National: Election system hacks: We’re focused on the wrong things | InfoWorld

The security of U.S. election systems was a major water-cooler topic this summer. There was plenty of media buzz about the potential of Russians hackers infiltrating our voter databases and trying to manipulate the upcoming presidential election. Most recently, the Arizona Secretary of State’s office closed down the state’s voter registration system after a hacker compromised valid credentials and used them to access the system. Shortly after that incident, someone exploited the IVRS (Illinois Voter Registration System). A message posted to Facebook, purportedly written by Kyle Thomas, director of the election board’s voting and registration systems division, stated that the IVRS compromise was a direct result of a SQL injection attack and that the records for up to 200,000 voters were accessed. “The offenders were able to inject SQL database queries into the IVRS database in order to access information. This was a highly sophisticated attack most likely from a foreign (international) entity,” the message posted to Facebook explained. And now we have a leaked FBI memo that, although it doesn’t name Illinois and Arizona, announces that “foreign actors” used common scanning tools to find and exploit vulnerabilities in election systems. The memo also listed internet protocol addresses associated with the hacks. The leaked FBI memo recommends that states “contact their Board of Elections and determine if any similar activity to their logs, both inbound and outbound, has been detected.”

National: Most eligible expatriates don’t vote in US elections, study finds | Stars & Stripes

A study released Wednesday, described as the first of its kind, has found what political scientists have long suspected: Most American expatriates don’t vote in U.S. elections. The study by the Federal Voting Assistance Program found that voting rates for all estimated 2.6 million eligible overseas voters, excluding servicemembers and their spouses, was 4 percent in 2014. That compares to 36 percent of eligible voters in the U.S. and, according to a previous study by the FVAP, 21 percent of eligible active-duty military voters who mailed in ballots in 2014. “While we can expect to see an increase in the overall voting rates for the 2016 presidential election, we need to understand whether the overall rate for 2014 is due to low awareness of how to vote absentee or if it is related to other factors,” FVAP Director Matt Boehmer said in a news release.

National: Conservatives File Voter Registration Lawsuits That Liberals Say Are Blocking Votes | NPR

It’s no secret that voter registration lists are filled with inaccuracies. People move. Or change their names. Or die. But it can take months if not years for the rolls to get updated. Now, conservative groups are taking a number of election officials to court, saying they’re not doing their jobs. Liberal groups think the real purpose is to make it more difficult for some people to vote. The lawsuits have targeted about a dozen counties so far in Texas, Florida, North Carolina and Mississippi. And even some cities, such as Philadelphia and Alexandria, Va. “This is an effort to make the voter rolls cleaner and to follow federal law before the elections in November,” says J. Christian Adams, president of the Public Interest Legal Foundation. His group is behind the suits, along with the American Civil Rights Union. Adams is a former Justice Department official who has been at the forefront of efforts to restore what he calls “election integrity.”

National: Lack of address an extra barrier in strict voter ID states | Street Sense

Not everyone has the financial means to replace a lost or stolen identification card. People experiencing homelessness may additionally struggle with accessing other proofs of identification and residency required to obtain a new identification card. Not having any identification can mean denied access to benefits or services and, in some states, the loss of the ability to vote. While some states and the District only require identification during voter registration, others require a photo ID at the ballot box. North Dakota, Kansas, Texas, Wisconsin, Indiana, Tennessee, Mississippi, Georgia and Virginia all require photo IDs on Election Day. Other states accept non-photographic proof of identification, such as a bank statement with a voter’s name and address. So what happens if a voter goes to the polls without an acceptable form of identification in their state?

National: New legislation seeks to prevent U.S. voting systems from being hacked | Computerworld

A U.S. lawmaker has introduced two bills to protect voting systems from hacking, amid fears that Russian cyber spies may be interfering with this year’s presidential election. Representative Hank Johnson, a Democrat serving Georgia, is proposing a moratorium on state purchases of electronic voting machines that don’t produce a paper trail. His Election Integrity Act, introduced Wednesday, would also prohibit voting systems from being connected to the internet as a way to prevent online tampering. The high-profile hack of the Democratic National Committee publicized in June has citizens worried that U.S. election systems may be vulnerable, Johnson said.

