National: Acting intelligence chief will not brief lawmakers on election security despite expectation he was coming | Alex Marquardt and Zachary Cohen/CNN

Acting Director of National Intelligence Richard Grenell said late Monday he will not be briefing lawmakers on Tuesday about election security despite being expected on Capitol Hill by members of Congress to be on the panel of the country’s most senior national security officials. Grenell had been due to appear alongside the other senior officials in a pair of classified briefings to all members of the House and Senate. A list of top agency officials obtained by CNN from two congressional sources and a person familiar with the plans listed Grenell alongside National Security Agency Director Gen. Paul Nakasone, FBI Director Christopher Wray and others. As of late Monday night, the list and guidance circulated to Congress had not changed. However, Grenell and the Office of the Director of National Intelligence denied that he would be briefing. Grenell’s office would not explain why his name was on the list sent around by multiple congressional offices, and did not respond to requests for comment until after CNN reported Grenell was expected to appear. In a message, Grenell told CNN the expectation was “fake info” and said the intention was always to send “experts.”

National: U.S. Vote Foundation Calls on Congress to Mandate a Nationwide “No Excuse” Vote-by-Mail Option Across All States for 2020 Elections

U.S. Vote Foundation (US Vote) today called for the United States Congress to issue a requirement that all states remove any and all barriers to vote-by-mail/absentee ballot request across all states at all levels, federal, state and municipal, for all 2020 elections including primaries, special, runoff and general elections. “Ensuring voters can vote from home is a responsible and forward-thinking policy action that Congress should include in its response to the current public health situation,” said Michael Steele, Chairman of US Vote and its Overseas Vote initiative. “It is impossible for voters to predict whether they will be healthy and able to vote in-person. They should be assured they can vote safely with an absentee vote-by-mail ballot.” US Vote’s State Voting Methods and Options shows that while 32 states allow voters to request a ballot by mail without providing a reason, or what is commonly called an excuse for not going to the polls, there remains 19 states and 5 territories that do not. These include high population states like Texas and New York.

National: Coronavirus Likely Won’t Disrupt Upcoming Primaries, But Absentee Voting Could Surge | Martin Austermuhle/WAMU

Elections. They’re both a democratic necessity, and a health official’s worst nightmare. Candidates literally pressing the flesh, traveling from one site to another for weeks at a time shaking hands and kissing babies. And it’s all capped off by thousands of people all touching the same equipment while in a confined spaces. While there’s never really a good time for Coronavirus outbreak, the timing of U.S.’s small-yet-growing epidemic is particularly bad, falling right in the middle of primary season. While 18 states have already voted, more than two-dozen still have to — D.C. and Maryland included — and could face more challenging conditions if Coronavirus cases pick up steam. Maryland Gov. Larry Hogan declared a state of emergency this week after three Coronavirus cases were confirmed in Montgomery County. Some of those challenges were evident on Super Tuesday, when there were reports of poll workers in California and Texas not showing up to work over fears of contracting the virus. But in Virginia, which also voted on Tuesday, most election officials say there was no obvious impact on voter turnout and only slight accommodations had to be made.

National: ‘Internet of Things’ Could Be an Unseen Threat to Elections | Laura DeNardis/Goverment Technology

The app failure that led to a chaotic 2020 Iowa caucus was a reminder of how vulnerable the democratic process is to technological problems – even without any malicious outside intervention. Far more sophisticated foreign hacking continues to try to disrupt democracy, as a rare joint federal agency warning advised prior to Super Tuesday. Russia’s attempt to interfere in the 2016 election has already revealed how this could happen: social media disinformation, email hacking and probing of voter registration systems. The threats to the 2020 election may be even more insidious. As I explain in my new book, “The Internet in Everything: Freedom and Security in a World with No Off Switch,” election interference may well come through the vast constellation of always-on, always-connected cameras, thermostats, alarm systems and other physical objects collectively known as the “Internet of things.” The social and economic benefits of these devices are tremendous. But, in large part because the devices are not yet adequately secure, they also raise concerns for consumer safety, national security and privacy. And they create new vulnerabilities for democracy. It is not necessary to hack into voting systems themselves but merely co-opt Internet-connected objects to attack political information sites, stop people from voting, or exploit the intimate personal data these devices capture to manipulate voters.

