National

Attempts to hack elections will continue in the future, the secretary of Homeland Security said Wednesday — so election officials better prepare. Secretary John Kelly was speaking about the difficult balance his agency must strike — on the one hand protecting the nation from cyber intruders while on the other, respecting state and local governments’ autonomy. Kelly said at an event at the Center for a New American Security that his agency will offer to help states and localities on an entirely “voluntary basis” — but strongly encouraged officials to get help from somewhere. “I would say that if they don’t want our help, and even if they do want our help, they’d be well advised to hire some very, very, very good hired cyber guns, if you will, to help protect, because this is the way of the future,” Kelly said.

National: Census challenges jeopardize efforts towards greater equity in the South | Facing South

The 2020 Census — a once-a-decade effort by the federal government to count every person in the U.S. — is still three years away, but recent developments at the Census Bureau have raised concerns about the accuracy of the upcoming count. The agency recently received $164 million less than what it requested from Congress in the 2017 fiscal year, despite a traditional jump in funding for critical preparation in the years leading up to the nationwide count. The Trump administration’s proposed 2018 budget doesn’t give it much more. And in May, Census Bureau Director John Thompson announced he would resign at the end of June, leaving a major gap in leadership at a critical time. Meanwhile, the U.S. Government Accountability Office has put the 2020 Census on its “High Risk List,” as it did the 2000 and 2010 Census, and cited the Bureau’s failure to implement strategies and technologies to cut Census costs, which hit a record $12.3 billion in 2010. “Over the past 3 years, we have made 30 recommendations to help the Bureau design and implement a more cost-effective census for 2020,” the GAO observed; “however, only 6 of them had been fully implemented as of January 2017.”

National: Voter fraud and suppression commission to meet in July | Washington Times

President Trump’s commission on voter fraud and suppression likely will hold its first meeting next month after a “painstakingly” slow vetting of its members, one of the panel’s co-chairmen said Tuesday. Kansas secretary of state Kris Kobach said he expects the commission to meet in Washington sometime in the second half of July to begin its work. Some commission members have complained of not having heard anything about a timetable since being appointed weeks ago. “The wheels have been turning for several months now. It’s just the process of getting members through the clearance hurdles is painstakingly long,” Mr. Kobach told The Washington Times. “We have almost all of our commissioners through the approval process, but we still have a few more remaining.”

National: A top Trump ally admits Russia will try to strike again. Does Trump care? | The Washington Post

The Israeli newspaper Haaretz reports that former New York Mayor Rudolph Giuliani, a close Trump ally, is concerned that Russia could hack our next election. He told reporter Allison Kaplan Sommer in Tel Aviv earlier today that he’s “very worried” that there could be “cyber-interference” of a more serious nature than there was in 2016 — meaning interference that could alter vote totals and effect the election outcome. Giuliani’s admission is significant, and not just because it’s an admission — from someone so sympathetic to Trump — that the ongoing threat of Russian hacking is real and not “fake news.” Giuliani, who serves as the Chair of the Cybersecurity, Privacy and Crisis Management Practice at the law firm Greenberg Traurig, is also an informal advisor to Trump on cybersecurity issues.

National: Making U.S. Elections More Secure Wouldn’t Cost Much But No One Wants To Pay | NPR

What would it cost to protect the nation’s voting systems from attack? About $400 million would go a long way, say cybersecurity experts. It’s not a lot of money when it comes to national defense — the Pentagon spent more than that last year on military bands alone — but getting funds for election systems is always a struggle. At a Senate intelligence committee hearing last week about Russian hacking during last year’s election, Jeanette Manfra , the acting deputy under secretary for cybersecurity at the Department Homeland Security recommended that election officials have a paper-based audit process to identify anomalies after an election. While that’s the advice most cybersecurity experts give, right now more than a dozen states use electronic voting machines that have no paper backup. Replacing those machines would go a long way toward protecting one of the core functions of democracy, says Larry Norden of the Brennan Center for Justice in New York. “I don’t think that would cost a huge amount of money. I think it would probably cost between $200 million and $300 million to replace that equipment,” adding that $400 million is his top estimate.

National: Clinton campaign chairman testifies in House Russia probe | Reuters

Hillary Clinton’s campaign chairman, John Podesta, on Tuesday appeared before the U.S. House of Representatives Intelligence Committee, which has begun interviewing witnesses in its probe of how Russia may have influenced the 2016 election. Committee members declined to comment on the discussion to reporters as they left the panel’s secure hearing room. Podesta stopped and commented briefly. “They asked me to come forward to give to the best of my knowledge what I knew about that, and I was happy to cooperate with the committee in their investigation of Russian interference with the democratic process in the United States,” he said.

