that Maine Secretary of State Matthew Dunlap has no legal right to commission-related documents he is seeking through a lawsuit filed in U.S. District Court for the District of Columbia. Commission attorneys responded on Friday to a lawsuit filed by Dunlap, aimed at finding out what’s been going on with the commission in the months since its September meeting at St. Anselm College. New Hampshire Secretary of State Bill Gardner, also a member of the commission, says he hasn’t heard a word from Chairman Kris Kobach, Kansas Secretary of State, or any commission staff since the meeting, even though state officials have reached out in an attempt to submit the requested voter data.

National: Democrats question GOP commitment to Senate’s Russia inquiry | Politico

Democrats on the Senate Judiciary Committee are raising fresh concerns about the GOP-led panel’s appetite for digging into the Russian ties forged by multiple advisers to President Donald Trump. Friction on the committee last spiked in October, when the chairman, Sen. Chuck Grassley (R-Iowa), sent a slew of letters to key figures in the Russia investigation without the signature of Sen. Dianne Feinstein of California, the panel’s top Democrat. Feinstein has followed by sending four rounds of letters without Grassley’s signature that seek material from other players in the Trump campaign’s communications with Russian officials — the most recent series of letters coming on Monday. Asked about Grassley’s decision to not sign on, Feinstein told reporters late Monday that “I think there’s an effort, subtle, not to go deeply. And I hadn’t realized it before, but I realize it now,” she continued. “And we’re going to have to find a way to deal with it.”

National: Deutsche Bank Received Subpoena on Client Trump | Bloomberg

Special prosecutor Robert Mueller zeroed in on President Donald Trump’s business dealings with Deutsche Bank AG as his investigation into alleged Russian meddling in U.S. elections widens. Mueller has issued a subpoena to Germany’s largest lender, forcing the bank to submit documents on its client relationship with Trump and his family, said a person briefed on the matter, who asked not to be identified because the action has not been announced. “Deutsche Bank always cooperates with investigating authorities in all countries,” the lender said in a statement to Bloomberg, declining to provide additional information.

National: Trump transition official wrote in email: Russia ‘has just thrown the USA election to him’ | The Independent

Russia threw the US election to Donald Trump, a top official in his transition team reportedly said in an email. Emails between top Trump transition officials suggested Michael Flynn was in close contact with other senior members of the transition team before and after he spoke to Russian Ambassador Sergey Kislyak, The New York Times reported. An email from K T McFarland, a transition adviser to Mr Trump, sent on 29 December, suggested Russian sanctions announced by the Obama administration had been aimed at discrediting Mr Trump’s victory. In emails obtained by the Times, she said the sanctions could also make it more difficult for Mr Trump to ease tensions with Russia, “which has just thrown the USA election to him.”

National: Experts: States need help to protect voting machines from Russians | USA Today

Congress needs to boost funding to states to help them buy secure voting machines to prevent Russia and other hostile nations from hacking U.S. elections, election experts told a House panel Wednesday. “This is a critical need, and must be addressed immediately (to have an impact on the 2018 election),” said Edgardo Cortés, commissioner of the Virginia Department of Elections, which held statewide elections earlier this month. Experts also recommended that states stop using touchscreen voting machines and replace them with paper-based systems such as optical scanners that tabulate paper ballots and provide tangible evidence of election results. “In many electronic voting systems in use today, a successful attack that exploits a software flaw might leave behind little or no forensic evidence,” warned Matthew Blaze, an associate professor of computer and information science at the University of Pennsylvania. “This can make it effectively impossible to determine the true outcome of an election or even that a compromise has occurred.”

National: Are states prepared to protect the next election from hackers? | GCN

A Nov. 29 House hearing on the cybersecurity of voting infrastructure highlighted warnings about some machines used to cast votes and the software used to tally them, but officials were positive about the progress being made and the low likelihood that an attack could actually switch any votes. Several experts who testified at the hearing, held by the House Oversight Committee’s subcommittees on information technology and intergovernmental affairs, recommended that states should begin switching — if they haven’t already — away from direct-recording electronic voting machines. Matt Blaze, a computer science professor at University of Pennsylvania, said the complexity of DRE machines makes them very hard to secure. The vote tallies stored in internal memory, ballot definition parameters displayed to voters and electronic log files used for post-election audit are all subject to alteration.

