National

There have been hacking attempts on election systems in more than 20 states — far more than had been previously acknowledged — a senior Department of Homeland Security official told NBC News on Thursday. The “attempted intrusions” targeted online systems like registration databases, and not the actual voting or tabulation machines that will be used on Election Day and are not tied to the Internet. The DHS official described much of the activity as “people poking at the systems to see if they are vulnerable.” “We are absolutely concerned,” the DHS official said. “The concern is the ability to cause confusion and chaos.” Only two successful breaches have been disclosed, both of online voter registration databases, in Illinois and Arizona over the summer.

National: State officials warn Congress: don’t damage public confidence in election systems | SC Magazine

An association of state officials has published an open letter that seeks to strengthen public confidence in the electoral process, in light of research that has raised questions about the security of voting machines. The National Association of Secretaries of State’s (NASS) letter calls on Congress to avoid using political rhetoric or proposing legislation that may damage confidence in the election systems. State officials are “working overtime to help the public understand the components of our election process and some of the built-in safeguards that exist,” the letter stated. “Voting systems are spread out in a highly-decentralized structure covering more than 9,000 election jurisdictions and hundreds of thousands of polling locations.” Despite NASS’s argument that the decentralized structure of election systems creates added security, a series of reports on voting machine infrastructure suggests another view. In an email to SCMagazine.com, James Scott, senior fellow at the Institute for Critical Infrastructure Technology (ICIT), noted that the lack of a centralized system creates added risks. “The lack of a National system just means that some states manage secure election systems while others lack the resources or expertise to do so,” he wrote. “An attacker only needs to compromise the results of one or two pivotal states in order to alter the results of the election.”

National: A Brief History Of Early Voting | Michael P. McDonald/Huffington Post

In recent years American voters are rediscovering a way of voting used during the country’s first half-century of existence. I’m talking about early voting. Since the early 1990s, the number voters who cast their ballots prior to Election Day has steadily risen from less than a tenth to about a third. The rise is fueled by two phenomenon. More states are offering early voting options, and once a state adopts early voting more people vote early a part of their election regimen. As voters cast their ballots prior to Election Day, they may be surprised to learn they are walking in the shoes of the nation’s founders. At the founding, voting was held over several days so that rural voters could have ample time to travel to town and county courthouses to cast their ballots. An extended voting period could not be disrupted greatly by unexpected weather that made rural river crossings impassable. In other words, early voting was matter of convenience. Two centuries later, convenience continues to be the rallying cry of early voting advocates. Just as an argument for early voting echoes through time, so does an argument against. In 1845, the federal government set a uniform, single day for voting for president: the familiar first Tuesday following the first Monday in November. Among the arguments for a single day was that it would prevent people from crossing state lines to vote more than once. Today, politicians speak of early voting as one way by which elections can be “rigged.”

National: Democrats Seek Reversal on Voter Registration Hurdle | NBC

High-ranking congressional Democrats are raising more serious concerns about a move by the director of a federal voting agency that made it easier for several red states to require documentary proof of citizenship from people registering to vote. Rep. Elijah E. Cummings, Rep. Robert A. Brady and Rep. James E. Clyburn urged the Election Assistance Commission in a letter sent Wednesday to formally rescind a change made in January to the instructions on the federal voter registration form for Kansas, Georgia and Alabama, which allowed those states to require citizenship proof. A federal court found this month that the move, which was carried out unilaterally by the agency’s executive director, Brian Newby, could disenfranchise large numbers of eligible voters. Ruling that the move may violate federal voting law, the court blocked it from being enforced pending a resolution of the case. The letter outlines what the lawmakers called “troubling findings” from their probe into the issue — among them, that Newby conducted no written analysis of the impact of the change, and that he himself may no longer be certain that it was legal.

National: Computer researcher to Congress: ‘It’s possible’ for hackers to alter election | Politico

Hackers could influence the outcomes of November’s elections, a computer science professor who has demonstrated security weaknesses in voting machines told lawmakers on Wednesday. “It’s possible,” said Andrew Appel, a professor at Princeton University, at a House Oversight IT subcommittee hearing focused on election cybersecurity. But Appel, who has hacked voting machines used in many states, was the only one to reply affirmatively when subpanel Chairman Will Hurd (R-Texas) asked for a “yes” or “no” answer to the question, “Can a cyberattack change the outcome of our national elections?” The four other people testifying — including a secretary of state, the chairman of the federal agency that assists with elections, a top Department of Homeland Security cyber official and the head of a public policy firm’s division focused on voting rights — all essentially answered “no.

