National: Senate Intel Committee gives Homeland Security its election security wish list | TechCrunch

In a press conference today, the Senate Select Committee on Intelligence presented its urgent recommendations for protecting election systems as the U.S. moves toward midterm elections later this year. “Currently we have an election upon us, and the past tells us that the future will probably hold another set of threats if we are not prepared,” Senator Kamala Harris said. The bipartisan committee offered a set of measures to defend domestic election infrastructure against hostile foreign nations. Before launching into the findings from its committee-wide examination of current practices, written up in an accompanying report, the group emphasized that states are “firmly in the lead” in conducting elections, although the federal government should work closely to provide funds and information.

National: Senators release election security recommendations to deter meddling | The Guardian

A bipartisan group of senators leading an inquiry into Russian meddling in the 2016 US election called on Tuesday for urgent action by Congress to help states protect their voting systems from future threats of foreign interference. With the 2018 congressional primaries already under way, members of the senate intelligence committee outlined a series of recommendations – the first public release from the panel’s yearlong investigation – that they say will help improve the cybersecurity of the nation’s election infrastructure. “We’re now at a point where we’ve wrapped up one piece of our investigation, which deals with election security,” said Republican senator Richard Burr, the chairman of the committee, who spoke alongside the Democratic vice-chair, Senator Mark Warner, and members of the committee. By and large, he said, “we need to be more effective at deterring our adversaries.”

National: Facebook’s Cambridge Analytica scandal, explained | Ars Technica

Facebook is reeling from a series of revelations about private user data being leaked to Cambridge Analytica, a shadowy political consulting firm that did work for the Donald Trump campaign. Last Friday, reporters from The New York Times and The Observer of London told Facebook that Cambridge had retained copies of private data for about 50 million Facebook users. Facebook says Cambridge promised in 2015 that the data would be deleted. Facebook responded to the new revelations by banning Cambridge and several of its associates from Facebook. But this week the controversy surrounding Facebook’s ties to Cambridge—and its handling of private user data more generally—has mushroomed. British members of Parliament accused Facebook of misleading them about the breach and asked CEO Mark Zuckerberg to come to the UK to clear up the issue personally. Facebook has scheduled a surprise all-hands meeting to answer employee questions about the controversy.

National: Senate Committee Launches Effort to Prevent Election Hacking | Associated Press

With the 2018 primary season already underway, leaders of the Senate intelligence committee are launching an effort to protect U.S. elections from a repeat episode of foreign interference. Senate Intelligence Committee Chairman Richard Burr, R-N.C., and Virginia Sen. Mark Warner, the top Democrat on the panel, will preview some of the committee’s recommendations for improving the nation’s election infrastructure at a news conference Tuesday. On Wednesday, the committee will hold a hearing examining attempted hacks on state elections systems in 2016 and the federal and state response to those efforts.

National: House approves legislation to authorize Homeland Security cyber teams | The Hill

House lawmakers on Monday passed legislation that would codify into law the Department of Homeland Security’s cyber incident response teams that help protect federal networks and critical infrastructure from cyberattacks. Lawmakers passed the bill, sponsored by House Homeland Security Committee Chairman Michael McCaul (R-Texas), in a voice vote Monday afternoon. The legislation would authorize the “cyber hunt and incident response teams” at Homeland Security to help owners and operators of critical infrastructure respond to cyberattacks as well as provide strategies for mitigating cybersecurity risks.

National: Cambridge Analytica boasts of dirty tricks to swing elections | The Guardian

The company at the centre of the Facebook data breach boasted of using honey traps, fake news campaigns and operations with ex-spies to swing election campaigns around the world, a new investigation reveals. Executives from Cambridge Analytica spoke to undercover reporters from Channel 4 News about the dark arts used by the company to help clients, which included entrapping rival candidates in fake bribery stings and hiring prostitutes to seduce them. In one exchange, the company chief executive, Alexander Nix, is recorded telling reporters: “It sounds a dreadful thing to say, but these are things that don’t necessarily need to be true as long as they’re believed.” The Channel 4 News investigation, broadcast on Monday, comes two days after the Observer reported Cambridge Analytica had unauthorised access to tens of millions of Facebook profiles in one of the social media company’s biggest data breaches.

