National

Attorneys for Dominion Voting Systems sent a letter to Sidney Powell, a onetime member of President Trump’s legal team, demanding she retract her claims that the voting machine company helped rig the 2020 election. The letter, from the Alexandria, Va.-based law firm Clare Locke, warns Powell that she will expose both herself and the Trump campaign to “substantial legal risk for defamation” if she refuses to publicly recant the many unsubstantiated claims she has made about the company. “As a result of your false accusations, Dominion has suffered enormous harm, and its employees have been stalked, have been harassed, and have received death threats,” the letter states. “We demand that you immediately and publicly retract your false accusations and set the record straight. If you refuse to do so and instead choose to stand by your defamatory falsehoods, that will be viewed as additional evidence of actual malice.” Powell has been among the most vocal and active proponents of allegations — none of which have held up in court — that the election was stolen from Trump through widespread fraud and corruption. Powell has claimed that Dominion used an algorithm to flip some votes from Trump to President-elect Joe Biden. She has also claimed that Dominion paid kickbacks to GOP officials in Georgia and elsewhere to keep quiet about the scheme, among many other allegations.

Full Article: Dominion voting machines demands pro-Trump attorney Sidney Powell retract ‘defamatory’ accusations | TheHill

National: Democrats and Republicans are ending 2020 as far apart as ever on election security | Joseph Marks/The Washington Post

Any chance of Congress burying old gripes and working together on election security took a serious blow during 2020’s final hearing on the topic. That hearing of the Senate Homeland Security Committee pitted Christopher Krebs, the former cybersecurity chief fired for affirming the integrity of the election, against allies of President Trump who repeated many of the same debunked election fraud claims already tossed out in dozens of court cases. Republican senators repeatedly asserted the election result was compromised, even though no court has upheld those claims in more than 50 legal cases. Sen. Rand Paul (R-Ky.) declared “the election in many ways was stolen,” a claim that has not been endorsed by a single top state election official, Republican or Democrat. Republicans also repeatedly attacked Democrats for expressing concerns about the integrity of the 2016 election, but not the 2020 contest — ignoring the fact that Russian interference in the 2016 election was confirmed by U.S. intelligence agencies and a unanimous report from the Republican-led Senate Intelligence Committee, while leading state and federal officials have declared there was no such interference in 2020. At one point the hearing even devolved into a shouting match between Sen. Ron Johnson (R-Wis.) and the committee’s top Democrat, Sen. Gary Peters (Mich.), over unrelated investigations into Hunter Biden, the son of President-elect Joe Biden. Johnson said Peters “lied repeatedly in the press, that I was spreading Russian disinformation,” while Peters replied: “This is not about airing your grievances. … I don’t know what rabbit hole you’re running down.” Nor did Republicans acknowledge reforms that Democrats and election security experts have been pushing for years aimed at raising confidence in future elections. They include ensuring there are paper ballots in all counties that lack them, increasing post-election audits and mandating more transparency by voting-machine vendors.

Full Article: The Cybersecurity 202: Democrats and Republicans are ending 2020 as far apart as ever on election security – The Washington Post

National: Biden and lawmakers raise alarms over cyber breach amid Trump silence | Anne Gearan, Karoun Demirjian, Mike DeBonis and Annie Linskey/The Washington Post

Democrats and some Republicans raised the alarm Thursday about a massive and growing cybersecurity breach that many experts blame on Russia, with President-elect Joe Biden implicitly criticizing the Trump administration for allowing the hacking attack to occur. “We need to disrupt and deter our adversaries from undertaking significant cyber attacks in the first place,” Biden said in a statement. “Our adversaries should know that, as president, I will not stand idly by in the face of cyber assaults on our nation.” President Trump, by contrast, has said nothing about the hack affecting numerous federal agencies as well as U.S. companies. U.S. national security agencies are still assessing the scope and severity of the breach, which was discovered by a commercial firm. The president’s silence about an organized attack on the U.S. government marks the latest example of his persistent reluctance to criticize Russia, which U.S. intelligence agencies have accused of interfering in the 2016 election to help Trump. Throughout his presidency, Trump has contradicted his own government’s findings about 2016 election hacking and disinformation efforts, and he has publicly accepted Russian President Vladimir Putin’s word that Moscow was blameless.