National: How to thwart Election Day hackers: Vote the old-fashioned way | CNET

A congressional subcommittee on information technology gathered on Wednesday, inviting high-ranking officials from the Department of Homeland Security and the US Election Assistance Commission, as well as cybersecurity experts to testify on how hackers could hijack the 2016 presidential elections. All five witnesses agreed that a cyberattack would not affect the outcome of the presidential election this November. The electronic voting system’s best line of defense against cyberattacks is that the machines aren’t connected to the internet, meaning hackers would have to show up in person to hijack the election.

National: DHS: 18 states seeking help securing elections | CNN

Homeland Security Secretary Jeh Johnson told a Senate hearing Tuesday that 18 states have taken up his agency’s offer to help improve cyber security for their election systems, in the wake of suspected breaches blamed on Russian hackers. “We are seeing a limited number of instances where there have been efforts through cyber intrusions to get into the online presence of various state election agencies. And, one or two of them have been successful, others have not,” Johnson said at a Senate Homeland Security Committee hearing. The issue of the integrity of US elections has been a prominent one on the presidential campaign trail, with Republican presidential nominee Donald Trump and Democratic Sen. Harry Reid each raising concerns about possible rigging of the results. Both Trump and his Democratic rival, Hillary Clinton, said at Monday’s debate that they would respect the election results. Asked by Sen. Jon Tester, D-Montana, whether hackers are seeking to change votes, Johnson said: “What we are seeing are efforts to get into voter registration rolls, the identity of registered voters, things of that nature, not to change a ballot count.”

National: Voter ID laws could prevent 34,000 trans people from voting | Metro Weekly

A new study has found that over 34,000 transgender people may be prevented from voting in the upcoming election due to strict voter ID laws. The study, “The Potential Impact of Voter Identification Laws on Transgender Voters in the 2016 General Election,” was released by UCLA School of Law’s The Williams Institute — a think tank focused on sexual orientation and gender identity law and public policy. Its author, Williams Institute Scholar Jody L. Herman, Ph.D., used data from the National Gay and Lesbian Task Force and the National Center for Transgender Equality to look at voter ID laws in eight states: Alabama, Georgia, Indiana, Kansas, Mississippi, Tennessee, Virginia and Wisconsin. In those states, around 112,000 transgender are estimated to have transitioned and be eligible to vote, but about 30% may be prevented from doing so. The reason? A lack of identification that accurately reflects their correct gender, according to the study. Currently, thirty-four states have voter ID laws that require someone to produce an “acceptable” form of identification to poll workers in order to vote. The strictest forms of those laws require government-issued ID, which is where transgender people face a potential barrier.

National: U.S. Believes Russia Steered Hacked Documents to Websites | Wall Street Journal

U.S. officials are increasingly confident that the hacker Guccifer 2.0 is part of a network of individuals and groups kept at arm’s length by Russia to mask its involvement in cyberintrusions such as the theft of thousands of Democratic Party documents, according to people familiar with the matter. While the hacker denies working on behalf of the Russian government, U.S. officials and independent security experts say the syndicate is one of the most striking elements of what looks like an intensifying Russian campaign to target prominent American athletes, party officials and military leaders. A fuller picture of the operation has come into focus in the past several weeks. U.S. officials believe that at least two hacking groups with ties to the Russian government, known as Fancy Bear and Cozy Bear, are involved in the escalating data-theft efforts, according to people briefed on the Federal Bureau of Investigation’s probe of the cyberattacks.

National: New efforts to ensure election data is secure | Insights

The U.S. presidential election is just weeks away, and concerns have been raised about the security of election data. There have already been isolated incidents of voter registration databases being hacked in Illinois and Arizona. According to the nonprofit group VerifiedVoting.org, which lobbies for voting systems, there are substantial vulnerabilities with voting machines used in the U.S., with many running on the Windows XP operating system, for which support was ended in early 2014. A spokesperson for the organization states that this makes them susceptible to malware and denial-of-service attacks that could leave voters unable to cast their votes. The state of Virginia has decertified huge numbers of voting machines due to the ease with which they can be hacked remotely by people with little expertise.