National: How one typo helped let Russian hackers in | CNN

The email that would help Democrats lose the 2016 presidential election arrived on March 19, 2016, signed — seemingly harmlessly — “Best, the Gmail team.” The email was sent to John Podesta, the then-chairman of Hillary Clinton’s presidential campaign. But it wasn’t a benign message; it was actually a spear-phishing email authored by hackers with ties to Russia. “There was a Google alert that there was some compromise in the system,” Podesta told CNN of the email, which prompted Podesta to change his password “immediately” by clicking on a link. “It actually got managed by my assistant, who checked with our cybersecurity guy,” Podesta said. “And through a comedy of errors, I guess, he instructed her to go ahead and click on it and she did.”

National: Landmark Redistricting Lawsuit Centers On A Novel Concept: The Efficiency Gap | WVIK

As voters in many states learn more about the ongoing practice and effects of partisan gerrymandering, a high-profile lawsuit originating in Wisconsin may have profound implications for how much a political party can do to keep itself in power. The U.S. Supreme Court announced June 19 that it would hear an appeal in Gill v. Whitford, a challenge to the legislative districts Wisconsin’s Republican-controlled legislature approved in 2011. It’s always thorny to try and predict how the justices will rule on a given case based on their previous rulings and writings, and what they eventually end up asking in oral arguments. But it is helpful to focus in on the specific questions at issue, not just the greater policy implications.

National: Administration won’t release redacted intelligence report on Russian election meddling | Politico

June 27, 2017

The Trump administration is refusing to release a redacted version of a key report President Barack Obama received in January on alleged Russian interference in the 2016 presidential election, court filings show. Then-Director of National Intelligence James Clapper made public an unclassified version of that report, but the Electronic Privacy Information Center brought a Freedom of Information Act lawsuit demanding a copy of the classified report given to Obama at the same time. EPIC said the unclassified version omitted “critical technical evidence” that could help the public assess U.S. intelligence agencies’ claims that Russia did make efforts to affect the outcome of the 2016 race.

National: Election hacking fears turn heat on Homeland Security | The Hill

Growing concerns about threats to U.S. election systems have put the heat on the Department of Homeland Security (DHS) and its efforts to boost national cybersecurity. Homeland Security officials testified this week before the Senate Intelligence Committee that they have evidence that Russia targeted election-related systems in 21 states as part of its wider effort to influence the presidential election. Now, lawmakers concerned about future foreign interference in U.S. elections are pressuring the department to offer more help to states and provide more details about what happened in 2016. “I’m deeply concerned about the danger posed by future interference in our elections,” Sen. Mark Warner (D-Va.), the vice chairman of the intelligence panel, said Wednesday. “We have elections in 2018, but in my home state of Virginia, we have statewide elections this year. So this needs a sense of urgency.”

National: Homeland Security Never Checked Whether Hacking Changed Votes | Care2

This week, leaders from the Department of Homeland Security (DHS) testified to Congress that the Russian government hacked into electronic systems connected with the 2016 election in at least 21 states. Though they acknowledged that some systems had been breached and even altered, they also said that hackers were unable to change the vote counts. While it is certainly reassuring to know that vote counts weren’t tampered with (it’s a message they’ve stressed in light of previous leaks, too,) there’s one problem with the DHS’s proclamation: the agency hasn’t actually conducted any audits to confirm this belief. … With all due respect to the DHS, the government didn’t expect their systems to be as vulnerable to hacking as it has already proven to be. If hackers were able to get into voter systems, how can we be so confident that that’s as far as they got without – you know – actually checking?

National: Russia’s still targeting U.S. elections, King warns, and experts say we’re not prepared | Portland Press Herald

For weeks, U.S. Sen. Angus King has been telling anyone who’ll listen that the biggest, most worrisome thing about Russian interference in the 2016 election isn’t getting enough attention and has nothing to do with President Trump. King has warned in congressional hearings, television appearances and interviews with reporters that Moscow tried and is still trying to compromise American voting systems – and that if nothing’s done it might very well change the results of an election. … While intelligence officials say there is no evidence that vote counts were changed last November, a leading expert on security threats to voting machines said this possibility cannot be excluded without a forensic audit of the results. Even voting and vote counting machines that are not connected to the internet can be and could have been compromised when they received software programming them to display or recognize this year’s ballots, said J. Alex Halderman, director of the University of Michigan Center for Computer Security and Society.