Full Article: Biden and lawmakers raise alarms over cyber breach amid Trump silence – The Washington Post

National: Federal investigators find evidence of previously unknown tactics used to penetrate government networks | Craig Timberg and Ellen Nakashima/The Washington Post

Federal investigators reported Thursday on evidence of previously unknown tactics for penetrating government computer networks, a development that underscores the disastrous reach of Russia’s recent intrusions and the logistical nightmare facing federal officials trying to purge intruders from key systems. For days it has been clear that compromised software patches distributed by a Texas-based company, SolarWinds, were central to Russian efforts to gain access into U.S. government computer systems. But Thursday’s alert from the Cybersecurity and Infrastructure Agency at the Department of Homeland Security said evidence suggested there was other malware used to initiate what the alert described as “a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations.” While many details remained unclear, the revelation about new modes of attack raises fresh questions about the access that Russian hackers were able to gain in government and corporate systems worldwide. “This adversary has demonstrated an ability to exploit software supply chains and shown significant knowledge of Windows networks,” the alert said. “It is likely that the adversary has additional initial access vectors and tactics, techniques, and procedures (TTPs) that have not yet been discovered.”

Full Article: Federal investigators find evidence of previously unknown tactics used to penetrate government networks – The Washington Post

National: Pence prepares to oversee Trump’s loss — and then leave town | Gabby Ohr and Nahal Toosi/Politico

On Jan. 6, Vice President Mike Pence will oversee final confirmation of President-elect Joe Biden’s victory. Then he’ll likely skip town. As vice president, Pence has the awkward but unavoidable duty of presiding over the session of Congress that will formalize Biden’s Electoral College victory — a development that is likely to expose him and other Republicans to the wrath of GOP voters who believe President Donald Trump’s false claim that the election was stolen from him. But Pence could dodge their ire by leaving Washington immediately for the Middle East and Europe. According to three U.S. officials familiar with the planning, the vice president is eyeing a foreign trip that would take him overseas for nearly a week, starting on Jan. 6. Though Pence aides declined to confirm details of the trip, which remains tentative, a U.S. government document seen by POLITICO shows the vice president is due to travel to Bahrain, Israel and Poland, with the possibility of more stops being added. A pre-advance team of Pence aides and other U.S. officials left earlier this week to visit the planned stops in preparation for the multicountry tour, which would be Pence’s first trip abroad since last January, when he traveled to Rome and Jerusalem on a whirlwind two-day sojourn.

Full Article: Pence prepares to oversee Trump’s loss — and then leave town – POLITICO

National: Voting machine firm demands pro-Trump attorney retract bogus claims about 2020 election | Olivia Rubin and Matthew Mosk/ABC

The Colorado voting machine company that fringe pro-Trump forces have targeted with dark conspiracy theories of a rigged 2020 election is demanding that conservative lawyer Sidney Powell retract the “wild, knowingly baseless, and false” allegations she has made against them. Dominion Voting Systems made their demands in a letter to Powell, who has taken a central role in pushing the debunked theory that dark forces rigged Dominion machines to flip votes from Trump to former Vice President Joe Biden. The company’s letter represents its most aggressive posture to date, and signals the early stages of what could become heavy and costly pushback against the lawyers who have led a post-election campaign to discredit the 2020 election results. Pro-Trump attorneys have filed more than 60 lawsuits as part of the effort, nearly all of which have been dismissed, often with sharply-worded rulings. Despite having been repeatedly disputed by the company and disproven by federal election officials, the bogus conspiracy theory has spread fast and wide on social media and in conservative media outlets.

Full Article: Voting machine firm demands pro-Trump attorney retract bogus claims about 2020 election – ABC News

National: Lawmakers Scrap $500 Million in State Election Security Grants | Billy House/Bloomberg

Congressional negotiators have eliminated $500 million in election security grants to the states from a final version of a measure to fund the U.S. government into 2021, a top House Democrat says. That development comes as President Donald Trump and his allies continue to promote unfounded claims of widespread voter fraud in the Nov. 3 election, even though their allegations have been rejected by courts and state election officials. Mike Quigley, the chairman of the House Appropriations Subcommittee on Financial Services and General Government, said Wednesday he’d been told that the omnibus funding package being worked out with Senate negotiators “zeros out” the state assistance money. Quigley, who also serves on the House Intelligence Committee and is an enthusiastic proponent of the grants, called the move short-sighted and the timing “inexplicable,” especially given the threat of cyber attacks and other vulnerabilities faced by voting systems. Evan Hollander, a spokesman for House Appropriations Committee Chair Nita Lowey of New York, declined to confirm that the money was not included. The chairman of the U.S. Election Assistance Commission, Ben Hovland, said in an interview Wednesday night that he had not been told officially of the fate of the $500 million and that, “it’s not done until it’s done.”