National: DHS official: Look beyond November on voting-system security | GCN

With the 2016 elections just seven weeks away, state and local governments continue to work with the Department of Homeland Security to scan for vulnerabilities in voting and voter registration systems. DHS’s Andy Ozment, however, contends that the real emphasis should be elsewhere. “That’s a conversation that we’re having with state and local governments,” said Ozment, DHS’s assistant secretary of cybersecurity and communications, at a Sept. 20 event. “It’s an important conversation, but it’s not the conversation that should be the focus of our time right now.” …Ozment, who took part in a Washington, D.C., panel discussion hosted by the nonprofit organization Center Forward, said there was no timeline for a final decision on the critical infrastructure designation. He also voiced confidence in the system’s overall resiliency as Election Day approaches and urged a longer term view.

National: U.S. Intelligence Chief Suggests Russia Was Behind Election-Linked Hacks | Wall Street Journal

U.S. Director of National Intelligence James Clapper suggested Russia was behind a recent computer hacking operation that stole records from the Democratic Party and then leaked thousands of documents online. Mr. Clapper, speaking Tuesday evening at an event hosted by the Washington Post, said Russia has been conducting similar exercises since the 1960s targeting the U.S. “It shouldn’t come as a big shock to people,” Mr. Clapper said. “I think it’s more dramatic maybe because now they have the cyber tools.” A spokesman for the Russian embassy in Washington didn’t immediately respond to a request for comment. Mr. Clapper’s comments were his most explicit to date connecting Russia to the hacking operation, which is believed to have been conducted over more than a year. Three internet outlets have leaked some of the stolen files since April, with some of the files proving embarrassing enough that their disclosure prompted the resignations of several top Democratic Party officials.

National: Hacking the ballot – How safe is your vote this November? | The Tech

Efforts by hackers to infiltrate elections systems in Arizona and Illinois this summer, and the successful hack of the Democratic National Committee emails – allegedly by Russians – have officials and voters on edge as the Nov. 8 election nears. “It causes panic in the public,” said Tim Mattice, executive director of The Election Center, which represents 1,300 state and local election officials and vendors. “People think, ‘Oh my goodness … my vote is not going to count.” Statements by Donald Trump, the Republican nominee for president, that only a rigged result could cost him the election have brought a strong response from officials like Ohio Secretary of State Jon Husted, who runs elections in the state. “Donald Trump is wrong when he says the election is being rigged,” said Husted, a fellow Republican. “It’s a ridiculous notion.”

National: Early Voting: Gaming the Six-Week Election Day | Bloomberg

Election Day starts this week. Beginning on Sept. 23, any Minnesotan can go to a local election office and complete an absentee ballot. The following Thursday, voters in neighboring Iowa have the same opportunity. Between Oct. 20-24, North Carolina, Nevada, and Florida get in the game. In Colorado, the entire election will be conducted by mail ballot. By the constitutionally mandated first Tuesday after a Monday in November, more than one-third of Americans will have already voted for president. There are still battleground states that make no provision for early voting—Pennsylvania, Virginia, and New Hampshire stand out for their old-fashioned ways—but in those that do it has created a new kind of electoral arms race. Early voting is a particular gift to well-organized, well-funded campaigns, which can extend their turnout operations across as long as six weeks, locking down precise factions of the electorate in domino-like fashion, and sequence their persuasion efforts with a clear view of who has yet to vote. Building on the ground-game innovations of President Barack Obama’s two successful efforts, Hillary Clinton’s campaign has reshuffled its entire org chart with the election timetable in mind, grouping early-voting states together so that get-out-the-vote efforts can happen on an accelerated, exacting schedule.

National: Despite flaws, paperless voting machines remain widespread in U.S. | Reuters

One in four registered voters in the United States live in areas that will use electronic voting machines that do not produce a paper backup in the November presidential election despite concerns that they are vulnerable to tampering and malfunctions, according to a Reuters analysis. The lack of a paper trail makes it impossible to independently verify that the aging touch-screen systems are accurate, security experts say, in a year when suspected Russian hackers have penetrated political groups and state voting systems and Republican presidential candidate Donald Trump has said the election may be “rigged.” Election officials insist the machines are reliable, but security experts say they are riddled with bugs and security holes that can result in votes being recorded incorrectly. A Reuters analysis of data from the U.S. Census Bureau, the Election Assistance Commission and the Verified Voting Foundation watchdog group found that 44 million registered voters, accounting for 25 percent of the total, live in jurisdictions that rely on paperless systems, including millions in contested states such as Georgia, Pennsylvania and Virginia.