National: How Joe Biden’s campaign is protecting itself from cyber attacks | Brian Fung/CNN

Top tech officials working for Joe Biden’s campaign aren’t taking any second chances following the 2016 hacking of the Democratic National Committee. The campaign is constantly trying to fend off email phishing attacks that could give hackers inside access to the campaign’s data, according to Dan Woods, the Biden campaign’s chief technology officer. “The most famous thing to come out of 2016 was phishing,” Woods said at an election security conference in Philadelphia on Thursday. “Besides misinformation and disinformation, phishing remains, without question, the biggest threat we face.” That acknowledgment reflects Democrats’ difficult lesson from the last presidential cycle, when Russian hackers targeted dozens of DNC addresses with legitimate-looking emails designed to entice unwitting staffers into compromising their own security. They also targeted Hillary Clinton’s campaign chairman, John Podesta, obtaining tens of thousands of emails that were later published by WikiLeaks.

National: Super Tuesday gives feds and states a test run for securing November vote | Sean Lyngaas/CyberScoop

Federal and state officials were up late Tuesday monitoring for threats from hackers and trolls to the biggest primary day of the 2020 election season. A watch floor at the Department of Homeland Security kept election administrators across the country plugged into threat data coming in from the intelligence community.  While there were some notable technical glitches in the voting process, nothing malicious came to pass. Bleary-eyed officials can go back to work Wednesday with a sigh of relief but also some lessons learned on how to protect the November presidential vote, which U.S. officials have repeatedly warned will draw foreign interference attempts. “We had well over 100 state and local officials in the room with us exchanging information with us throughout the day,” a senior official at the Department of Homeland Security’s cybersecurity division said on a 9 p.m. Eastern call with reporters.

National: Report: Russian social accounts sow election discord – again | Amanda Seitz and Barbara Ortutay/Associated Press

Four years after Russia-linked groups stoked divisions in the U.S. presidential election on social media platforms, a new report shows that Moscow’s campaign hasn’t let up and has become harder to detect. The report from University of Wisconsin-Madison professor Young Mie Kim found that Russia-linked social media accounts are posting about the same divisive issues — race relations, gun laws and immigration — as they did in 2016, when the Kremlin polluted American voters’ feeds with messages about the presidential election. Facebook has since removed the accounts. Since then, however, the Russians have grown better at imitating U.S. campaigns and political fan pages online, said Kim, who analyzed thousands of posts. She studied more than 5 million Facebook ads during the 2016 election, identifying Russia’s fingerprints on some of the messages through an ad-tracking app. Her review is co-published by the Brennan Center for Justice, a law and policy institute, where she is a scholar. The Russian improvements make it harder for voters and social media platforms to identify the foreign interference, Kim said. “For normal users, it is too subtle to discern the differences,” Kim said. “By mimicking domestic actors, with similar logos (and) similar names, they are trying to avoid verification.”

National: Here are the serious tech glitches that frustrated voters on Super Tuesday | Joseph Marks/The Washington Post

The scenario election officials feared – Russians hacking the vote – did not come to be on Super Tuesday. But the mega-primary day was bedeviled by a slew of serious technical glitches that frustrated voters. Voting machines shut down in Los Angeles. Network problems also forced California officials to hand out provisional ballots. In Minnesota and Texas, tools voters use to look up their polling locations were not functioning due to heavy web traffic. And there were robocalls spreading disinformation in Texas, which were reported for federal investigation. The problems underscored how such issues can sow as much distrust and chaos as a hacking campaign — especially if rumors are left to swirl. The government’s top cybersecurity officials spent much of the day assuring the public that technology was the culprit, not Russia. “To the extent we can put more information in the hands of voters to be more informed, resilient voters, we’ll have better outcomes,” a top official at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency said during a 9 p.m. call. “We’ll be able to get ahead of these more salacious claims that something might be happening and put appropriate information in the hands of the public.” The official, who spoke on the condition of anonymity to talk candidly with reporters, praised election officials for getting information about the tech problems rapidly to voters. “We’ll continue to shout that message up to November and afterward.”