National: Vladimir Putin denied meddling in the U.S. election. The CIA caught him doing just that. | The Washington Post

Russian President Vladimir Putin has repeatedly — and often tauntingly — denied that his government interfered in the 2016 U.S. presidential race. Earlier this month he said that the cyber campaign might have been the work of “patriotically minded” Russian hackers he likened to “artists” who take to canvases to express their moods and political views. New details reported Friday by The Post reveal the extent to which the Russian meddling bore Putin’s own signature and brushstrokes. U.S. intelligence officials have been pointing at Putin since October, when the Obama administration released a statement declaring that the stream of embarrassing emails and other material being posted online by WikiLeaks and other sites were tied to Russian hacking efforts that “only Russia’s senior-most officials could have authorized.” A broader U.S. intelligence report released in early January went further, identifying Putin by name and concluding that one of the operation’s aims was to help elect Donald Trump.

National: Analysis indicates partisan gerrymandering has benefited GOP | Associated Press

The 2016 presidential contest was awash with charges that the fix was in: Republican Donald Trump repeatedly claimed that the election was rigged against him, while Democrats have accused the Russians of stacking the odds in Trump’s favor. Less attention was paid to manipulation that occurred not during the presidential race, but before it — in the drawing of lines for hundreds of U.S. and state legislative seats. The result, according to an Associated Press analysis: Republicans had a real advantage. The AP scrutinized the outcomes of all 435 U.S. House races and about 4,700 state House and Assembly seats up for election last year using a new statistical method of calculating partisan advantage. It’s designed to detect cases in which one party may have won, widened or retained its grip on power through political gerrymandering.

National: Russians targeted 21 election systems, U.S. official says | Reuters

Russian hackers targeted 21 U.S. state election systems in the 2016 presidential race and a small number were breached but there was no evidence any votes were manipulated, a Homeland Security Department official told Congress on Wednesday. Jeanette Manfra, the department’s acting deputy undersecretary of cyber security, testified before the Senate Intelligence Committee. U.S. intelligence agencies have concluded the Kremlin orchestrated a wide-ranging influence operation that included email hacking and online propaganda to discredit Democratic presidential candidate Hillary Clinton and help Donald Trump, a Republican, win the White House in November. The Russia issue has cast a shadow over Trump’s first five months in office. The extent of interference by Russian hackers, and whether they or others could interfere in future elections, has been the source of speculation and media reports for months.

National: State and local election systems easy prey for Russians hackers | McClatchy

Local officials consistently play down suspicions about the long lines at polling places on Election Day 2016 that led some discouraged voters in heavily Democratic Durham County, N.C., to leave without casting a ballot. Minor glitches in the way new electronic poll books were put to use had simply gummed things up, according to local elections officials there. Elections Board Chairman William Brian Jr. assured Durham residents that “an extensive investigation” showed there was nothing to worry about with the county’s new registration software. He was wrong. What Brian and other election officials across eight states didn’t know until the leak of a classified intelligence is that Russian operatives hacked into the Florida headquarters of VR Systems, Inc., the vendor that sold them digital products to manage voter registrations. … David Jefferson, a computer scientist at the Lawrence Livermore National Laboratory in California who has acted in his personal capacity in trying to safeguard election integrity, said he believes it is “absolutely possible” that the Russians affected last year’s election. “And we have done almost nothing to seriously examine that,” he said. “The Russians really were engaged in a pattern of attacks against the machinery of the election, and not merely a pattern of propaganda or information warfare and selective leaking,” said Alex Halderman, a University of Michigan computer science professor. “The question is, how far did they get in that pattern of attacks, and were they successful?”

National: GOP Data Firm Accidentally Leaks Personal Details of Nearly 200 Million American Voters | Gizmodo

Political data gathered on more than 198 million US citizens was exposed this month after a marketing firm contracted by the Republican National Committee stored internal documents on a publicly accessible Amazon server. The data leak contains a wealth of personal information on roughly 61 percent of the US population. Along with home addresses, birthdates, and phone numbers, the records include advanced sentiment analyses used by political groups to predict where individual voters fall on hot-button issues such as gun ownership, stem cell research, and the right to abortion, as well as suspected religious affiliation and ethnicity. The data was amassed from a variety of sources—from the banned subreddit r/fatpeoplehate to American Crossroads, the super PAC co-founded by former White House strategist Karl Rove.