National: The time to hack-proof the 2018 election is expiring — and Congress is way behind | Politico

Lawmakers are scrambling to push something — anything — through Congress that would help secure the nation’s voting systems ahead of the 2018 elections. But it might already be too late for some critical targets. By this point during the 2016 election cycle, Russian hackers had already been in the Democratic National Committee’s networks for at least three months. Members of both parties insist they can get something done before Election Day 2018, but concede that the window is rapidly closing. Voters in Texas and Illinois will take to the polls in the country’s first primaries in just over three months — a narrow timeline for implementing software patches, let alone finding the funds to overhaul creaky IT systems, swap out aging voting machines or implement state-of-the-art digital audits. “Not a lot of time, no question,” Senate Intelligence Chairman Richard Burr (R-N.C.), who is leading an investigation of Russia’s election-year meddling, told POLITICO.

National: Court Order Barring RNC From Voter Intimidation Set to Expire Friday | Bloomberg

A 35-year-old federal court order prohibiting the Republican National Committee from engaging in voter verification and other “ballot security” measures is set to expire Friday, something the GOP says is long overdue but voting rights advocates argue is still needed to prevent intimidation at the polls. Lawyers for the Republican National Committee said in court filings that the organization has been in compliance for years, even going beyond what is outlined in the consent decree. It opts against participating in poll-watching activities, for example, even though they are allowed under the order. “The RNC has worked hard to comply with its obligations under the Consent Decree,” lawyers wrote in documents filed with the court.

National: Trump Pressed Top Republicans to End Senate Russia Inquiry | The New York Times

President Trump over the summer repeatedly urged senior Senate Republicans, including the chairman of the Senate Intelligence Committee, to end the panel’s investigation into Russia’s interference in the 2016 election, according to a half dozen lawmakers and aides. Mr. Trump’s requests were a highly unusual intervention from a president into a legislative inquiry involving his family and close aides. Senator Richard Burr of North Carolina, the intelligence committee chairman, said in an interview this week that Mr. Trump told him that he was eager to see an investigation that has overshadowed much of the first year of his presidency come to an end. “It was something along the lines of, ‘I hope you can conclude this as quickly as possible,’” Mr. Burr said. He said he replied to Mr. Trump that “when we have exhausted everybody we need to talk to, we will finish.”

National: Senate GOP campaign arm stole donor data from House Republicans | Politico

Staffers for Senate Republicans’ campaign arm seized information on more than 200,000 donors from the House GOP campaign committee over several months this year by breaking into its computer system, three sources with knowledge of the breach told POLITICO. The unauthorized raid on the National Republican Congressional Committee’s data created a behind-the-scenes rift with the National Republican Senatorial Committee, according to the sources, who described NRCC officials as furious. It comes at a time when House Republicans are focused on preparing to defend their 24-seat majority in the 2018 midterm elections. And it has spotlighted Senate Republicans’ deep fundraising struggles this year, with the NRSC spending more than it raised for four months in a row. Multiple NRSC staffers, who previously worked for the NRCC, used old database login information to gain access to House Republicans’ donor lists this year.

National: DHS official says ‘trust’ with states prevents sharing cyber threats to election with Congress | InsideCyberSecurity

The Department of Homeland Security’s Christopher Krebs told House lawmakers that a “trust” relationship with state officials has prevented the department from sharing specific details about cyber threats to the 2016 presidential election with Congress. Krebs said “we don’t have statutory authority to compel” states to report cyber incidents to the federal government, while expressing concern that the level of trust needed to get states to share with DHS could be undermined by passing along that information to lawmakers. Krebs, who is the senior official performing the duties of the DHS under secretary for the National Protection and Programs Directorate, testified Wednesday at a joint hearing by the House Oversight and Government Reform information technology and intergovernmental affairs subcommittees on the “cybersecurity of voting machines.”

National: Vote-Hacking Fears Help State Officials Get Security Clearances | Bloomberg

Three months before some U.S. states host primary elections, the Department of Homeland Security has begun offering security clearances to state officials to more easily share classified information as the threat of cyberattacks looms over next year’s polls. The federal government is “clear-eyed” that threats to election systems remain an ongoing concern after Russia’s meddling in the 2016 election, according to Chris Krebs, the DHS senior official performing the duties of under secretary for the National Protection and Programs Directorate. We’re offering security clearances initially to senior election officials, and we’re also exploring additional clearances to other state officials,” Krebs told a House Oversight and Government Reform subcommittee hearing on Wednesday. “These relationships are built and sustained on trust. Breaking that trust will have far-ranging consequences in our ability to collaboratively counter this growing threat.”