Full Article: Lawmakers Scrap $500 Million in State Election Security Grants – Bloomberg

National: Former CISA Director Krebs again defends election security efforts | Benjamin Freed/StateScoop

Chris Krebs, who was fired last month as director of the Cybersecurity and Infrastructure Security Agency by President Donald Trump after saying that the 2020 presidential election was “the most secure” in U.S. history, repeated that message as a private citizen Wednesday to the Senate Homeland Security Committee. Speaking during a session that the panel’s chairman, Ron Johnson, R-Wis., convened for the purposes of “examining irregularities” with the Nov. 3 election, Krebs held up the work done by his former agency and by state and local election officials who spent nearly four years replacing voting equipment, refining security practices and ensuring that nearly every ballot cast was recorded on paper. “There are a number of different computers, systems, machines involved in the entirety of the election process from registration to ballot design to ballot printing to actual voting, to tabulation,” Krebs said in response to Johnson asking about technologies used in the voting process. “But election officials are very careful that technology is not a single point of failure and that there are security controls before, during and after the process. As long as you have the paper — you can’t hack paper — you can run that process.” While Johnson and some of his fellow Republican members — as well as other witnesses, including some of the attorneys who’ve represented Trump in his unsuccessful lawsuits seeking to overturn his electoral loss — brought up evidence-free claims of fraud, much of the hearing focused on the misinformation about the voting process that’s flooded social media in the weeks since Election Day, as well as the threats and harassment received by election officials. Krebs said that while it’s “pretty straightforward” to debunk the claims, often promoted by the outgoing president and his supporters, that equipment manufactured by certain vendors switched people’s votes, their ongoing prevalence has had deleterious effects on democracy and on the people who conduct the election process. “We’re past the point where we need to be having conversations about the outcome of this election,” Krebs said. “I think continued assaults on democracy, and the outcome of this election, is ultimately corrosive to the institutions that support elections.”

Full Article: Former CISA Director Krebs again defends election security efforts

National: The key to future election security starts with a roll of the dice | Patrick Howell O’Neill/MIT Technology Review

We’re now six weeks past Election Day, and electors in every state followed the will of the voters and confirmed the victory of Joe Biden. But while the Electoral College made the results official, President Donald Trump is continuing to protest them, despite having lost dozens of court cases within the past month. In any case, Congress is slated to complete the process of electing Biden on January 6. President Trump’s attack on American elections accelerated a problem that already existed in the United States: the public doesn’t trust the vote. So how can we help more Americans believe in the most important function of our democracy? One of the states with the most contentious states votes in 2020 might have something to tell us. Georgia’s election was close. When it turned out that were only 12,000 votes separating Joe Biden from Donald Trump, the world turned its attention to the count there. The state’s election processes have changed significantly in just the last year, including a switch to more secure paper ballots and a law requiring a post-election audit, which was then used to examine this year’s tight presidential race. An audit is not a recount. Instead, it is a routine check of a portion of ballots, using statistical tests to root out anomalies. This is meant to increase everyone’s confidence that the outcome is correct. Georgia’s secretary of state, a Republican, ran the audit this year: it discovered and corrected a relatively small number of counting errors. That process was open and transparent, and the changes were too few to affect the results. In the end, it reaffirmed Joe Biden’s win in Georgia.

Full Article: The key to future election security starts with a roll of the dice | MIT Technology Review

National: Senate hearing elevates baseless claims of election fraud | Christina A. Cassidy and Mary Clare Jalonek/Associated Press

Republican senators on Wednesday further perpetuated President Donald Trump’s baseless claims of widespread voter fraud, two days after Democrat Joe Biden’s victory was sealed by the Electoral College. Lawmakers bickered heatedly at times during a committee hearing as Democrats pushed back against the unfounded allegations and a former federal cybersecurity official who oversaw election security said continued attempts to undermine confidence in the process were corrosive to democracy. The session, held by the Senate Homeland Security and Governmental Affairs Committee over Democratic protests, elevated the groundless claims of fraud to the highest levels of government and provided two of Trump’s lawyers with one more public opportunity to make the false assertions after repeatedly losing in court. The hearing mimicked those held in some battleground states with local lawmakers, where Trump’s personal attorney Rudy Giuliani led some Republicans in airing their election grievances without any proof. Those hearings were held after consistent legal defeats. GOP Sen. Ron Johnson of Wisconsin, the committee chairman and one of Trump’s fiercest defenders, said his goal was to have a bipartisan hearing to examine the election. But he repeated Trump’s assertions without evidence and focused heavily on the claims being made by the president’s team. There was no testimony from state or local election officials who conducted extensive checks to ensure the accuracy of the election before certifying the results. Those officials have said there was no indication of any widespread fraud.