National: Can US Elections Be Hacked? Security Experts Call For More Protections Against Election Hacking | International Business Times

More than one hundred security researchers and experts signed on to a letter sent to member of the United States Congress to warn of their belief that not enough has been done to protect against potential threats to state and federal elections. The letter, published Wednesday as a Senate Intelligence Committee hearing on Russian interference during the 2016 U.S. presidential election, argues many states are unprepared to respond to cybersecurity risks that may arise during upcoming election.The signatories laid out three primary suggestions for securing the electoral process and prevent against any potential tampering that may occur. First, the experts called on election officials to establish voter-verified paper ballots as the “official record of voter intent.” Doing so would require phasing out paperless voting machines that offer no way to verify if a vote tallied by the system corresponds to the vote intended to be cast by the voter.

National: Election Hackers Altered Voter Rolls, Stole Private Data, Officials Say | Time

The hacking of state and local election databases in 2016 was more extensive than previously reported, including at least one successful attempt to alter voter information, and the theft of thousands of voter records that contain private information like partial Social Security numbers, current and former officials tell TIME. In one case, investigators found there had been a manipulation of voter data in a county database but the alterations were discovered and rectified, two sources familiar with the matter tell TIME. Investigators have not identified whether the hackers in that case were Russian agents. The fact that private data was stolen from states is separately providing investigators a previously unreported line of inquiry in the probes into Russian attempts to influence the election. In Illinois, more than 90% of the nearly 90,000 records stolen by Russian state actors contained drivers license numbers, and a quarter contained the last four digits of voters’ Social Security numbers, according to Ken Menzel, the General Counsel of the State Board of Elections.

National: Keeping Russia Out of the Voting Booth | The American Prospect

Of all the disturbing questions raised by Russia’s interference in last year’s election, the most alarming may be how a foreign power might hack into the nation’s voting infrastructure. So far there’s no evidence that Russian cyberattacks altered U.S. vote totals in any way. But recent disclosures make clear that Russian intelligence intrusions were much broader and deeper than initially known. And the U.S. election system, while it has strengths, remains vulnerable on several fronts. Aging voting machines, the absence of a paper trail in some states, and spotty audits are all weaknesses that could be exploited in 2018 and 2020. … While most states—36 all told—use machines that produce a paper record, that still leaves 14 states that still operate machines with no voter verifiable paper trail. The absence of paper makes it virtually impossible to cross-check and confirm results after the fact.

National: Computer expert: Some voting machines can be directly hacked | Washington Examiner

A computer science professor told the Senate Intelligence Committee Wednesday that voting machines that create an electronic record of the voters’ decisions are open to fraud and computer hacking, vulnerabilities that are big enough to potentially change the outcome of some elections. J. Alex Halderman, professor of computer science at Michigan University, said he and his team began studying “direct-recording electronic” (DRE) voting machines 10 years ago and found that “we could reprogram the machine to invisibly cause any candidate to win. We also created malicious software — vote-stealing code — that could spread from machine-to-machine like a computer virus, and silently change the election outcome.” … As a computer science professor, Halderman has not only run academic trials on hacking voting machines, he has also run real-time examples.

National: Intelligence Panel Learns How to Hack Air-Gapped Voting Systems | GovInfo Security

Hackers can breach air-gapped voting machines and vote tallying systems – those not connected to internet – in an attempt to alter ballots to sway the outcome of an election, the Senate Select Committee on Intelligence has learned. “Our election infrastructure is not as distant from the internet as it may seem,” Alex Halderman, a University of Michigan computer science professor, testified Wednesday before the Senate Select Committee on Intelligence The Senate panel, as well as its House counterpart, held simultaneous hearings focused on the impact of Russian hacking on America’s election process (see Election Systems’ Hacks Far Greater Than First Realized ). At both sessions, lawmakers heard witnesses agree that Russian hackers did not alter votes in the 2016 presidential election.

National: Obama White House Knew of Russian Election Hacking, but Delayed Telling | The New York Times

The Obama administration feared that acknowledging Russian meddling in the 2016 election would reveal too much about intelligence gathering and be interpreted as “taking sides” in the race, the former secretary of homeland security said Wednesday. “One of the candidates, as you recall, was predicting that the election was going to be ‘rigged’ in some way,” said Jeh Johnson, the former secretary, referring to President Trump’s unsubstantiated accusation before Election Day. “We were concerned that by making the statement we might, in and of itself, be challenging the integrity of the election process itself.” Mr. Johnson’s testimony, before the House Intelligence Committee, provided a fresh insight into how the Obama administration tried to balance politically explosive information with the public’s need to know. That question also vexed federal law enforcement officials investigating Hillary Clinton’s use of a private email server.