National: There Is Shockingly Little Oversight of Private Companies That Create Voting Technologies | Alan Beard and Lawrence Norden/Slate

The Iowa caucuses debacle was a reminder of some of the most important principles in election security, among them that transparency in elections is important, paper ballot backups are crucial to ensuring an accurate count, voting should not take place on smartphone apps, and running elections should be left to professionals. But missing from the round-the-clock media coverage was another valuable lesson from Iowa: Private tech companies are central to our elections, and our failure to engage in real oversight of their practices leaves our elections vulnerable to breakdown and attack. The reporting in the aftermath of Iowa identified a 6-month-old private tech company called Shadow as the supplier of the failed app at the root of the mess. In an attempt to help precinct captains report out three separate sets of results, the Iowa Democratic Party had paid Shadow $60,000 to develop an app to convey the vote totals. Precincts would take and upload pictures of results, which would go to party headquarters. But on caucus day, the app failed, as did backup phone lines. This prompted many to ask how something as important as reporting vote totals in a presidential election could be left in the hands of a shoestring tech company. The follow-up question should have been: What are the controls on private vendors that sell the equipment and technology that run our elections?

National: Tornado, Virus Fears and Malfunctioning Machines Disrupt Super Tuesday Voting in Some States | Christina A. Cassidy and Adrian Sainz/Associated Press

Deadly tornadoes knocked out polling places in Tennessee, fears over the coronavirus left some precincts in California and Texas short of election workers, and overwhelmed voting systems led to long lines in Los Angeles as Super Tuesday sent voters surging to the polls in 14 states. Scattered reports of polling places opening late, machines malfunctioning or voter rolls being down temporarily disrupted voting in some of the states voting Tuesday, but there were no widespread reports of voters being unable to cast a ballot or security breaches. Just hours before polls were set to open in Tennessee, tornadoes tore through parts of the state, destroying at least 140 buildings and killing at least 22. With more than a dozen polling sites in Nashville’s Davidson County damaged, voters were sent to other locations, where some of them encountered long lines. The Tennessee Democratic Party and the presidential campaigns of Joe Biden, Mike Bloomberg, Bernie Sanders and Elizabeth Warren successfully sued Davidson County election officials and the secretary of state’s office to extend voting for three hours beyond the scheduled 7 p.m. closing time. In Texas, voting got off to a slow start in Travis County, home to Austin, because many election workers did not show up, with some citing fears of contracting the coronavirus, according to the county clerk’s office. The election office said it began implementing emergency procedures, with elections staff and other employees filling in as poll workers.

National: Bipartisan commission to make 75 recommendations to defend against cyberattacks | Maggie Miller/The Hill

A new report by a bipartisan commission will include at least 75 recommendations for Congress and the executive branch on how to defend the nation against cyberattacks, including bipartisan recommendations for defending elections. Members of the Cyberspace Solarium Commission, which includes lawmakers, federal officials and industry leaders, highlighted the group’s focus on election security during an event at the Center for Strategic and International Studies on Tuesday, previewing some of the recommendations that will be among those released March 11. Commission member former Rep. Patrick Murphy (D-Penn.) said the report — which marks a major effort to create a blueprint for federal action on cybersecurity going forward — was “biased towards action,” and was meant to spur change. “It’s not some report that is going to be in the Library of Congress that no one is going to look at again,” Murphy said. “There is going to be some legislative action, there are going to be some executive actions.” The report’s recommendations around election security will mark a rare bipartisan effort to address the issue following years of contention on Capitol Hill after Russian interference in the 2016 presidential election.

National: Top DHS official says no ‘malicious cyber activity’ seen on Super Tuesday | Maggie Miller/The Hill

A senior official at the Department of Homeland Security’s (DHS) cyber agency said Tuesday night that they had not seen any “malicious cyber activity” aimed at disrupting elections during primary voting in 14 states. “We don’t have any reports of any malicious cyber activity across the states today,” the senior official at the Cybersecurity and Infrastructure Security Agency (CISA) told reporters. The official noted that while there were some “sporadic” information technology (IT) issues, all the election systems were able to get “back up and running” with no issues due to targeting by hackers. One IT incident the official pointed to was in California, where the secretary of state’s website was briefly brought down by what the office tweeted was “higher than normal traffic” and not hacking activity.