National: How Hackers Could Affect the Presidential Election | Inc.com

America’s presidential election is not only a constitutional right, it’s a symbol of the country’s freedom. But in the wake of data breaches that have pimpled the last few years–in both corporate America and political campaigns–government intelligence and cybersecurity experts are warning that November’s presidential election is next on the list for a large-scale hack. In late August, Yahoo broke news that foreign hackers had breached the state Board of Elections websites in Illinois and Arizona, which the FBI’s cyber division followed up with an alert to election officials across the nation to increase voting system security. Earlier this year, hackers breached the Democratic National Committee’s network, leaking emails that led to the resignation of DNC Chairwoman Debbie Wasserman Schultz the night before Hillary Clinton accepted the presidential nomination. And last month, hackers released emails belonging to Colin Powell, the Republican former secretary of state under George W. Bush.

National: A Voice Cuts Through, and Adds to, the Intrigue of Russia’s Cyberattacks | The New York Times

Living anonymously, down a winding road in the wilderness of western Siberia, not far from the Mongolian border, the only person so far implicated in the flurry of Russian hacking of the Democratic National Committee and other political sites was obviously enjoying the moment. “We have the information, but nobody contacted us,” said Vladimir M. Fomenko, a tattooed 26-year-old who snowboards in his free time and runs a business out of a rented apartment. “It’s like nobody wants to sort this out,” he added with a sly grin. Mr. Fomenko was recently identified by an American cybersecurity company, ThreatConnect, as the manager of an “information nexus” that was used by hackers suspected of working for Russian state security in cyberattacks on democratic processes in several countries, including Germany, Turkey and Ukraine, as well as the United States. Rather than issuing blanket denials, Mr. Fomenko is apparently eager to discuss his case, lending another, if still cryptic, dimension to the intrigue, restricted before now to digital codes and online fingerprints.

National: Voter Registration Emerges as Key Political Flash-Point | NBC

Tuesday is National Voter Registration Day, when a network of thousands of voting rights and civic engagement groups will aim to add tens of thousands of Americans to the rolls. But despite the day’s non-partisan message, it comes at a time when voter registration has emerged as a major political and legal flash-point. Several red states have run into legal trouble for restrictive policies that make it harder to get or stay registered to vote, while other states, mostly blue, are dramatically expanding access. Coming off a well-received debate performance, Hillary Clinton on Tuesday urged supporters in Raleigh, North Carolina—where absentee voting has already begun—to register. “You may or may not know today is National Voter Registration Day,” Clinton said. “I hope you all will, and hope you tell everybody that you know to do the same because we want to make sure people are registered.”

National: Social networks drive tens of thousands of voter registrations | The Hill

Top social media platforms steered hundreds of thousands of users to voter registration websites over the weekend in an effort several states said set new records for registration activity. Facebook, Instagram, Snapchat and other social media networks began reminding users over the age of 18 to register to vote on Friday, ahead of Tuesday’s National Voter Registration Day. Users on Facebook were directed to a federal website that would then direct them to sites in their home states. Twitter will roll out a similar voter registration tool Tuesday, a company spokesman said. Facebook reminded users to sign up by placing reminders at the top of newsfeeds and by allowing users to declare to their friends that they had registered. SnapChat ran in-house advertisements featuring celebrities like actors Jared Leto, Jimmy Fallon and Dwayne Johnson and the singer Ciara.

National: In ballots we trust: E-voting, hacking and the 2016 election | Mashable

September 27, 2016

A vote is an act of conscience and will. It’s also an act of trust. You’re not just marking a ballot for your candidate of choice, your signifying your belief in the system. Your mark will be counted. Your voice will be heard. However, as we prepare to elect a new U.S. president, the American electorate is faced with the unnerving possibility that the results could be hacked and that sacred trust could be broken. At risk, the election system itself. … According to Joseph Lorenzo Hall, chief technologist for the Center for Democracy and Technology, voting systems are not “not connected to internet and…the diversity of system themselves poses a problem for anyone who wants to hack our elections. To attack them in a way to change votes would be quite difficult.” It’s the systems that support the election process that has them, the U.S. government and cyber-security experts worried. “To me, [our elections] look like a giant bulls eye with a U.S. flag in the center. Russian hackers will take aim. The recent DNC hack is clear evidence that hostile nation states can and will attempt to influence the U.S. presidential contest,” said Steve Morgan, founder of the cyber security research firm CyberSecurity Ventures. Perhaps the scarier question is not if they will try to influence our elections, but how.