National: House Democrats Move to Restore Key Provisions of the Voting Rights Act | US News & World Report

Civil rights icon Rep. John Lewis, D.-Ga., and Alabama Rep. Terri Sewell Thursday introduced a bill that would restore voting rights protections struck down a year ago by the Supreme Court in an effort to block some states’ efforts to impose tough new voter registration laws. Nearly all of the 193 House Democrats have signed on to the legislation; the Congressional Black Caucus, Hispanic Caucus and Asian Pacific American Caucus also endorsed the bill. Sewell said no Republicans were willing to support the measure. The Voting Rights Advancement Act is a response to last year’s Supreme Court ruling in Shelby v. Holder; the court struck down two key provisions of the 1965 Voting Rights Act, which put 13 states under strict rules not to change their voter laws without federal approval and set a formula for determining which states would be subject to the law.

National: Little movement on White House probe into voter fraud | CNN

On Super Bowl Sunday this year, President Donald Trump told Fox News that Vice President Mike Pence would head a commission into voter fraud allegations — ones that he made, claiming that between three to five million people voted illegally in the 2016 election. The commission was formed three months later, but it has yet to meet and there’s no date set to do so. More than one member of the White House’s Election on Voter Integrity told CNN on Thursday that the group would not be doing its job if it did not examine possible interference by a Russian intelligence agency or a military intelligence agency in voting systems. “If you know that there is an outside force that is trying to jimmy the door on the election process somehow, you would want to know about that,” said Matt Dunlap, Maine’s secretary of state and a member of the commission. “That includes the Russians, the Martians, I don’t care. It has to be part of the discussion.” Dunlap said he has not heard from the White House about the commission since the May press release.

National: U.S. Elections Systems Vulnerable, Lawmakers Told In Dueling Hearings | NPR

If two nearly simultaneous hearings Wednesday by the House and Senate Intelligence Committees into Russia’s meddling in last year’s presidential election revealed anything, it’s that U.S. officials saw what was going on but were all but powerless to stop it. In his prepared remarks, former Homeland Security Secretary Jeh Johnson said the Russian government, “at the direction of Vladimir Putin himself, orchestrated cyberattacks on our Nation for the purpose of influencing our election — plain and simple.” But in response to a question from the committee’s ranking member, Rep. Adam Schiff, D-Calif., Johnson said he was concerned he would be criticized “for perhaps taking sides” in an ongoing election if he publicly spoke out about the Russian meddling that he knew was going on.

National: We just learned the government knows Russia will sabotage the next election. Now what? | The Washington Post

The Senate Intelligence Committee held a hearing this morning on Russian efforts to interfere in the 2016 election, and on what the government knows about Russian intentions to meddle in future contests. The Committee heard from three federal officials, two from the Department of Homeland Security, and one from the FBI. Together, those officials made clear that not only did Russians peddle in propaganda and fake news in an effort boost the fortunes of Donald Trump over Hillary Clinton in 2016; they also penetrated election systems via cyber warfare. But they also hinted at another important truth, which a forward looking one. Here it is: The very core of our democracy is at extraordinary risk if we are not prepared to prevent Russian interference in our next election, which is less than 18 months away.

National: Congress urged to increase voting system security | CNN

More than 100 cybersecurity and voting experts are urging the government to make the U.S. voting system more secure. The experts — which come from various industries, from business and academia to technology non-profits — signed a letter addressed to Congress on Wednesday suggesting how three major objectives need to take place to protect the integrity of the system and restore voter confidence. The letter comes as Jeanette Manfra, acting deputy undersecretary for cybersecurity and communications at DHS, told the Senate Intelligence Committee hackers targeted election-related systems in 21 states last year. The letter alleges many jurisdictions are unprepared to handle an increase in cybersecurity risks. To start, the experts believe all jurisdictions should create voter-verified paper ballots and phase out electronic voting machines.

National: Security experts warn lawmakers of election hacking risks | ZDNet

More than a hundred security researchers and computer science experts have warned in a letter to lawmakers that not enough is being done to ensure the integrity of state and federal elections. The letter, published Wednesday, argues many US states are “inadequately prepared” to respond to cybersecurity risks with upcoming elections. The hundred-plus co-signatories, including cryptographer Matthew Blaze, security expert Bruce Schneier, and PGP creator Phil Zimmermann, say the US “needs prompt action to ensure prudent elections security standards.” The experts also outlined several recommendations that would “form the basis of robust, enforceable, sensible federal standards that can restore needed confidence in American elections,” including ensuring that any electronic election machines produce a voter-verified paper ballot to establish the “official record of voter intent.”

National: Congress hears sinister tale of Russia meddling in US election | Associated Press