National: Super Tuesday brings a supersized election security challenge | Eric Geller/Politico

Millions of voters across the country will cast ballots during Super Tuesday on old, insecure election equipment — even after nearly four years of handwringing and warnings about Russian election interference. The jurisdictions at risk include three of Tennessee’s biggest counties — Shelby, Knox and Rutherford — where the paperless voting machines at the polls will include devices with security flaws so alarming that voters tried suing to have the equipment removed from precincts. Dozens of small counties in Texas are also sticking with risky touchscreen machines that have no paper trail to help detect tampering or malfunctions. And in California, Los Angeles County is debuting new voting machines that have drawn scrutiny for security weaknesses, as well as their developer’s past alleged ties to the Venezuelan government. The news is better in other parts of the Super Tuesday map, as some counties and states have successfully replaced their old paperless voting equipment with more secure paper-based machines. But even some of this new technology presents vulnerabilities that hackers could exploit to tamper with the primaries. Other states holding primaries on Tuesday, including Massachusetts, Maine and Vermont, predominantly use the technology that most experts consider the most secure: paper ballots that voters fill out by hand.

National: Coronavirus And Super Tuesday Voting: It’s Touchy | Pam Fessler/NPR

Elections can be very tactile. Touchscreen voting machines, paper ballots, large crowds. With concern growing about the spread of the coronavirus, officials in a number of Super Tuesday states are taking extra precautions to assure voters that it’s safe to go to the polls. Millions of people are expected to cast ballots tomorrow in 14 states, including some where cases of the disease have already emerged. John Gardner, the assistant registrar of voters in Solano County, Calif. — where two health care workers tested positive for COVID-19 — says they’ve added an extra curbside location where people can drop off their completed ballots, “so voters don’t have to get out of their cars if they don’t want to.” Gardner says they have also sent out additional supplies of disinfectant wipes, hand sanitizer and gloves to every polling site in the county. Still, he’s seen no indication that the virus is discouraging either voters or pollworkers.

National: Some states encourage mail-in ballots as coronavirus worries grow | Alice Miranda Ollstein/Politico

Officials in some states with upcoming primaries are encouraging more people to avoid in-person polling sites amid heightened worries about the spread of coronavirus in the United States. Some are even increasing the opportunity for drive-by voting on Super Tuesday. California’s Solano County, the site of the country’s first identified case of the virus’ spread within the community, added new curbside sites where people can drop off their ballots without having to leave their cars. “If you can stay in your car to get service, lots of people want to take advantage of that even in a normal situation, but especially when they might be concerned about congregating in close proximity to a lot of other people,” said county election official John Gardner. Meanwhile, some election experts are urging states to relax their absentee voter policies in light of the new public health threat, though some state officials dismissed the idea of hastily rewriting election policies.

National: Officials fear coronavirus could be next front in election interference | Joseph Marks/The Washington Post

U.S. officials fear adversaries might weaponize public fears about coronavirus ahead of Super Tuesday to spread disinformation, amplify rumors and tamp down voter turnout. The concern comes as people test positive for the virus in numerous states, including California, Texas and Alabama – which are among the 14 states that will hold their Democratic primaries Tuesday. The virus, which has killed nearly 3,000 people worldwide, could offer a near-perfect test case for how operatives from Russia or elsewhere seeking to undermine confidence in the election could boost public fears to stop people from heading to the polls – maybe enough to swing a tight race or at least raise doubts in the results. It’s “one of a number of scenarios” of potential interference federal officials are monitoring, the Department of Homeland Security’s cybersecurity division chief Chris Krebs told Kevin Collier at NBC News. Krebs’s office declined to comment this weekend when I asked for more information about the possible response. “This is a new and obviously very scary virus, and misinformation can leverage off of that,” Peter Singer, a fellow at the New America think tank who has written extensively about information warfare, told me. “I would almost be surprised if we don’t see it.”

National: The most pervasive ballot design flaw you don’t notice | Lily Smith/Fast Company

Many will remember the infamously confusing Palm Beach County butterfly ballot, which led to 26,000 misvotes, a recount, and ultimately handed George W. Bush the presidency in 2000. Twenty years later, we have new ballot design problems to deal with—and there’s one you’ve probably never heard of. Most of the ballot design flaws detailed in a recent resource from the Brennan Center for Justice seem rather innocuous. But there’s one in that, if fixed, could reduce margin of error and thereby make the voting system overall more reflective of voters’ intent: ballot design that splits one contest into two columns on a bubble-style page. There are a few other permutations of this layout, and they all share one key flaw: They split up information that should be categorized together. The first contest on a ballot might fall below the ballot instructions in the first column, causing voters to miss it. A contest might be split into two columns because there’s a large number of candidates to consider—or, on an electronic voting system, there might be two contests on the same page.