National: States Ask Feds for Cybersecurity Scans Following Election Hacking Threats | Government Technology

A spate of hacking attacks has put U.S. states on edge ahead of November’s presidential vote as election officials rush to plug cybersecurity gaps with help from the federal government. Nine states have asked for “cyber hygiene” scans in which the Department of Homeland Security looks for vulnerabilities in election authorities’ networks that are connected to the internet, according to a DHS official who asked not to be identified because the information isn’t public. With less than two months before the election, DHS wants more states to sign up. The threat — primarily from foreign hackers or intelligence agencies — affects states that are reliably Democratic or Republican as well as key battlegrounds including Pennsylvania and Ohio, officials and cybersecurity experts said. While hackers may not be able to change the actual outcome from afar, they could sow doubts by manipulating voter registration websites, voter databases and systems used to track results on election night. “We’re certainly on high alert,” said Dean Logan, the registrar-recorder and county clerk in Los Angeles County, the nation’s biggest electoral district. “Across the whole network of services and online applications for the county there are frequent indications of attempts to get into those systems.”

National: See How Likely It Is That Your Voting Booth Gets Hacked | TIME

In a world where we can program our refrigerators to order more milk or conjure images of distant galaxies with a few swipes on a smartphone, it’s significant that the best, most reliable technology available on Election Day 2016 is good, old-fashioned paper. “It seems counterintuitive, but paper is a technology that just happens to work really well for elections,” says Pamela Smith, the president of Verified Voting, a nonpartisan organization that advocates for accurate and transparent elections. “You can’t hack a piece of paper. Voters can mark it and see their vote, and then the ballots can be collected and double-checked.” … The real problem, said Lawrence Norden, the deputy director of the Brennan Center for Justice Democracy Program, lies with the nearly 40 million Americans who won’t be voting on paper, again based on 2012 figures. Those voters will instead be saddled with electronic voting machines (the yellow and red-colored counties on the map), many of which are more than a decade old, lack basic cybersecurity protections, and utilize hardware no more sophisticated than a stripped down, Bush-era laptop. In 42 states, electronic voting machines are more than a decade old, according to Norden’s research. (Many states still use such machines for voters who require special assistance.)

National: Obstacles facing homeless voters | Al Jazeera

Inside the wide, sunlit foyer of the Martin Luther King Jr Memorial Library, Eric Sheptock points to an expansive mural of the late civil rights activist. “I wish that the poor people of today were as willing to fight for justice as those who marched with Martin Luther King,” he says. “It seems that the poor have lost heart and are less willing to stand up for themselves.” Sheptock, who has been intermittently homeless since 1994, has become an activist for Washington DC’s homeless community, which he hopes will vote in the forthcoming elections when Americans head to the polls to choose their 45th president. “There is no reason for a homeless person not to vote,” he tells Al Jazeera. “You can’t be denied the right to vote because you’re homeless.”

National: Some Republicans Acknowledge Leveraging Voter ID Laws for Political Gain | The New York Times

In April of this year, Representative Glenn Grothman, Republican of Wisconsin, predicted in a television interview that the state’s photo ID law would weaken the Democratic presidential candidate Hillary Clinton’s chances of winning the state in November’s election. It was not the first time he cited voter ID requirements’ impact on Democrats; in 2012, speaking about the law’s effect on President Obama’s re-election race, Mr. Grothman said voter ID requirements hurt Democrats because Democratic voters cheat more often — a premise that remains unproven. One of the few verified instances of recent voter fraud at a Wisconsin polling place — the only kind of fraud that a photo ID might prevent — padded a Republican governor’s tally.

Also in Wisconsin, Todd Allbaugh, 46, a staff aide to a Republican state legislator, attributed his decision to quit his job in 2015 and leave the party to what he witnessed at a Republican caucus meeting. He wrote on Facebook:

I was in the closed Senate Republican Caucus when the final round of multiple Voter ID bills were being discussed. A handful of the GOP Senators were giddy about the ramifications and literally singled out the prospects of suppressing minority and college voters. Think about that for a minute. Elected officials planning and happy to help deny a fellow American’s constitutional right to vote in order to increase their own chances to hang onto power.