Full Article: Senate hearing elevates baseless claims of election fraud

National: ‘Conspiracy theories and lies’: Democrats cry foul as GOP airs unsupported election claims | Kyle Cheney/Politico

A Republican-led Senate panel provided a three-hour platform for allies of President Donald Trump to dispute the results of the 2020 election, with the hearing at one point devolving into a shouting match between the top Republican and Democrat on the committee. Throughout the partisan clash, Homeland Security and Governmental Affairs Committee Chair Ron Johnson argued the forum was simply to evaluate information, while Democrats like Gary Peters countered it was giving oxygen to conspiracy theories undermining U.S. democracy. GOP-called witnesses, including two Trump campaign lawyers described rampant fraud in Nevada, Wisconsin and Pennsylvania, some of which had been considered and scrapped in court, others of which had no basis. The one witness called by Democrats, the Trump administration’s former top election security official Christopher Krebs, served as a counterweight. He urged Americans to put baseless election disputes behind them and warned that false conspiracy claims had fueled violent threats to election officials — including himself. “I think we’re past the point where we need to be having conversations about the outcome of this election,” said Krebs, who ran the Cybersecurity and Infrastructure Security agency until Trump fired him last month. The attacks from Trump and his GOP allies on the election, he said, are “ultimately corrosive to the institutions that support elections.”

Full Article: ‘Conspiracy theories and lies’: Dems cry foul as GOP airs unsupported election claims – POLITICO

National: Senate GOP has accepted Biden’s win but continues to push misleading fraud claims | Karoun Demirjian/The Washington Post

Senate Republicans may be acknowledging President-elect Joe Biden’s victory over President Trump, but the politically charged fight over Trump’s fallacious claims about voter fraud rages on — and threatens to overshadow legitimate efforts to safeguard future elections. A Wednesday hearing of the Senate Homeland Security and Governmental Affairs Committee became a forum for Republicans, led by its departing chairman Sen. Ron Johnson (R-Wis.), to re-air Trump’s baseless case against the election results in swing states as the president cheered them on from a distance. Complaining that courts threw out Trump’s election lawsuits on mere “technicalities,” GOP senators and aligned witnesses warned that until their concerns were addressed, public trust in the security of the election process would not be restored. There is no evidence of significant or widespread voter fraud, as the president and his allies continue to insist. Trump’s own attorney general has made that clear while the courts overwhelmingly have dismissed his campaign’s unprecedented effort to overturn Biden’s victory. Across more than 50 cases, at least 88 judges — including 39 appointed or nominated by Republicans — have turned down Trump’s legal challenges in procedural rulings or decisions on their merits. Yet in the face of such resounding loss, the president and his most influential supporters remain undeterred, claiming fraud is a legitimate problem.

Full Article: Senate GOP has accepted Biden?s win but continues to push misleading fraud claims – The Washington Post

National: Russian hack reveals weaknesses in government cybersecurity protections | Joseph Marks/The Washington Post

Full Are: The Cybersecurity 202: Russian hack reveals weaknesses in government cybersecurity protections – The Washington Post

A major Russian breach is prompting fears the government’s cybersecurity protections have fallen dangerously behind. Lawmakers and experts are sounding alarms that billions of dollars’ worth of custom-made government cybersecurity systems aren’t equipped to spot the most nefarious Russian hacker activity. And they’re warning the government is poorly organized to respond to such breaches once they come to light. “This really reinforced the need to double down on our cyber defensive strategy,” Rep. Jim Langevin (D-R.I.), co-founder of the Congressional Cybersecurity Caucus, told me. The breach is highlighting how years of efforts to create state-of-the-art cybersecurity protections within government have nevertheless failed to keep out sophisticated Russian hackers who’ve also been improving their game. Notably, the government has fallen behind at keeping tabs on the vast supply chain of technology that runs its computer systems, making it more vulnerable to attacks such as the recent one, which began with Russian hackers breaking into the Texas software company SolarWinds. The hackers then sent corrupted updates to customers including the State, Treasury, Commerce and Homeland Security departments, and probably to many other government agencies and companies as well. “It’s going to take far too long for the executive branch to inventory precisely where Orion [the SolarWinds system] is deployed and utilized and that demonstrates the critical importance of supply chain security,” Langevin said.

National: Christopher Krebs tells GOP ‘move on’ from election fraud claims | Kristine Phillips/USA Today

Former election security chief Christopher Krebs said he has not seen anything that would change his opinion that the 2020 election was secure and urged Republicans to call out baseless claims of widespread voter fraud. “This is not the America I recognize. It’s got to stop. We need everyone across the leadership ranks to stand up,” Krebs said during a testimony Wednesday before the Senate Homeland Security and Governmental Affairs. “I would appreciate more support from my own party, the Republican Party, to call this stuff out and move on. … We have to move on.”Krebs also defended local and state election officials who have been the subject of threats and harassment for refusing to back claims of massive fraud. He singled out Georgia Secretary of State Brad Raffensperger and Gabriel Sterling, the state’s voting implementation manager. “These are Republicans that are putting country over party,” Krebs said. “They are being subjected to just horrific threats as a result.” Krebs, who presided over an elaborate election security effort by the Department of Homeland Security, was fired by President Donald Trump last month as part of a post-election purge of top national security officials. Krebs’ ouster follows the agency’s declaration that the general election was the most secure in U.S. history.