National: The 2020 race could become the coronavirus election. Is America ready? | Matt Pearce/Los Angeles Times

It’s hard to run an election during a pandemic, let alone stay healthy. In 1918, as Spanish influenza wreaked havoc in one of the greatest health disasters in United States history, politicians were sidelined as bans on public gatherings made it impossible to hold campaign rallies. There was no vaccine for that virus, which killed hundreds of thousands of Americans, and the best officials could do was keep people away from each other to limit the microbe’s spread. Voters in that year’s midterm election headed to the polling booths in masks for fear that a simple act of civic participation could be deadly. And for good reason: In Wayne, Neb., officials lifted a public-gathering ban five days before the election, allowing a flurry of last-minute campaigning — which also coincided with a rise in deadly infections. Now, for the first time in a century, a U.S. election faces the unusual threat of being upended by a potential pandemic as a new coronavirus has shocked the global economy, tested President Trump’s administration and fueled Democratic attacks on both his leadership and the private healthcare system’s ability to protect all Americans.

National: Some election officials scrambling to address coronavirus concerns ahead of Super Tuesday | Kelly Cannon/ABC

With fears of the novel coronavirus spreading gripping Americans following the first death in the U.S. and just days before Super Tuesday — when voters in 14 states and one territory head to the polls — election officials in some areas are scrambling to assure voters and make sure disruptions are minimized. The Super Tuesday primaries — where nearly a third of delegates are up for grabs — are run at the state and local level, and currently, a uniform national response to voter disruptions does not exist. When asked about contingency plans, the communications director for the National Association of Secretaries of State said she’d “defer to states,” as each may administer its own “specific plans” for emergency preparedness. “Whether that’s a hurricane, power outage, et cetera,” Maria Benson told ABC News in a statement.

National: Coronavirus Is Already Making It Harder for Americans Living Abroad to Vote in the 2020 Primaries | Abigail Abrams/Time

Americans living in China and South Korea have been told that due to the coronavirus outbreak they won’t be able to vote in person for the Democratic presidential primary next month and should instead vote online. As more cases of COVID-19 appear around the world, Americans living countries such as Italy and Japan could soon see their ability to cast ballots affected, according to Democrats Abroad, the group that manages U.S. citizens voting overseas. While more than 82,000 cases of COVID-19 have been confirmed worldwide and hobbled global markets, the new restrictions mark the first example of the virus impacting the 2020 election. The development comes as the Centers for Disease Control and Prevention this week identified the first potential case of the virus spreading within a U.S. community and warned that cities, businesses and schools should prepare for a larger outbreak. It also comes just days before Super Tuesday, when 14 states will hold primaries and Democrats who live overseas begin casting their ballots.

National: States and Federal Government Must Help Local Cybersecurity Efforts | Daniel Castro/Government Technology

Cybersecurity continues to be a major challenge for state and local governments, and the issue will likely grow in importance in the coming year. First, they are popular targets. During the first half of 2019, nearly two-thirds of ransomware attacks targeted state and local governments. Second, they face a multitude of threats — data breaches, ransomware, phishing, malware and more — and they must be prepared to defend against all of them. For example, last year, government officials in Cabarrus County, N.C., fell victim to an online social engineering attack in which the scammer stole $1.7 million in taxpayer funds. Third, and perhaps most important, with continued growth in e-gov applications and smart city initiatives, state and local governments are collecting and storing more data than ever before. Securing this information will need to be a top priority. Unfortunately, many agencies simply aren’t up to the task. They don’t have the talent, training or resources to respond to the most advanced attacks. Nor is it necessarily reasonable to expect them to. They can outsource some of these security roles to the private sector, just as they do with other IT responsibilities, but they still must be accountable.