National: Putin wants revenge and respect, and hacking the U.S. is his way of getting it | The Washington Post

The recent spate of embarrassing emails and other records stolen by Russian hackers is President Vladimir Putin’s splashy response to years of what he sees as U.S. efforts to weaken and shame him on the world stage and with his own people, according to Russia experts here and in the U.S. intelligence world and academia. Putin is seeking revenge and respect, and trying to reassert Russia’s lost superpower status at a time of waning economic clout and an upcoming Russian election, according to interviews with specialists here and in Washington, with a senior U.S. intelligence official, recently retired CIA operations officers in charge of Russia, and the last three national intelligence officers for Russia and Eurasia analysis in the Office of the Director of National Intelligence. “He’s saying, if you think you have the chops to do this — well, we do, too!” said Fiona Hill, a national intelligence officer for Russia during the George W. Bush and Obama administrations who is now at the Brookings Institution.

National: Could Russian hackers change the US election result? | Al Jazeera

With the US election less than two months away, recent attempts to hack election data systems have prompted some officials to say that Russia could be trying to manipulate the race. But is such a thing likely? Or are the claims just propaganda? The cyber attacks on voter registration systems in Arizona and Illinois late last month were blamed by some anonymous officials on Russia, and followed a high-profile hack of Democratic Party computers that resulted in a cache of emails being released by WikiLeaks. While the voter registration hack resulted in the theft of only a single username and password, the FBI is investigating.

National: Polling places become battleground in U.S. voting rights fight | Reuters

Louis Brooks, 87, has walked to cast a vote at his neighborhood polling place in Georgia’s predominantly black Lincoln Park neighborhood for five decades. But not this year. Brooks says he will not vote in the presidential election for the first time he can remember after local officials moved the polling station more than 2 miles (3 km) away as part of a plan to cut the number of voting sites in Upson County. “I can’t get there. I can’t drive, and it’s too far to walk,” said Brooks, a black retired mill worker and long-time Democratic Party supporter. He said he does not know how to vote by mail and doesn’t know anyone who can give him a ride. A Reuters survey found local governments in nearly a dozen, mostly Republican-dominated counties in Georgia have adopted plans to reduce the number of voting stations, citing cost savings and efficiency.

National: Sowing Doubt Is Seen as Prime Danger in Hacking Voting System | The New York Times

Russian hackers would not be able to change the outcome of the United States presidential election, the nation’s most senior intelligence and law enforcement officials have assured Congress and the White House in recent weeks. But disrupting it, they acknowledge, would be far easier — causing doubts in battleground states, prompting challenges to results and creating enough chaos to make Florida’s hanging chads seem like a quaint problem from the analog age. By some measures, in fact, the disruption has already begun. And meddling around the edges of an election could sow doubts about the legitimacy of the results — especially in a year in which the Republican nominee, Donald J. Trump, has told his supporters that the only way he will lose is if the election is “rigged,” and while campaign officials for his Democratic opponent, Hillary Clinton, have held a series of meetings about preparing for the possibility that the vote will be hacked. The White House has declined to name Russia publicly as the chief suspect in a series of recent hacks, and has worded its public warnings carefully. The greatest danger, Lisa O. Monaco, President Obama’s domestic security adviser, said on Wednesday, is from attempts to cause “concern or confusion” about the voting system.

National: Lawmakers weigh federal role in preventing election hacks | The Hill

The House Science Committee met Tuesday to discuss efforts to safeguard the November elections from hacking threats, with lawmakers pressing officials on the potential danger and the federal response. Concerns over an election hack have grown after recent breaches to Illinois and Arizona’s online voter registration databases and the Democratic National Committee email hack. “Rightly, we should be concerned about the integrity of our election system,” said Rep. Barry Loudermilk (R-Ga.), who pressed witnesses on whether elections should be treated as critical infrastructure requiring federal support. “Typically, whatever we get involved with doesn’t run as well as if the state is doing it themselves,” he cautioned.