National: FEC probes whether NRA got illegal Russian donations | Politico

The Federal Election Commission has launched a preliminary investigation into whether Russian entities gave illegal contributions to the National Rifle Association that were intended to benefit the Trump campaign during the 2016 presidential election, according to people who were notified of the probe. The inquiry stems in part from a complaint from a liberal advocacy group, the American Democracy Legal Fund, which asked the FEC to look into media reports about links between the rifle association and Russian entities, including a banker with close ties to Russian President Vladimir Putin. A spokesman for the NRA and its lobbying arm, the Institute for Legislative Action, which together contributed $30 million to Trump’s presidential campaign, declined to comment on the FEC’s probe.

National: How Trump Consultants Exploited the Facebook Data of Millions | The New York Times

As the upstart voter-profiling company Cambridge Analytica prepared to wade into the 2014 American midterm elections, it had a problem. The firm had secured a $15 million investment from Robert Mercer, the wealthy Republican donor, and wooed his political adviser, Stephen K. Bannon, with the promise of tools that could identify the personalities of American voters and influence their behavior. But it did not have the data to make its new products work. So the firm harvested private information from the Facebook profiles of more than 50 million users without their permission, according to former Cambridge employees, associates and documents, making it one of the largest data leaks in the social network’s history. The breach allowed the company to exploit the private social media activity of a huge swath of the American electorate, developing techniques that underpinned its work on President Trump’s campaign in 2016.

National: Spooked by election hacking, states are moving to paper ballots | Cyberscoop

Paper ballots may seem like an antiquated voting practice, but hacking fears are now pushing an increasing number of states toward a return to the basics. State legislatures and election directors are heeding warnings from Washington that hackers may tamper with electronic voting systems in the 2018 midterm elections. The U.S. intelligence community has said that Russian President Vladimir Putin launched a campaign to interfere with the 2016 presidential election and that the Kremlin will try to do so again. On the national level, lawmakers have made several attempts to push legislation aiming to strengthen election cybersecurity through grants to upgrade equipment and to increase cooperation between the federal government and lower jurisdictions. So far, no such legislation has passed either chamber of Congress. Amid all this national attention, a number of states have started to act on their own bolster the integrity of elections they run. With these states, the focus has been on doing away with direct-recording electronic voting machines (DREs) that don’t produce a paper record.

National: How the U.S. can prepare for a major election hack | The Washington Post

Before the 2016 election, at least 21 U.S. states’ registration databases or websites were targeted by hackers and seven states were successfully “compromised,” although there’s no evidence that votes were altered. As U.S. intelligence agencies recently made clear, the risk to voting systems continues in 2018. Foreign actors could target registration records, electronic voting machines or vote tabulations. Because American elections are controlled by individual states that employ a wide array of voting systems, a localized breach is especially feasible. Amplifying the danger is that many Americans will react to vote manipulation somewhere in the United States with doubts about election results everywhere. Even if this interference does not actually change an election outcome, people may use any breach to cast doubt on outcomes they don’t want to believe. This havoc is precisely what Russia wants.

National: Trump Administration Penalizes Russians Over Election Meddling and Cyberattacks | The New York Times

The Trump administration imposed sanctions on a series of Russian organizations and individuals on Thursday in retaliation for interference in the 2016 presidential election and other “malicious cyberattacks,” its most significant action against Moscow since President Trump took office. The sanctions came as the United States joined with Britain, France and Germany in denouncing Russia for its apparent role in a nerve-gas attack on a former Russian spy and his daughter on British soil, calling it a “clear violation” of international law. But the joint statement said nothing about any collective action in response. In his first comment on the poison attack, Mr. Trump agreed that, despite its denials, Russia was likely behind it. “It looks like it,” he told reporters in the Oval Office, adding that he had spoken with Prime Minister Theresa May of Britain.

National: Is Your County Elections Clerk Ready for Russian Hackers? | Stateline

The weakest link in any local voting system is that one county clerk who’s been on the job for three days and opens up an email file that could take down the whole system. The head of every U.S. intelligence agency says Russia attempted to penetrate elections systems nationwide during the 2016 presidential election, and will try again during this year’s midterm elections. In a decentralized election system with more than 10,000 separate jurisdictions, the onus for security is on local officials. “That keeps me awake at night,” said Nancy Blankenship, the clerk for Deschutes County, Oregon. Blankenship, like thousands of other county clerks, is the chief elections official for her area. It’s not so much the threat of foreign hackers changing votes that concerns Blankenship — Oregon is not only a vote-by-mail state, but also does its ballot counting without an internet connection — it’s the possibility that hacking could undermine public confidence in the system.