National: Election related websites outdated, exposed vulnerabilities | Jack Gillum/Pro Publica and Raleigh News & Observer

The Richmond, Va., website that tells people where to vote and publishes election results runs on a 17-year-old operating system. Software used by election-related sites in Johnston County, N.C., and the town of Barnstable, Mass., had reached its expiration date, making security updates no longer available. These aging systems reflect a larger problem: A ProPublica investigation found that at least 50 election-related websites in counties and towns voting on Super Tuesday — accounting for nearly 2 million voters — were particularly vulnerable to cyberattack. The sites, where people can find out how to register to vote, where to cast ballots and who won the election, had security issues such as outdated software, poor encryption and systems encumbered with unneeded computer programs. None of the localities contacted by ProPublica said that their sites had been disrupted by cyberattacks.

National: MIT Professor: Blockchain is good in itself, but not good for votes | Jonita Singh/Wink Report

Computer scientist Ronald Rivest has said that blockchain is not the right technology to vote, although it may find the right application in a number of other areas. Rivest gave his opinion at the RSA Security Conference, held earlier this week in San Francisco, reported technology-focused news broadcast ITWire on February. 28. Rivest – who is a cryptography expert and professor at the Massachusetts Institute of Technology – called voices an interesting problem that requires a stricter approach compared to many existing security applications. He said:

“Blockchain is the wrong security technology to vote. I like to bring a combination lock to a kitchen fire or something. It is good for certain things in itself, but it is not good to vote. “

National: DHS Rolls Out ‘Tabletop in a Box’ Election Cybersecurity Tool | Phil Goldstein/StateTech Magazine

With the 2020 election primary season fully underway, state and local election officials are ramping up their cybersecurity efforts to counter malicious threats. They are also getting support from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. Several weeks ago, CISA released a 58-page guide, its “Elections Cyber Tabletop Exercise Package,” which it calls a “tabletop in a box.” The guide is designed to allow state and local officials to conduct election security drills simulating phishing and ransomware attacks, corrupted voter registration information, disinformation campaigns and attacks on voting equipment. As StateScoop reports, such tabletop exercises, “are designed to give secretaries of state, election directors, IT leaders and other officials a war game-like environment simulating the threats posed by foreign governments and other adversaries that might try to disrupt a real election.” Tabletop exercises can be used to “enhance general awareness, validate plans and procedures, rehearse concepts, and/or assess the types of systems needed to guide the prevention of, protection from, mitigation of, response to, and recovery from a defined incident,” the guide states.

National: #RSAC: Election Security Beyond the Ballot Box | Sean Michael Kerner/Infosecurity Magazine

There has been a lot written in recent years about election security and ensuring the integrity of voting systems. While voting machines are important, so too are non-voting election technologies, which was the topic of a session at the RSA Conference in San Francisco. Aaron Wilson, Senior Director of Election Security at the Center for Internet Security (CIS), explained that non-voting election systems include things that support elections. Those systems include electronic poll books, election night reporting systems, voter registration systems, and electronic ballot delivery. “There is a lot to that attack surface, but there are not a lot of standards and regulations,” Wilson said. The Center for Internet Security has developed a guide to help secure those non-voting election systems that has 160 best practices to help reduce risk and improve confidence. The overall goal, according to Wilson, isn’t necessarily that every election official will do all the steps, but rather they will have a guide that provides questions to ask vendors and IT staff.

National: New Intelligence Chief Asks Election Czar to Remain in Post | Julian E. Barnes/The New York Times

The new acting director of national intelligence, Richard Grenell, has asked an intelligence official who angered some lawmakers with a briefing about Russian interference in the 2020 election to stay on in her role. Mr. Grenell’s move is a peace offering to the 17 intelligence agencies he oversees and a potential sign that he will not be conducting a widespread purge, as some administration officials have feared. Mr. Grenell, a Trump loyalist who has little experience in intelligence, removed the No. 2 official in his office in his first day on the job last week. Whether Mr. Grenell, appointed to the post last week by President Trump, can win over members of Congress and the intelligence community will depend in part whether he can convince them that he will focus on protecting the elections from outside interference. Some administration officials feared that the official who briefed the lawmakers, Shelby Pierson, would be removed as well. As the intelligence community’s top election security official since last year, she was subjected to withering criticism after her briefing to a classified hearing of the House Intelligence Committee on Feb. 13 touched off a fierce partisan debate over the nature of Russia’s interference in the 2020 election.