National: Privacy advocates cite Russian hacking in court arguments over election data security | InsideCyberSecurity

Lawyers for the Electronic Privacy Information Center told circuit judges last week that attacks on the nation’s election system by Russia underscore the risks to voter data being collected by a presidential commission, in a case that could determine the federal government’s role in securing voter rolls managed by the states. “This data, voter data, is the most sensitive data in our form of government. And we know on record it was also the target of a foreign adversary during the 2016 election,” Marc Rotenberg, president and executive director at EPIC, told a panel of judges at the U.S. Circuit Court of Appeals for the District of Columbia on Nov. 21. EPIC, a nonprofit advocate of online privacy and digital rights, is asking federal courts to block the presidentially appointed commission from collecting the voter data. His comments are a reference to the intelligence community’s conclusion that the Russian government interfered in the 2016 presidential election, which has prompted a number of congressional investigations that could lead to legislation setting new security requirements for voter data.

National: Ethics watchdog: Trump voter fraud commission official may have violated law | The Hill

An ethics watchdog group is alleging that the vice chairman of President Trump’s election voter fraud commission may have violated a federal conflict of interest law. The left-leaning group, Citizens for Responsibility and Ethics in Washington (CREW), filed the complaint Tuesday with the Department of Justice regarding Kansas Secretary of State Kris Kobach. CREW said Kobach is paid to write columns for Breitbart News. One column  — which Kobach later brought up during a New Hampshire meeting of the Presidential Advisory Commission on Election Integrity — made claims about voter fraud in New Hampshire, according to the group.

National: 6 Months In, There’s No End In Sight: Who’s Who In The Vast Russia Imbroglio | NPR

Special counsel Robert Mueller’s investigation into Russian election interference has passed the six-month mark, and President Trump’s staff is painting a picture of a process nearing its end. “We still expect this to conclude soon,” White House spokeswoman Sarah Huckabee Sanders has told reporters. Ty Cobb, the outside attorney brought in to help the White House in its response to the probe, told NPR’s Tamara Keith that Mueller’s interviews with Trump campaign officials would be completed “ideally by Thanksgiving.”

National: Virginia Elections Official to Testify Before Congress About Concerns of Electronic Voting Machine Vulnerabilities | NBC

Congress will question Virginia’s top elections official Wednesday about a decision he made weeks before this year’s election to prevent votes from being hacked. Virginia Department of Elections Commissioner Edgardo Cortes recommended removing all touchscreen voting machines and using paper ballots over concerns the electronic machines could be vulnerable to hackers trying to infiltrate Virginia’s election system. The U.S. House Oversight Committee called Cortes to testify and explain his decision Wednesday as part of a hearing on voting system vulnerabilities.

National: Gerrymandering opponents turn to ballot initiatives to redraw lines | The Hill

Advocates of radically overhauling partisan gerrymandering are increasingly looking to ballot initiatives to reform the redistricting process, in hopes of circumventing recalcitrant legislatures. Supporters of a proposal to create a nonpartisan redistricting commission in Michigan say they will turn in more than 400,000 signatures by the end of the year. They need 315,000 of those signatures to be valid in order to qualify for next year’s ballot. In Ohio, a coalition of organizations is in the process of collecting the 305,591 valid signatures they need to get a constitutional amendment on the ballot. And in Colorado, another coalition plans two ballot initiatives — one that would reform congressional redistricting, and another to reform legislative redistricting.

National: Russian hacking: FBI failed to tell US officials their email was targeted | The Guardian

The FBI failed to notify scores of US officials that Russian hackers were trying to break into their personal Gmail accounts despite having evidence for at least a year, an investigation found. The Associated Press dedicated two months and a small team of reporters to go through a hit list of targets of Fancy Bear, a Russian government-aligned cyberespionage group, that was provided by the cybersecurity firm Secureworks. Previous investigations based on the list had shown how Fancy Bear worked in close alignment with the Kremlin’s interests to steal tens of thousands of emails from the Democratic party. The hacking campaign disrupted the 2016 US election and cast a shadow over the presidency of Donald Trump, whom US intelligence agencies say the hackers were trying to help. The Russian government has denied interfering in the American election. The special counsel Robert Mueller is leading an investigation into alleged collusion between Trump aides and Russia. Indictments have been made.

National: FBI gave heads-up to fraction of Russian hackers’ US targets |Associated Press

The FBI failed to notify scores of U.S. officials that Russian hackers were trying to break into their personal Gmail accounts despite having evidence for at least a year that the targets were in the Kremlin’s crosshairs, The Associated Press has found. Nearly 80 interviews with Americans targeted by Fancy Bear, a Russian government-aligned cyberespionage group, turned up only two cases in which the FBI had provided a heads-up. Even senior policymakers discovered they were targets only when the AP told them, a situation some described as bizarre and dispiriting. “It’s utterly confounding,” said Philip Reiner, a former senior director at the National Security Council, who was notified by the AP that he was targeted in 2015. “You’ve got to tell your people. You’ve got to protect your people.”