National: Schiff Says Russia Probe ‘Far From Done’ After GOP Shuts It Down | Bloomberg

The top Democrat on the House Intelligence panel said he plans to continue work on the Russia probe despite Republican moves to shut it down, saying 30 witnesses still need to be interviewed. “Our work is far from done,” Representative Adam Schiff told reporters Tuesday, a day after Republicans said they were ending the inquiry after finding no evidence of collusion between President Donald Trump’s campaign and Russian operatives who meddled in the 2016 presidential campaign. Schiff said that Democrats will write their own conclusions and plan to release transcripts of the panel’s interviews at that time.

National: There’s more to Russia’s cyber interference than the Mueller probe suggests | The Washington Post

An underlying theme running through special counsel Robert S. Mueller III’s investigation is that Russia’s ultimate goal was to make sure Donald Trump was elected president. That’s just part of the picture. Last month, Mueller’s team released the details of the grand jury indictments of 13 Russian nationals, as well as a shadowy Russian firm known as the Internet Research Agency, for conducting information warfare against the United States and breaking three U.S. federal laws. Our research looks at Russian cyber and information warfare activity — and distinct patterns begin to emerge. But this is a nonlinear strategy and a long-term assault on Russia’s adversaries. Although boosting the Trump campaign may have been one of Russia’s primary goals in 2016, the 2020 goal could just as easily be helping the president’s Democratic challenger.

National: Senator: On Cyberwarfare, Russia Has The U.S. “Behind The Eight Ball” | Fast Company

The Russians have punched far beyond their weight when it comes to cyberwarfare, a prominent U.S. Senator said Saturday, and America isn’t keeping up. Speaking at the SXSW conference in Austin, Mark Warner, Democrat of Virginia, noted that Vladimir Putin’s government got “great bang for their dollars, or bang for their rubles” by exploiting vulnerabilities on social media during the 2016 presidential elections, and that it may be time for the U.S. to rethink its military budget. “I come from one of the most pro-defense states,” Warner said, “but if you look at what we’re spending [on the military], $700 billion, the Russians are spending $68 billion.” Warner said that Putin’s government has acknowledged that it can’t keep up with us militarily. But he added that it has managed to use cyberwarfare to sow divisiveness in the U.S. by using sophisticated techniques to spread disinformation. It uses small, targeted election advertising buys, and leaves the kind of obvious fingerprints on state election systems that could have been used to defend President Trump’s original claims that the 2016 election was “rigged.”

National: 137 House Democrats sign letter urging action against Russia | Reuters

Over two-thirds of U.S. House of Representatives Democrats urged President Donald Trump to enact sanctions on Russia, the latest push by lawmakers for a response to investigators’ findings that Russia interfered in the 2016 U.S. election. At least 137 of the Democrats in the House signed a letter, seen by Reuters on Monday,“strongly urging” Trump to adhere to a law he signed last summer imposing sanctions on those who do business with Russia’s military and intelligence sectors. “We strongly urge you to reverse course, follow the letter and spirit of the law, and demonstrate that the security of our country and integrity of elections are sacrosanct,” the letter said.

National: Secretaries of state slam provision to allow Secret Service at polling places | CNN

More than a dozen secretaries of state slammed a rider attached to legislation to reauthorize the Department of Homeland Security that would allow Secret Service to be dispatched to polling places nationwide during a federal election. “This is an alarming proposal which raises the possibility that armed federal agents will be patrolling neighborhood precincts and vote centers,” according to the letter, which was obtained by CNN. In the letter, which was sent Friday to Senate leaders Mitch McConnell, a Kentucky Republican, and Chuck Schumer, a New York Democrat, the 19 secretaries of state write that they believe the proposal is “unprecedented and shocking.”

National: Despite Mueller’s Push, House Republicans Declare No Evidence of Collusion | The New York Times

Even as the special counsel expands his inquiry and pursues criminal charges against at least four Trump associates, House Intelligence Committee Republicans said on Monday that their investigation had found no evidence of collusion between Donald J. Trump’s presidential campaign and Russia to sway the 2016 election. Representative K. Michael Conaway, the Texas Republican who is leading the investigation, said committee Republicans agreed with the conclusions of American intelligence agencies that Russia had interfered with the election, but they broke with the agencies on one crucial point: that the Russians had favored Mr. Trump’s candidacy. “The bottom line: The Russians did commit active measures against our election in ’16, and we think they will do that in the future,” Mr. Conaway said. But, he added, “We disagree with the narrative that they were trying to help Trump.”