Full Article: Christopher Krebs tells GOP ‘move on’ from election fraud claims

National: Guess which states saw the most election disinformation in 2020 | Tate Ryan-Mosley/MIT Technology Review

On November 3, Tina Barton ran into a problem. It was Election Day in the US and Barton, a Republican, was city clerk for Rochester Hills, Michigan, a conservative-leaning community near Detroit. As her team was uploading voting results, a technical issue resulted in the double counting of some votes. The error wasn’t initially realized, but within 24 hours, it was noticed and reported to Oakland County officials. The voting data was quickly fixed, but by that time the entire country was looking at the state’s election results. The change was very public, and it generated a huge swell of misinformation. This was supercharged on November 6, when Ronna McDaniel, the chair of the Republican National Committee, flew to Oakland County and held a press conference. She claimed that 2,000 ballots had been counted as Republican before being “given” to Democrats in an accusation of election fraud. “If we are going to come out of this and say this was a fair and free election, what we are hearing from the city of Detroit is deeply troubling,” McDaniel said. Upset at how the situation was being misrepresented, Barton posted a video on Twitter refuting the claims. She’s been the Rochester Hills clerk for eight years, and when she spoke out against McDaniel, she knew she was putting her career on the line. In the video, which has since been deleted, Barton said, “I am disturbed that this is intentionally being mischaracterized to undermine the election process.” Her remarks went viral, and they were met with threats and anger. In an email to MIT Technology Review, Barton said that “since Ms. McDaniel’s press conference, I have received threatening voice mails and messages.” One caller claimed to be on the way to Michigan. Barton upgraded the security system of her home.

Full Article: Guess which states saw the most election disinformation in 2020 | MIT Technology Review

National: Former head of the Department of Homeland Security’s cybersecurity agency to testify as Senate GOP pursues alleged ‘irregularities’ / Allison Pecorin/ABC

Chris Krebs, the former head of the Department of Homeland Security’s cybersecurity agency — fired by President Donald Trump after stating there was no evidence of election fraud — is scheduled to testify Wednesday before a GOP-controlled Senate committee claiming it needs to keep investigating unfounded claims about the 2020 election. The hearing “Examining Irregularities in the 2020 Election” was announced by Senate Homeland Security and Governmental Affairs Chair Ron Johnson last week and immediately drew blowback from Democrats who argued that holding a committee challenging the election results would be damaging to democracy. The hearing will come just one day after Senate Majority Leader Mitch McConnell publicly stated for the first time that Joe Biden is the president-elect, with many Republicans falling in line behind him. Krebs, who came to public attention after Trump fired him via tweet for claiming that the November election was the “most secure in American history,” was called as a witness by the committee’s top Democrat, Sen. Gary Peters, D-Mich. “I am appalled by many of my colleagues’ choice to help spread the President’s lies and false narratives about the outcome of the 2020 election,” Peters said in a statement. “This isn’t simply another partisan political issue – repeating these falsehoods erodes the public’s trust in this fair and free election, lays the groundwork to weaken the public’s trust in future elections, emboldens our adversaries, and undermines our democracy and the peaceful transition of power.”

Full Article: Fired election security official to testify as Senate GOP pursues alleged ‘irregularities’ – ABC News

National: McConnell urges GOP senators not to object to Electoral College vote | Jordain Carney and Alexander Bolton/The Hill

Senate Majority Leader Mitch McConnell (R-Ky.) is urging Republicans not to object during Congress’s count and certification of the Electoral College vote next month. McConnell’s comments were made during a caucus call on Tuesday, according to two sources familiar with the call, and come as House Republicans are eyeing a challenge to the results on Jan. 6 during a joint session of Congress. A Republican senator who participated in the call said that McConnell, Senate Republican Whip John Thune (R-S.D.) and Senate Rules Committee Chairman Roy Blunt (R-Mo.) all urged colleagues not to object to states’ electoral votes when they are received on the House floor next month. McConnell warned that any GOP senator who signed onto a House Republican objection to a state’s electoral votes would then force the Senate to debate and vote on the objection, putting fellow GOP senators in a bad position. The GOP leader said an objection “isn’t in the best interest of everybody.” No Senate Republicans indicated during the call that they are currently planning to object.