National: Older Voters Stymied by Tighter ID Requirements | The New York Times

In February 2016, Anita Johnson met a woman in Milwaukee fretting that, although she had voted faithfully for decades, she would be unable to cast a ballot in the presidential election. Her Wisconsin driver’s license was about to expire, and since she was 90 and no longer drove, she wouldn’t renew it. But she had heard about the state’s strict new voter ID law, requiring official photo identification. Without a license, she worried she was out of luck. Maybe not, said Ms. Johnson. The state coordinator for VoteRiders, a nonprofit, nonpartisan organization that helps citizens vote, Ms. Johnson pointed out that the state Department of Motor Vehicles could issue a photo ID. Poll workers would accept that as proof of identity. On the very last day the would-be voter had a valid license, Ms. Johnson drove her to the agency, which issued the necessary state card. So did she get to vote for president, at 91? “She did,” Ms. Johnson said. “I know, because I drove her to the polls.”

National: What are voting machine companies doing about cyber? | FCW

In October 2017, Sen. Ron Wyden (D-Ore.) sent letters to five of the top voting machine companies in America asking how their organizations were structured and what steps they have taken to ensure their machines are protected from cyber threats. “As our election systems have come under unprecedented scrutiny, public faith in the security of our electoral process at every level is more important than ever before,” Wyden said. “Ensuring that Americans can trust that election systems and infrastructure are secure is necessary to protecting confidence in our electoral process and democratic government.” The questions touched on a wide range of topics related to cybersecurity, such as whether the companies had experienced a recent data breach, whether they employ a chief information security officer and how frequently their products have been audited by third-party evaluators.

National: Democrats call for states to get $400M election security upgrades | The Hill

Two House Democrats are pressing their colleagues to allot $400 million for states to upgrade outdated voting equipment and secure their election systems. Democratic Reps. Bennie Thompson (Miss.) and Robert Brady (Pa.) made the appeal in a letter to leaders of the House Appropriations Committee released on Monday. “We know that Russia launched an unprecedented assault on our elections in 2016, targeting 21 states’ voting systems, and we believe this money is necessary to protect our elections from future attack,” wrote the lawmakers.  “When a sovereign nation attempts to meddle in our elections, it is an attack on our country,” they wrote. “We cannot leave states to defend against the sophisticated cyber tactics of state actors like Russia on their own.”

National: Judge: Trump voter fraud commission on ice till next year | Politico

A commission that President Donald Trump tasked with investigating his own unsubstantiated claims of voter fraud won’t meet again this year, according to court records, fueling more questions about the panel’s future and its viability. In an order Monday, U.S. District Court Judge Colleen Kollar-Kotelly said a Justice Department attorney told the court Friday that the President’s Advisory Commission on Election Integrity “will not meet in December.” Federal rules require such committee meetings to be announced 15 days in advance, except for emergencies, so no meeting seems feasible this month, Asked about the lawyer’s reported statement Monday, the White House declined to comment on the record. However, an administration official acknowledged that a meeting of the commission before the end of the year was “unlikely.”

National: Culling Voter Rolls: Battling Over Who Even Gets to Go to the Polls | The New York Times

On its face, the notice sent to 248 county election officials asked only that they do what Congress has ordered: Prune their rolls of voters who have died, moved or lost their eligibility — or face a federal lawsuit. The notice, delivered in September by a conservative advocacy group, is at the heart of an increasingly bitter argument over the seemingly mundane task of keeping accurate lists of voters — an issue that will be a marquee argument before the Supreme Court in January. At a time when gaming the rules of elections has become standard political strategy, the task raises a high-stakes question: Is scrubbing ineligible voters from the rolls worth the effort if it means mistakenly bumping legitimate voters as well? The political ramifications are as close as a history book. Florida’s Legislature ordered the voter rolls scrubbed of dead registrants and ineligible felons before the 2000 presidential election. The resulting purge, based on a broad name-matching exercise, misidentified thousands of legitimate voters as criminals, and prevented at least 1,100 of them — some say thousands more — from casting ballots.

National: Bipartisan Harvard project issues election hacking recommendations | The Hill

A panel led by former Hillary Clinton and Mitt Romney campaign officials has released a slate of recommendations for future election operations to guard themselves against cyberattacks. The final report from Harvard’s Defending Digital Democracy project comes roughly a year after the 2016 November presidential election, ahead of which the Democratic National Committee and Clinton campaign chairman John Podesta were successfully targeted by cyberattacks. The U.S. intelligence community has tied the hacks to a broader campaign by Russia to interfere in the election. Robby Mook and Matt Rhoades, former campaign managers to Clinton and Romney, respectively, positioned the project as an effort to help future campaign operations be more secure against cyber threats, regardless of their party affiliation.