National: States aren’t shifting voting tech, despite ballot security concerns | FCW

In 2015, the Brennan Center for Justice conducted a major study on voting machine security that found most states were relying on dangerously outdated hardware and software, leaving them vulnerable to hackers while doing little to provide for accurate post-election auditing. On March 8, 2018, the center released an update to that report and found that not much has changed. Jurisdictions in 41 states are using voting systems at least a decade out of date going into the 2018 elections, barely an improvement from the 2015 study, when 44 states reported long-obsolete voting tech. The number of states in which election officials said they must replace voting equipment by 2020 actually increased, from 31 in 2015 to 33 in 2018.

National: Trump wants new authority over polling places. Top election officials say no | The Boston Globe

President Trump would be able to dispatch Secret Service agents to polling places nationwide during a federal election, a vast expansion of executive authority, if a provision in a Homeland Security reauthorization bill remains intact. The rider has prompted outrage from more than a dozen top elections officials around the country, including Secretary of State William F. Galvin of Massachusetts, a Democrat, who says he is worried that it could be used to intimidate voters and said there is “no basis” for providing Trump with this new authority. “This is worthy of a Third World country,” said Galvin in an interview. “I’m not going to tolerate people showing up to our polling places. I would not want to have federal agents showing up in largely Hispanic areas.” “The potential for mischief here is enormous,” Galvin added. The provision alarming him and others is a rider attached to legislation that would re-authorize the Department of Homeland Security. The legislation already cleared the House of Representatives with bipartisan support.

National: Democrats take first step toward curtailing superdelegates | The Washington Post

Democrats took their first official steps Saturday to reduce the power of unpledged delegates in presidential primaries, with the Democratic National Committee voting to “revise the role and ­reduce the perceived influence” of superdelegates before the next election. That vote, which is likely to reduce the number of superdelegates by at least half, came after 21 months of debate that began at the party’s 2016 convention in Philadelphia. Saturday’s discussion found a party determined to move past the 2016 primaries ­between Hillary Clinton and Sen. Bernie Sanders (I-Vt.), in large part by reducing the power of the party’s establishment to pick a nominee. “These are changes that I’m confident that people all over this country want to see,” said Rep. Keith Ellison (D-Minn.), the party’s deputy chairman and one of few Democratic members of Congress who backed Sanders for president. “I’m prepared to tell you that as a member of Congress, I don’t need more power than anybody else.”

National: State Department Was Granted $120 Million to Fight Russian Meddling. It Has Spent $0. | The New York Times

As Russia’s virtual war against the United States continues unabated with the midterm elections approaching, the State Department has yet to spend any of the $120 million it has been allocated since late 2016 to counter foreign efforts to meddle in elections or sow distrust in democracy. As a result, not one of the 23 analysts working in the department’s Global Engagement Center — which has been tasked with countering Moscow’s disinformation campaign — speaks Russian, and a department hiring freeze has hindered efforts to recruit the computer experts needed to track the Russian efforts. The delay is just one symptom of the largely passive response to the Russian interference by President Trump, who has made little if any public effort to rally the nation to confront Moscow and defend democratic institutions. More broadly, the funding lag reflects a deep lack of confidence by Secretary of State Rex W. Tillerson in his department’s ability to execute its historically wide-ranging mission and spend its money wisely.

National: Push to bolster election security stalls in Senate | The Hill

Senators are running into roadblocks from state officials as they try to craft legislation to secure election systems before the midterms in November. Sens. James Lankford (R-Okla.) and Kamala Harris (D-Calif.) are pushing for legislation that would bolster the security of U.S. voting infrastructure, with an eye toward countering threats from adversaries like Russia. But Lankford on Wednesday was forced to table an amendment to a bill moving through the Senate that was aimed at improving information-sharing between federal and state election officials on election cyber threats. State officials objected to the amendment. The development sparked frustration on the Senate Homeland Security and Governmental Affairs Committee, where lawmakers have been agitating for action. … The amendment would also mandate that election service providers, including vendors and contractors, notify state officials promptly if election systems — including voting machines, voter registration databases and election agency email systems — are breached, and that state officials provide the information to their federal counterparts in a timely fashion. The secretaries of state questioned whether states would be penalized if a vendor or contractor failed to notify state election agencies of cybersecurity incidents.