National: Big Brands Sign Up for Voter Turnout Effort | Wall Street Journal

September 27, 2016

Large technology and media companies are among the businesses that have joined the TurboVote Challenge, an effort by nonpartisan nonprofit Democracy Works to boost U.S. voter turnout to 80% by 2020, up from about 60% in recent presidential elections. The TurboVote Challenge, which announced 35 new corporate partners Monday, including tech brands Google, Facebook, Foursquare, Instagram and Tumblr, encourages companies to promote civic engagement among their employees and customers. “We think that a total overhaul of how people vote could increase turnout by up to 20 percentage points,” said Democracy Works co-founder Seth Flaxman, who helped start Democracy Works as a graduate student at the Harvard Kennedy School of Government.

National: State officials warn Congress against ‘rigged election’ talk | The Hill

September 27, 2016

State officials are reassuring members of Congress that the integrity of November’s elections is secure amid growing concerns over cyberattacks by foreign actors tied to Russia. In an open letter to Congress, the National Association of Secretaries of State warns against damaging public confidence in the electoral process. The group, made up of bipartisan election administrators across the nation, says security measures currently in place are sufficient to guarantee an accurate vote count.
Vote-counting systems “have their own fail-safes and contingency solutions that would make it highly difficult to leverage them for changing outcomes,” the association said. “Poll books, printed records, back-ups and back-ups of back-ups all provide multiple layers of security around this part of the process.”

National: The Internet Is No Place for Public Elections | MIT Technology Review

This election year we’ve seen foreign hackers infiltrate the Democratic National Committee’s e-mail system as well as voter databases in Arizona and Illinois. These attacks have reinforced what political scientists and technical experts alike have been saying for more than a decade: public elections should stay offline. It’s not yet feasible to build a secure and truly democratic Internet-connected voting system.Researchers from government agencies and leading academic institutions studied the issue extensively following the debacle of the 2000 Presidential race, and the consensus emerged that it should not occur. That’s still the case, and today’s rampant cybercrime should be reason enough to keep voting systems disconnected. We have no good defense against malware on voters’ computers or denial of service attacks, and sophisticated adversaries like those behind the attacks on big corporations we’ve seen in recent years will find ways to get into connected voting systems, says Ron Rivest, a leading cryptographer and MIT professor. “It’s a war zone out there,” he says.

National: Hacking the election? Feds step in as states fret cyber threats | CNN

A series of high-profile breaches and warnings from national intelligence leaders has elections directors in critical battleground states seeking federal help against possible cyberattacks. Officials in Pennsylvania and Ohio tell CNN they are working closely with the Department of Homeland Security to protect their elections systems from cyberattacks and breaches. Ohio is going one step further. “We even asked the National Guard to attempt to penetrate our databases,” said Joshua Eck, a spokesman for Ohio Secretary of State Jon Husted. “We’ve had a number of really positive tests. It has gone well and we’ve been able to find vulnerabilities and fix them.” A pair of cyberattacks on Illinois’ and Arizona’s voter registration databases over the summer spurred the Obama administration to ring the alarm bells for states as they prepare for what has already been a chaotic campaign. And top Democrats on the House and Senate intelligence committees publicly accused the Russian government of seeking to alter the election. “Based on briefings we have received, we have concluded that the Russian intelligence agencies are making a serious and concerted effort to influence the U.S. election,” Sen. Dianne Feinstein and Rep. Adam Schiff, of California, said Thursday.