Full Article: McConnell urges GOP senators not to object to Electoral College vote | TheHill

National: Some GOP-Led States Defy Trump to Push for Expanded Voter Access | Ryan Teague Beckwith/Bloomberg

Some Republican state officials are newly open to expanded voting options after such moves proved popular and the party’s down-ballot candidates won in a high-turnout election, despite President Donald Trump railing against the changes. Republican elections officials and state lawmakers in Kentucky, Missouri and Texas are considering changes that would either make vote-by-mail more accessible or increase early in-person voting. Any such moves would be going against the current in the Republican Party, where Trump’s baseless claims of fraud have spurred GOP state lawmakers in Georgia, Michigan and Pennsylvania to consider tightening requirements on mail-in ballots. Officials in Georgia have even filed suit to curtail the use of drop boxes for absentee ballots and add new layers of scrutiny to the signature-matching process before the Jan. 5 Senate run-off votes.

Full Article: Some GOP-Led States Defy Trump to Push for Expanded Voter Access – Bloomberg

National: The Wrong Hack – Trump has been conspicuously quiet about the SolarWinds hack. | Fred Kaplan/Slate

The attack penetrated at least five U.S. government agencies and 18,000 other users of the Orion network management system, manufactured by a privately traded company called SolarWinds. Those five agencies—the departments of State, Homeland Security, Commerce, and Treasury, and the National Institutes of Health—are the only ones so far identified as victims of the hack, though there may have been others. (Ironically, one mission of Homeland Security is to protect the nation from cyberattack. Jake Williams, principal consultant of Rendition InfoSec and a former official in the National Security Agency’s elite hacker unit, said Monday, in a YouTube video explaining the hack, that the system is used throughout the federal government, including the Defense Department, as well as many “heavy-hitter” private corporations—300,000 customers in all. “Who uses SolarWinds?” Williams asked. “A better question is ‘Who doesn’t use SolarWinds?’ ” One of the customers that the Russians hacked was FireEye, and here they went a hack too far. Analysts at FireEye, one of Silicon Valley’s leading cybersecurity firms, detected the intrusion, analyzed it, and—in an act of unusual transparency—publicized everything they could find out about it. The malware turns out to have been embedded in what appeared to be a software-update message from SolarWinds, sent through SolarWinds servers with a valid digital signature. This sort of attack—which is particularly pernicious because it makes users reluctant to download legitimate software updates—is known as a “software supply-chain attack.” This means the malware came not from any product made by SolarWinds but from a feature or component made by an outside source—a code, a digital library, or any number of other common suppliers—that the company used in making the product. Williams said software supply-chain attacks are “ridiculously hard” to detect or, once detected, to trace. Russian and Chinese intelligence have launched a few of them in recent years. “I suspect,” Williams said, “we are going to see a lot more of them.”

Full Article: Trump has been conspicuously quiet about the SolarWinds hack.

National: Trump took the nation in the wrong direction on cybersecurity, experts say | Joseph Marks/The Washington Post

President Trump took the nation in the wrong direction on cybersecurity, according to a solid majority of experts polled by The Cybersecurity 202. During four years in office, Trump failed to hold adversaries including Russia accountable for hacking U.S. targets, removed experienced cyber-defenders from their posts for petty reasons and undermined much of the good work being done on cybersecurity within federal agencies, according to 71 percent of respondents to The Network, a panel of more than 100 cybersecurity experts who participate in our ongoing informal survey. The survey concluded before news broke about probably the most significant breach of the Trump administration — a hack linked to the Russian Foreign Intelligence Service, or SVR, that infected at least five federal agencies — the Commerce, Treasury, Homeland Security and State departments as well as the National Institutes of Health — and probably several others, as well as foreign governments and companies across the globe. Yet, the respondents’ comments reflect widespread concern Trump is disinterested in the damage that hack has done to national security, unwilling to take Russia to task and preoccupied instead with his own efforts to sow baseless doubts about his election loss. “Much of the work done … [during the Trump administration] was weakened by a president who didn’t prioritize cyber-issues and who, in many cases, actively undercut any actions or messaging against our adversaries,” said Chris Painter, the State Department cyber-coordinator under President Obama who also served for several months under Trump until his post was eliminated.

Full Article: The Cybersecurity 202: Trump took the nation in the wrong direction on cybersecurity, experts say – The Washington Post

National: The U.S. government spent billions on a system for detecting hacks. The Russians outsmarted it. | Craig Timberg and Ellen Nakashima/The Washington Post