National: Christopher Krebs – the ‘accidental director’ on the front line of the fight for election security | Maggie Miller/The Hill

Christopher Krebs, the first director of the Cybersecurity and Infrastructure Security Agency (CISA), is zeroing in on elections ahead of November. CISA was created out of the former National Protection and Programs Directorate (NPPD) and signed into law by President Trump in late 2018. It is one of the primary federal agencies tasked with assisting state and local officials in bolstering election security. “I spend at this point 40 to 50 percent of my time on election security issues,” Krebs told The Hill during an interview at CISA headquarters this month. “A top priority for us right now is protecting 2020.” During the 2018 midterm elections, CISA hosted a situational awareness room on Election Day to continuously monitor threats across the country and worked closely with regional officials to address cyber vulnerabilities. Krebs said he saw getting through the midterms “unscathed” as part of his legacy as the first director of CISA, the newest agency in the Department of Homeland Security (DHS). “I’m not looking at 2020 as a metric or some sort of legacy mark, but what I want my legacy to be — and I hope to be here for longer — is that CISA is a meaningful player in the national and international stage,” Krebs said.

National: Dueling Narratives Emerge From Muddied Account of Russia’s 2020 Interference | David E. Sanger/The New York Times

As accusations swirled Sunday about Russia’s efforts to interfere with the 2020 election, President Trump’s national security adviser and former Vice President Joseph R. Biden Jr. could not agree on what Moscow is, or is not, doing. Their disagreement came as intelligence officials disputed reports that emerged last week about a briefing of the House Intelligence Committee. The officials now maintain that the House members either misheard or misinterpreted a key part of the briefing, and that the Office of the Director of National Intelligence did not mean to say that it believes the Russians are currently intervening in the election explicitly to help President Trump. They do believe that Russia is intervening in the election, and that Moscow prefers Mr. Trump, a deal maker it knows well. But at least for now, those two objectives may not be linked. The differing interpretations only made it easier for the Trump administration and Democrats to put forward their own version of what the Russians are doing. As the national security adviser, Robert C. O’Brien, defended Mr. Trump and intimated that the Russians favored the Democratic presidential front-runner, Senator Bernie Sanders, Mr. Biden blamed the president and other Republicans for allowing Russia to continue to interfere in the election.

National: Ransomware top of mind for DHS cyber chief | Derek B. Johnson/FCW

The Department of Homeland Security’s cyber chief said his organization is trying to do more to address ransomware and other digital threats that directly touch the lives of citizens. Speaking at the RSA Conference in San Francisco, Cybersecurity and Infrastructure Security Agency Director Christopher Krebs said his agency has stepped up efforts to proactively reach out to federal agencies, local governments, businesses and critical infrastructure managers about how to prepare and what to do if their data is encrypted and held ransom by criminals or state-aligned hacking groups. “For years and years and years, particularly in the federal government, we’ve been focused on the nation-state adversary, the highly capable, the big four: Russia, China, Iran [and] North Korea,” he said. “I think we’ve been a little bit late to the game on ransomware,” he said, adding, it’s what average Americans see “in their schools, their hospitals and their municipal agencies.” Krebs described CISA’s role as that of a middleman uniquely positioned to canvass all the major stakeholders in the cybersecurity ecosystem and “facilitate a knowledge transfer from the haves to the have-nots.” CISA can leverage the collective financial and human capital resources of the big fish — like major banks — and push that knowledge and awareness down the chain to the broader cybersecurity ecosystem.

National: Americans should not be confident about security of 2020 election, experts say | Joseph Marks/The Washington Post

Americans should not be confident about the security of the 2020 election, according to a slim majority of experts surveyed by The Cybersecurity 202. The assessment from 57 percent of The Network, a panel of more than 100 cybersecurity experts who participate in our ongoing informal survey, puts a serious damper on the years-long push by federal, state and local government officials and political parties to bolster election security since a Russian hacking and influence operation upended the 2016 contest. “There are no signs that any part of our institutions are capable of providing an election that is reasonably secure from tampering and manipulation,” said Dave Aitel, a former NSA computer scientist who is now CEO of the cybersecurity company Immunity. “Every part of the voting process is vulnerable. This includes the voter registration process, the voting itself, the vote tabulation, and the results-reporting system,” said Bruce Schneier, fellow and lecturer at the Harvard Kennedy School of Government. Cindy Cohn, executive director of the Electronic Frontier Foundation, called for “more serious security measures for voting, from registration through to reporting the results back to the central voting authority.”