National: Ruling against the Federal Election Commission is a win for political money transparency | Facing South

A good-government group has won its case against the Federal Election Commission for negligence in enforcing campaign finance laws against two conservative political groups that have ties to billionaire industrialists and conservative juggernauts Charles and David Koch and that were active in several Southern states. Citizens for Responsibility and Ethics in Washington (CREW) filed a complaint with the FEC in 2012 against Americans for Job Security and the American Action Network for failing to register as political committees while financing $27.6 million worth of political ads during the 2010 elections. AJS is an anti-union 501(c)6 nonprofit trade association based in Virginia, while AAN is a 501(c)4 “social welfare” nonprofit based in Washington, D.C. After the FEC dismissed the suit, CREW sued the regulatory body itself.

National: Facebook launches Voter Registration Drive for the U.S Elections | Technowize

Apparently, Facebook is using its popularity for a good cause. The flagship social network is launching its first nationwide voter registration drive. This is an attempt to urge all the citizens of U.S to participate in the voting process. This is a special feature which will appear on the homepage of the people of U.S to encourage them to vote. Facebook hopes that through this feature, the number of voters might improve. This is because majority of the people check their Facebook newsfeed regularly and hence such a reminder will be useful.

National: Cybersecurity Threats Curb Online Voting Company Ambitions | Bloomberg

After multiple hacks of Democratic Party e-mail systems and fears of Russian cyber attacks on the U.S. election, paper ballots have taken on an unexpected appeal. Online voting software companies are convinced convenience-loving Americans will increasingly push to cast their ballots on smartphones and laptops, and they’re working to make that happen. But voter advocates, election officials and others are still leery of the risks involved in conducting elections over the all-too-vulnerable internet. For now, fears about voting security may be giving paper-ballot backers the upper hand where it matters most: Americans’ confidence in the integrity of the election system. “In recent weeks, reports on cyber attacks have voters questioning whether their vote will actually count, and that, in my opinion, is more damaging than the potential for hacking,” Louisiana Secretary of State Tom Schedler told a House committee meeting Sept. 13. The best voting system, he said, is the one which “people of that state feel comfortable voting.”… The U.S. Election Assistance Commission—which develops voluntary guidelines, tests and certifies voting hardware and software—has not certified any internet voting systems. A commission spokesman told Bloomberg BNA it was not clear if an update to its technical guidelines—slated for 2018—would include language about online voting systems. However, the guidelines committee adopted a list of priorities in September 2016 which include discussions on the risks and benefits of electronically returning ballots.

National: Officials Are Scrambling to Protect the Election From Hackers | WIRED

As the United States barrels toward November elections, officials are still looking for last-minute fixes to ensure that the patchwork of voting technology used around the country can fend off the increasingly troubling prospect of hacker attacks. And in the latest of those efforts, Georgia representative Hank Johnson is set to introduce two bills today designed to shore up that fragile system’s security. The Election Infrastructure and Security Promotion Act of 2016 would mandate that the Department of Homeland Security classify voting systems as critical infrastructure, and the Election Integrity Act would limit which voting machines states can buy and also create a plan for handling system failures. The bills reflect a growing debate about whether designating voting tech as critical infrastructure (like the public water supply, energy systems, transportation, communication grid, and the financial sector) would help to secure the U.S.’s highly decentralized voting setup. In the wake of the Democratic National Committee breach and increasingly brazen Russian cyberespionage attacks, concern is mounting about the potential for election hacking in the 2016 presidential race and beyond. Voting registries and election board websites have been compromised, security researchers have shown that electronic voting machines are vulnerable, and agencies like the FBI are on alert.

National: Proposed cybersecurity bills would forbid internet-connected voting machines | FedScoop

A pair of comprehensive, complimentary election infrastructure reform bills, which will be first introduced Wednesday in the House of Representatives, seeks to take all voting machines offline, offers funding for election cybersecurity research and mandates the use of paper ballots across the U.S. by 2018, FedScoop has learned. These two pieces of legislation — named the “Election Infrastructure and Security Promotion Act of 2016” and the “Election Integrity Act,” respectively — are being sponsored by Rep. Hank Johnson, D-Ga., a lawmaker whose constituents will rely on paperless ballots to cast their votes in November’s presidential election. “In the wake of the DNC server hack and well-documented efforts by states to suppress the vote, citizens are rightly concerned,” Johnson said in a statement. “We must work to reduce the vulnerability of our crucial voting systems, protect the security and integrity of our electoral process, and ensure all Americans have the opportunity to vote.”