When Russian hackers first slipped their digital Trojan horses into federal government computer systems, probably sometime in the spring, they sat dormant for days, doing nothing but hiding. Then the malicious code sprang into action and began communicating with the outside world. At that moment — when the Russian malware began sending transmissions from federal servers to command-and-control computers operated by the hackers — an opportunity for detection arose, much as human spies behind enemy lines are particularly vulnerable when they radio home to report what they’ve found.Why then, when computer networks at the State Department and other federal agencies started signaling to Russian servers, did nobody in the U.S. government notice that something odd was afoot? Why then, when computer networks at the State Department and other federal agencies started signaling to Russian servers, did nobody in the U.S. government notice that something odd was afoot? The answer is part Russian skill, part federal government blind spot. The Russians, whose operation was discovered this month by a cybersecurity firm that they hacked, were good. After initiating the hacks by corrupting patches of widely used network monitoring software, the hackers hid well, wiped away their tracks and communicated through IP addresses in the United States rather than ones in, say, Moscow to minimize suspicions. The hackers also shrewdly used novel bits of malicious code that apparently evaded the U.S. government’s multibillion-dollar detection system, Einstein, which focuses on finding new uses of known malware and also detecting connections to parts of the Internet used in previous hacks. But Einstein, operated by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), was not equipped to find novel malware or Internet connections, despite a 2018 report from the Government Accountability Office suggesting that building such capability might be a wise investment. Some private cybersecurity firms do this type of “hunting” for suspicious communications — maybe an IP address to which a server has never before connected — but Einstein doesn’t.

Full Article: The U.S. government spent billions on a system for detecting hacks. The Russians outsmarted it. – The Washington Post

Michigan: Dominion’s C.E.O. defends his firm’s voting machines to Michigan lawmakers, denouncing a ‘reckless disinformation campaign.’ | Kathleen Gray/The New York Times

Source: Dominion’s C.E.O. defends his firm’s voting machines to Michigan lawmakers, denouncing a ‘reckless disinformation campaign.’ – The New York Times

A day after Michigan’s 16 electoral votes formally went to President-elect Joseph R. Biden Jr., a voting machine manufacturer told state senators that he stood by his company’s work, and shot down unfounded allegations that the results may have been manipulated. Dominion Voting Systems is the victim of “a dangerous and reckless disinformation campaign aimed at sowing doubt and confusion over the 2020 presidential election,” John Poulos, the company’s chief executive, told the State Senate Oversight Committee. The company has come under fire from supporters and lawyers for President Trump, who have claimed without evidence that the company’s voting machines switched votes from Mr. Trump to Mr. Biden. Mr. Poulos assured the committee that his company had no connections to House Speaker Nancy Pelosi, the former Democratic presidential nominee Hillary Clinton, or George Soros, the billionaire financier who is a subject of conspiracy theories on the right. “The comments about our company being started in Venezuela with Cuban money with the intent to steal elections are beyond bizarre and are complete lies,” Mr. Poulos added. “My company started in my basement, which happened to be in Toronto.”

Electoral College Vote Officially Affirms Biden’s Victory | Nick Corasaniti and Jim Rutenberg/The New York Times

It began at 10 a.m. in New Hampshire, where electors met in a statehouse chamber festooned with holiday decorations and gave their four votes to Joseph R. Biden Jr. By noon on Monday, the battleground states of Arizona, Georgia and Pennsylvania, ground zero for many of President Trump’s fruitless lawsuits, had backed Mr. Biden too. In New York, Bill and Hillary Clinton voted for Mr. Biden along with 27 other electors. And when California cast its 55 votes for Mr. Biden around 5:30 p.m. Eastern time, it pushed him past the threshold of 270 Electoral College votes needed to win the presidency, putting the official seal on his victory after weeks of efforts by Mr. Trump to use legal challenges and political pressure to overturn the results. With the Electoral College vote behind him, Mr. Biden called for unity while forcefully denouncing the president and his allies for their assault on the nation’s voting system. In an address in Wilmington, Del., on Monday night, he said the Republican efforts to get the Supreme Court to undo the result represented a “position so extreme we’ve never seen it before,” and called the attacks on election officials at the local level “unconscionable.” Mr. Biden said that “it is time to turn the page” on the election. Praising officials who stood up for the integrity of the system, he added: “It was honest, it was free and it was fair. They saw it with their own eyes. And they wouldn’t be bullied into saying anything different.” For all of the turmoil that Mr. Trump had stirred with his conspiracy theories, lawsuits and baseless claims of fraud, the Electoral College vote that sealed Mr. Biden’s victory was mostly a staid, formal affair, devoid of drama. As it always is.

Full Article: Electoral College Vote Officially Affirms Biden’s Victory – The New York Times

National: Electoral College makes it official: Biden won, Trump lost | Mark Sherman/Associated Press

The Electoral College decisively confirmed Joe Biden on Monday as the nation’s next president, ratifying his November victory in an authoritative state-by-state repudiation of President Donald Trump’s refusal to concede he had lost. The presidential electors gave Biden a solid majority of 306 electoral votes to Trump’s 232, the same margin that Trump bragged was a landslide when he won the White House four years ago. Heightened security was in place in some states as electors met to cast paper ballots, with masks, social distancing and other pandemic precautions the order of the day. The results will be sent to Washington and tallied in a Jan. 6 joint session of Congress over which Vice President Mike Pence will preside. For all Trump’s unsupported claims of fraud, there was little suspense and no change as every one of the electoral votes allocated to Biden and the president in last month’s popular vote went officially to each man. On Election Day, the Democrat topped the incumbent Republican by more than 7 million in the popular vote nationwide. California’s 55 electoral votes put Biden over the top. Vermont, with 3 votes, was the first state to report. Hawaii, with 4 votes, was the last.