National: Can your vote be hacked—after you cast it? | The Parallax

In early August, Donald Trump began expressing fear that the U.S. presidential election would be “rigged” against him. “I’m afraid the election is going to be rigged, I have to be honest,” Trump told an audience in Columbus, Ohio. While much has been written about his remarks—as well as several others he made in the weeks following the Democratic National Convention—it remains an open question whether electronic databases storing votes can be hacked and manipulated. Voting has entered the digital era on two fronts. Electronic voting machines and, in some locations, Internet voting have introduced numerous opportunities for hackers to alter voting records. It is the security of massive spreadsheets recording the will of the people that concerns Richard Forno, a computer security expert who recently thrust himself into the national debate over the hackability of U.S. elections by publishing a column on the subject. “Everyone’s focusing on the edges of the network, the voting machines, but no one’s looking at the databases,” Forno, a career computer security expert and currently the director of the Graduate Cybersecurity Program at the University of Maryland at Baltimore County, tells The Parallax.

National: House homeland security chairman urges Obama administration to secure election system | InsideCyberSecurity

House Homeland Security Chairman Michael McCaul (R-TX) is urging the Obama administration to act quickly to secure the nation’s election system amid allegations of Russian hacker interference, rejecting concerns that the move would be a federal takeover over a system managed at the state and local level. “We can’t afford to let a foreign government attack our country – our election system,” McCaul said today at the Internet Security Alliance conference on Capitol Hill. “We can’t afford to let a foreign government attack our country – our election system,” McCaul said today at the Internet Security Alliance conference on Capitol Hill. McCaul referred to a “debate going on within the administration” over designating the national election system as critical infrastructure, which would allow the Department of Homeland Security to provide assistance under a national program for a coordinated response to risks to critical industry sectors.

National: FBI trying to build legal cases against Russian hackers: sources | Reuters

The Federal Bureau of Investigation is intensifying efforts to find enough evidence to enable the Justice Department to indict some of the Russians that U.S. intelligence agencies have concluded are hacking into American political parties and figures, U.S. law enforcement and intelligence officials said on Thursday. Building legal cases is difficult, largely because the best evidence against foreign hackers is often highly classified, they said. Still, some White House and State Department officials think legal action is the best way to respond to what they said are growing Russian attempts to disrupt and discredit the November elections, without sparking an open confrontation with Russian President Vladimir Putin. “Doing nothing is not an option, because that would telegraph weakness and just encourage the Russians to do more meddling, but retaliating in kind carries substantial risks,” said one U.S. official involved in the administration’s deliberations. Russia has denied it sponsors or encourages any hacking activity.

National: Can the vote really be hacked? Here’s what you need to know | CS Monitor

Recent cyberattacks on state voter databases and the Democratic National Committee are raising fresh concerns that hackers could manipulate the upcoming presidential election. … “When people hear how the Russians have infiltrated political parties or state election sites, they immediately jump to, ‘Oh, they can flip votes and change the result of an election,’ ” said Lawrence Norden, deputy director of the Democracy Program at New York University’s Brennan Center for Justice. That’s much easier said than done, said Mr. Norden. State boards of elections and law enforcement officials are working to protect the vote, and election officials do have measures in place to safeguard elections. For instance, the Department of Homeland Security said it will monitor closely for suspected breaches on voting systems and work with election boards to bolster their security. Still, according to Norden and other experts, more needs to be done. Here’s a closer look at potential problems at today’s ballot box and some solutions to harden the vote against hackers.

National: Why Can’t Americans Vote Online? | Tom’s Guide

If we were to poll the readers of this article, we would likely find that the vast majority of readers — if not all — regularly shop online, make banking transactions online, fill out registrations and applications online, pay taxes online and maybe even vote for contestants in reality shows online. Yet Americans cannot vote for candidates for public office online. … But experts warn that online voting isn’t as simple as it sounds. Even though it has already been tried in a few places around the world, it probably can’t be secured. We already worry about hackers stealing our credit cards and our identities. If we voted online, we would have to worry about hackers stealing our elections, too.… Several countries have experimented with online voting, but none has forged ahead as far as the tiny Baltic country of Estonia, where nearly a third of ballots are cast online. But Estonia’s elections don’t look anything like those of the United States, where more votes are cast in some cities than in all of Estonia. The Estonian online voter must plug a national ID card — mandatory for all Estonians older than 15, and each of which has an embedded encrypted chip — into a card reader attached to his or her computer. It sounds secure, but two independent assessments, led by Verified Voting in 2011 and the University of Michigan in 2014, found serious flaws with the system.