National: Voter Registration Flap Still Haunting Election Agency | NBC

Voting rights advocates are accusing a Washington bureaucrat of helping Republican-led states enforce tight restrictions on voter registration, a move they say turned a federal voting agency into a de facto ally of state officials looking to make voting harder. A progressive group on Wednesday called on the federal Election Assistance Commission (EAC) to conduct an internal investigation into the actions taken by Brian Newby, the agency’s executive director. The group, Allied Progress, charged that Newby had improper private communications with his former boss, Kansas Secretary of State Kris Kobach, and perhaps other election officials, about their requests to change the federal voter registration form to require applicants to show proof of citizenship. Patricia Layfield, the inspector general of the EAC, said no decision had yet been made on whether to open an investigation into Newby’s actions. “I continue to consider the various options available,” Layfield told NBC. “I’m taking the concerns expressed in the letter very seriously.”

National: State Computers Increasingly Under Attack by Cybercriminals | Stateline

State information technology officials have strengthened their defenses against hackers and cybercriminals who attack their computer networks millions of times a day, but admit they’re not fully prepared for increasingly complex threats that could expose the personal information of their residents. A report by the National Association of State Chief Information Officers (NASCIO) and consulting firm Deloitte & Touche LLP released Tuesday revealed that cybersecurity is the foremost priority for state IT officers, who are highly concerned about increasing efforts, especially by sophisticated crooks, to breach their systems. “These sophisticated threats have grown significantly,” said Doug Robinson, NASCIO’s executive director. “There’s a never-ending parade of bad guys who are attempting to penetrate the network.” For citizens, the stakes in averting breaches are high. State data systems contain personal information about millions of people that is valuable to identity thieves. They house birth and death certificates, and driver’s license numbers. The systems also house Social Security numbers of state income taxpayers and the credit card numbers of people who make payments to state agencies.

National: Michelle Obama passport scan appears online in apparent hack | Associated Press

The White House said Thursday it was looking into a cyber breach after what appeared to be a scan of first lady Michelle Obama’s passport was posted online. The fresh disclosures, which included emails to and from White House staffers, raised further concerns about the security of sensitive systems following a string of breaches affecting government agencies, private companies and the Democratic National Committee. Though officials declined to say whether the disclosures were authentic, there were no immediate reasons to suspect they were not. Attorney General Loretta Lynch said it was “something that we are looking into.” The U.S. Secret Service, responsible for the first lady’s safety, also expressed concern.

National: Even Small Hack Could Create Chaos on Election Day | NBC

It won’t take Russian hackers or a wide-scale attack to undermine the November election, cyber security experts warn. What they fear most is something far easier to pull off: Smaller, targeted attacks on a few voting systems that create widespread doubt among voters. In the age of social media, even a small cyber-attack could explode into chaos by casting doubt on the election’s integrity, experts warn. “Today we have social media, where a lie can circle the globe before the truth can reach the keyboard,” said Gregory Miller, co-founder of the Silicon Valley non-profit OSET Institute. “It doesn’t take very long for incredible chaos to break out over the presumption that something has gone wrong.” Both President Obama and the FBI have warned of possible tampering with this year’s election process. Miller says that sets the stage for potential turmoil with or without an actual attack on Election Day.

National: New laws and rulings could cause Election Day confusion | Associated Press

With more than 120 million Americans expected to cast ballots for president this fall, the nation’s voting process seems more convoluted than ever and rife with potential for confusion come Election Day. Voting rules vary widely by state and sometimes by county, meaning some Americans can register the same day they vote, while others must do so weeks in advance. Some can mail in a ballot, while others must stand in line at a polling place that might be miles from home. Some who forget photo identification can simply sign an affidavit and have their ballot count, while others must return with their ID within a few days or their vote doesn’t matter. Fourteen states have new voting and registration rules in place for this election, according to the Brennan Center for Justice at the NYU School of Law. Legal challenges have led to a multitude of recent court rulings that have blocked or struck down some provisions and upheld or reinstated others, scrambling the picture further. The new rules and the rapidly shifting landscape have already caused confusion, and some experts fear problems on Nov. 8.

National: US lawmakers: Russia trying to ′influence the US election′ through cyber attacks | Deutsche Welle