Full Article: Electoral College makes it official: Biden won, Trump lost

National: Electoral college affirms Biden’s victory on a relatively calm day of a chaotic election | Elise Viebeck, Dan Simmons, Amy Worden and Omar Sofradzija/The Washington Post

President-elect Joe Biden achieved formal victory over President Trump on Monday, winning his 306 votes in the electoral college and advancing one more step toward inauguration even as die-hard Trump supporters redoubled their efforts to stop the normal transfer of power. Electors gathered in every state and the District of Columbia for a day-long series of votes that delivered no surprises for either Trump or Biden. The proceedings harked back to more typical presidential elections and stood in contrast with the unprecedented — though fruitless — six weeks of legal and procedural chaos triggered by Trump’s refusal to accept his loss. There were signs Monday that some of the president’s most ardent supporters would not abandon his cause, as groups of Republicans in six key battleground states held their own unofficial electoral-college-style votes for Trump. Though major protests did not materialize, threats of harassment and violence cast a shadow over elector meetings in several states.

Full Article: Electoral college affirms Biden’s victory on a relatively calm day of a chaotic election – The Washington Post

National: Election tech company Smartmatic demands retractions from Fox, Newsmax, OAN over conspiracy theories | Kevin Breuninger/CNBC

Smartmatic, the election technology company that has become embroiled in unfounded conspiracy theories about rigged voting in the 2020 presidential race, on Monday said it is issuing legal notices to three conservative media outlets demanding retractions “for publishing false and defamatory statements.” The Florida-based company has been targeted by President Donald Trump’s personal lawyer, Rudy Giuliani, who is leading the Trump campaign’s long-shot attempts to undo Joe Biden’s projected presidential victory. Smartmatic in a press release said its letters to Fox News, Newsmax and One America News Network make clear that the company “is reserving all its legal rights and remedies, including its right to pursue defamation and disparagement claims.” The legal notice to Fox, shared with CNBC, accuses the news outlet of engaging “in a concerted disinformation campaign against Smartmatic.” That 20-page letter cites dozens of claims, most of which were made on Fox’s air by Giuliani and attorney Sidney Powell, who was formerly affiliated with the campaign and has filed multiple unsuccessful lawsuits alleging fraud in key swing states won by Biden. The majority of those statements were delivered in mid-November on programs hosted by Maria Bartiromo or Lou Dobbs, both of whom are also accused of making their own defamatory claims about Smartmatic. Additionally, the letter includes references to statements made on a Fox program hosted by Jeanine Pirro, along with one statement made by Fox host Jesse Watters.

Source: Smartmatic demands retractions from Fox, Newsmax, OAN

National: There is not and has not been any credible evidence of significant fraud in the 2020 election | Philip Bump/The Washington Post

One of the most striking parts of Tim Alberta’s interviews of 20 Americans who did — and didn’t — vote in this year’s presidential election is how often they based their assumptions on untrue claims. “It seems a Republican for president always has to win by a large enough margin to overcome the widespread election fraud that Democrats seem so comfortable with and prone toward. He failed to do that,” an Illinois Trump voter said to Alberta in an email. “I thought it remarkable that what I regard as credible-sounding fraud allegations are getting so little attention.” Asked about the source of this claim, the voter pointed to articles from the right-wing website American Spectator. We have evaluated this claim over and over since the election, but it persists within the public imagination quite stubbornly. Given that the results of the election have moved past any serious point of contention with the votes of the presidential electors on Monday, it’s worth delineating as robustly as possible why the assertion that the contest was marred by fraud are meritless. It’s worth, in other words, trying to explain why skepticism of the result is often based on erroneous logic and bad information. At the outset, I’ll note that I fully recognize that this article will be treated with skepticism of its own simply because it originates at The Washington Post. There has been a lengthy effort to paint this publication as untrustworthy that predates President Trump’s time in office, just as there has been an effort to suggest that electoral results are subject to rampant fraud for much longer than the past four years. I just ask that any such skepticism be set aside for the moment, so that the evidence can be considered on its own merits.

Full Article: There is not and has not been any credible evidence of significant fraud in the 2020 election – The Washington Post

National: Suspected Russian hackers spied on U.S. Treasury emails – sources | Christopher Bing/Reuters