National: Hackers are already shaping U.S. election coverage with data leaks | Computerworld

Hackers are becoming a major source of political leaks in this year’s presidential race. Case in point: On Tuesday, stolen emails from former secretary of state Colin Powell became headline news after a mysterious site with possible ties to Russian cyber spies gave them to the press. Since then, media outlets have been pointing out juicy details found in the emails. For example, Powell called Clinton “greedy” and her rival Donald Trump a “national disgrace.” The incident has security experts worried that hackers are manipulating U.S. media outlets to influence this year’s election. “The media is certainly being used as a battlefield here,” said Rich Barger, CIO with security firm ThreatConnect.

National: Organization Of American States To Observe U.S. Election | NPR

The upcoming presidential election will mark a surprising first. Yes, a woman will be on the ballot as a major party nominee. But in addition, for the first time ever, the Organization of American States is sending poll observers to watch as U.S. voting takes place. The OAS, based in Washington, D.C., has previously observed elections in 26 of its 34 member nations, but never before in the United States. The mission will be led by former Costa Rican President Laura Chinchilla. Gerardo de Icaza, the OAS director of electoral observation and cooperation, says “a small deployment” of 20 to 30 observers will be sent at the invitation of the U.S. State Department. He says the OAS views it “as a learning experience” and will issue nonbinding recommendations “that can improve the electoral system anywhere.” Those recommendations will be shared with the other OAS members.

National: DHS won’t define election systems as critical before November | FedScoop

The Department of Homeland Security will not classify election systems as critical infrastructure before the November presidential election, DHS Assistant Secretary for Cybersecurity Andy Ozment said at the Billington Cybersecurity Summit Tuesday. “This is not something we’re looking to in the near future. This is a conversation we’re having in the long term with state and local government, who are responsible for voting infrastructure,” said Ozment, a former senior director for cybersecurity on the National Security Council. “We’re focused right now on what we can usefully offer that local and state government will find valuable.”

National: NSA Chief: Potential Russian Hacking of U.S. Elections a Concern | NBC

The head of the National Security Agency said Tuesday that the potential for Russia to harm the U.S. electoral process in the upcoming general election is a concern. Cybersecurity officials have become increasingly worried about the issue in the wake of revelations that Russia-based hackers were behind two recent hacking attempts into state voter registration databases. One incident included stealing information from roughly 200,000 Illinois voting records. In another attempt in Arizona, cyber criminals used malware to try and breach voting records, forcing state officials to disable online voting registration for nine days as they investigated the unsuccessful hacking.

National: Possible Russian Meddling with US Elections Worries Key Defense Officials | VoA News

Top U.S. defense officials insist they are not turning a blind eye to fears that Russian hackers are trying to hijack upcoming U.S. presidential and local elections. Still, the scope of the threat and just how the U.S. plans to respond remain unclear. “This continues to be an issue of great focus,” said Adm. Michael Rogers, who serves as both National Security Agency Director and chief of the Defense Department’s Cyber Command. “I’m not going to characterize this activity,” Rogers told members of the Senate Armed Services Committee on Tuesday, but added “I think there are scenarios where you could see capability applied.” The question was first raised by Senate Armed Services Committee Chairman John McCain, a long-time Republican senator from Arizona who is running for reelection … “They need not attack every county in every state,” said Rice University Professor Dan Wallach. “It’s sufficient for them to go after battleground states where a small nudge can have a large impact.”

National: Guccifer 2.0 drops more DNC docs | Politico

The hacker persona Guccifer 2.0 has released a new trove of documents that allegedly reveal more information about the Democratic National Committee’s finances and personal information on Democratic donors, as well as details about the DNC’s network infrastructure. The cache also includes purported memos on tech initiatives from Democratic vice presidential nominee Tim Kaine’s time as governor of Virginia, and some years-old missives on redistricting efforts and DNC donor outreach strategy. DNC interim chair Donna Brazile immediately tied the leak to GOP presidential nominee Donald Trump. “There’s one person who stands to benefit from these criminal acts, and that’s Donald Trump,” she said in a statement Tuesday night, adding that Trump has “embraced” Russian President Vladimir Putin and “publicly encouraged further Russian espionage to help his campaign.”