National: US senator grills CEO over the myth of the hacker-proof voting machine | Ars Technica

A US senator is holding the nation’s biggest voting machine maker to account following a recent article that reported it has sold equipment that was pre-installed with remote-access software and has advised government customers to install the software on machines that didn’t already have it pre-installed. Use of remote-access software in e-voting systems was reported last month by The New York Times Magazine in an article headlined “The Myth of the Hacker-Proof Voting Machine.” The article challenged the oft-repeated assurance that voting machines are generally secured against malicious tampering because they’re not connected to the Internet. Exhibit A in the case built by freelance reporter Kim Zetter was an election-management computer used in 2016 by Pennsylvania’s Venango County. After voting machines the county bought from Election Systems & Software were suspected of “flipping” votes―meaning screens showed a different vote than the one selected by the voter―officials asked a computer scientist to examine the systems. The scientist ultimately concluded the flipping was the result of a simple calibration error, but during the analysis he found something much more alarming―remote-access software that allowed anyone with the correct password to remotely control the system.

National: U.S. Hasn’t Shared Enough About Cyber Risks, Official Says | Bloomberg

The U.S. government has failed to share enough information about cyber threats, including risks to election systems, with federal agencies and states, according to a top Trump administration intelligence official. Intelligence agencies are “kicking butt offensively,” but the U.S. needs to be better prepared to defend against future attacks as adversaries constantly learn about “our gaps and weaknesses,’’ William Evanina, director of the National Counterintelligence and Security Center, said Thursday at a conference in Washington.

National: Senators demand cyber deterrence strategy from Trump | The Hill

A bipartisan group of senators is pressing President Trump to issue a national strategy for deterring malicious activity in cyberspace “as soon as possible,” accusing successive administrations of not giving enough urgency to the issue. “The lack of decisive and clearly articulated consequences to cyberattacks against our country has served as an open invitation to foreign adversaries and malicious cyber actors to continue attacking the United States,” the senators wrote in the letter, obtained by The Hill. “The United States has failed to formulate, implement, and declare a comprehensive cyber doctrine with an appropriate sense of urgency,” they wrote. “We urge you to end this state of inaction immediately.”

National: Democrats want millions for FBI and states to protect elections | USA Today

Democrats — and some Republicans — are pushing to boost funding for FBI counterterrorism teams and grants to states to protect against Russian meddling in elections. Lawmakers want more than $700 million for election security added to a sweeping $1.3 trillion omnibus spending bill that Congress must pass by March 23 to keep the government open. The House could take up the spending bill as early as next week. “We cannot leave states to their own devices in defending against the sophisticated cyber tactics of foreign governments,” House Minority Whip Steny Hoyer, D-Md., and 14 other House Democrats wrote in a letter this week to leaders of the House Appropriations Committee. “An attack on the electoral infrastructure in one state is an attack on all of democracy in America.”

National: Senators ask voting machine vendors if they shared code with Russian entities | The Hill

Sens. Amy Klobuchar (D-Minn.) and Jeanne Shaheen (D-N.H.) sent a letter Wednesday to three election equipment vendors to ask whether they have shared information about their machines with Russian entities. The senators wrote to Election Systems & Software, Dominion Voting Systems Inc. and Hart InterCivic Inc. to ask if the companies had shared the source code, software or other sensitive details about their machines with Russians. “Foreign access to critical source code information and sensitive data continues to be an often overlooked vulnerability. Further, if such vulnerabilities are not quickly examined and mitigated, future elections will also remain vulnerable to attack,” the senators wrote.

National: Democracy’s Gatekeepers: 2018’s Secretary of State Elections | Harvard Political Review

In state politics, the most enviable marker of power is the so-called “triplex.” To achieve a triplex, a political party must sweep the state’s three most influential offices. The first two are the governor and attorney general positions, the former due to extensive executive powers and the latter due to their power to sue the federal government. But it is the third and most frequently overlooked member of the triplex who may have the most influence over democracy: the secretary of state. The duties of the secretary of state encompass serving as the state’s chief election official, along with such administrative duties as permitting and business authentication. Because of their role in the electoral process, secretaries of state have critical influence over who can vote and how easy it is to do so.

National: Top U.S. intel official insists White House engaged on election security | Reuters

The top U.S. intelligence official insisted on Tuesday that President Donald Trump’s administration is “actively engaged” in countering Russian efforts to influence the November elections, even as he warned of Moscow’s continuing “malign activities.”  “The White House is actively engaged,” Director of National Intelligence Dan Coats told a Senate hearing, where lawmakers pressed for answers on election security. “This is a high priority for them,” he said. Coats and other intelligence officials have warned repeatedly that Russia is already trying to interfere in the 2018 mid-term elections by using social media to spread propaganda and misleading reports, much as it did during the 2016 presidential race.