National: Americans may vote in 2020 using old, unsecured machines | Gopal Ratnam/Roll Call

The first primary in the 2020 presidential race is a little more than 250 days away, but lawmakers and experts worry that elections will be held on voting machines that are woefully outdated and that any tampering by adversaries could lead to disputed results. Although states want to upgrade their voting systems, they don’t have the money to do so, election officials told lawmakers last week. Overhauling the nation’s election systems would mean injecting as much as $1 billion in federal grants that would then be supplemented by states, but top Senate Republicans have said they are unlikely to take up any election security bills or give more money to the states. The deadlock could mean that even as federal government and private companies spend tens of billions of cybersecurity dollars annually to protect their computers and networks from attacks, the cornerstone of American democracy could remain vulnerable in the upcoming elections.

National: EAC rattles the cup on Capitol Hill | Derek B. Johnson/FCW

For the first time in nearly a decade, the Election Assistance Commission has a full slate of commissioners in place. Now, with the agency sitting at the center of several key election security debates, they’re asking Congress to make their budget whole too. At a May 15 Senate Rules Committee hearing, Christy McCormick, who chairs the EAC, said the commission is at “a critical crossroads with regard to having sufficient resources necessary to better support state and local election administrators and the voters they serve” and asked members of Congress for more funding. “With additional resources, the EAC would have the opportunity to fund additional election security activities within its election technology program,” said McCormick. There is no shortage of ambition at EAC when it comes to supporting this work, but there is a stark shortage of funds for such activities.”

National: EAC hires 2 tech experts for testing and certification program | Sean Lyngaas/CyberScoop

The U.S. Election Assistance Commission has added two experienced hands to its voting system certification program amid concerns it had a shortage of technical experts overseeing election infrastructure. The agency is staffing up its crucial certification program by hiring Jessica Bowers, a former executive at Dominion Voting Systems, one of the country’s three largest voting system vendors, and Paul Aumayr, a former Maryland election official. Both new hires will work as senior election technology specialists. In an email announcement to staff obtained by CyberScoop, EAC Executive Director Brian Newby touted Bowers and Aumayr’s technical acumen. Bowers has “over 18 years of software development and product support experience,” while Aumayr is a “Microsoft-certified systems engineer,” Newby wrote.

National: Here’s how the military’s hacking arm is gearing up to protect the 2020 election |The Washington Post

Russia viewed the midterm elections as a “warm-up” for 2020. The U.S. military’s hacking division is treating it that way, too. In the run-up to the presidential election, U.S. Cyber Command is surging election defense efforts that proved useful during the midterms, officials told reporters Tuesday — including probing allies’ computer networks to glean insights about Russian threats. Cybercom is also working more closely with election defense teams at the Department of Homeland Security and the FBI, and with industry sectors that are targeted by Kremlin hackers and might have early warnings about threats facing the election, my colleague Ellen Nakashima reported from that briefing. “Our goal is to have no interference in our elections,” said Maj. Gen. Tim Haugh, who heads the command’s cyber national mission force. “Ideally, no foreign actor is going to target our electoral process.” Cybercom is the only outfit among the myriad federal state and local government agencies tasked with protecting the 2020 election that is allowed to punch back against Russian hackers — and it’s using its new authorities granted during the Trump administration to be more aggressive in cyberspace.

National: Congress focuses on money and staffing in election security | Derek B. Johnson/FCW

The Election Assistance Commission and the Cybersecurity and Infrastructure Security Agency were sharply questioned in hearings this week by lawmakers about human resource decisions. The EAC has just a small handful of employees dedicated to testing and certification of voting machines, and the acting director of testing and certification stepped down earlier this month. While the agency quickly hired a new director and has worked to bring on more personnel, there’s concern that EAC staff could be under-resourced heading into the 2020 election cycle and beyond. The agency had nearly 50 full-time employees and a budget of $17 million budget in 2009. Today they have a headcount in the low twenties and a budget of $10 million despite an expanded role in election cybersecurity. Chair Christy McCormick and other commissioners were questioned over a host of perceived staffing and management failures at a May 21 House Administration committee hearing.

National: Foreign election hacking inevitable, say US officials | Eric Tucker and Colleen Long/Associated Press

The hacking of U.S. election systems, including by foreign adversaries, is inevitable, and the real challenge is ensuring the country is resilient enough to withstand catastrophic problems from cyber breaches, government officials said Wednesday. The comments by representatives from the departments of Justice and Homeland Security underscored the challenges for federal and state governments in trying to ward off interference from Russia and other countries in the 2020 election. Special counsel Robert Mueller has documented a sweeping effort by Moscow to meddle in the 2016 election in Donald Trump’s favor by hacking Democrats and spreading disinformation online, and FBI Director Chris Wray said in April that the government regarded last November’s midterm election was “as just kind of a dress rehearsal for the big show in 2020.”

National: Report: U.S. political parties need to shore up cyber | Derek B. Johnson/FCW

Three years after the 2016 election, major political parties in the U.S. are still displaying sloppy digital security practices, according to a report from Security Scorecard. In new research released May 21, the company found vulnerabilities for the public facing, internet-connected digital assets of two major political parties. The Green Party and the Libertarian Party websites also displayed weaknesses. Vulnerabilities range from smaller sins like serving expired security certificates and sending unencrypted data to larger ones like leaking personally identifiable information and failing to put in place anti-spoofing protocols. In one case, an unnamed U.S. party was caught leaking data from a voting validation application containing the names, dates of birth and addresses of voters to the internet.

National: The vote-by-phone tech trend is scaring the life out of security experts | Eric Halper/Los Angeles Times

With their playbook for pushing government boundaries as a guide, some Silicon Valley investors are nudging election officials toward an innovation that prominent coders and cryptographers warn is downright dangerous for democracy. Voting by phone could be coming soon to an election near you. As seasoned disruptors of the status quo, tech pioneers have proven persuasive in selling the idea, even as the National Academies of Science, Engineering and Medicine specifically warn against any such experiment. The fight over mobile voting pits technologists who warn about the risks of entrusting voting to apps and cellphones against others who see internet voting as the only hope for getting most Americans to consistently participate on election day. “There are so many things that could go wrong,” said Marian Schneider, president of Verified Voting, a coalition of computer scientists and government transparency advocates pushing for more-secure elections. “It is an odd time for this to be gaining momentum.”

National: In Congressional Hearing, Election Officials Appear United Yet Divided on Security | Graham Vyse/Governing

Jocelyn Benson and John Merrill are a political odd couple. She’s a Michigan Democrat who backed Hillary Clinton, and he’s a Donald Trump supporter who represents Alabama. But both are secretaries of state, and when they testified side-by-side before Congress on Wednesday — she in a blue dress and he in a red tie — they repeatedly insisted they were friends ready to work together to strengthen the nation’s voting system. Benson and Merrill called on the federal government to provide more funding and resources for states and localities to address the issue. This weekend, they’re leading 18 other secretaries of state on a voting-rights history tour of Alabama with the hope of inspiring further bipartisan collaboration. “It’s the first time in our country’s history where you’ve got the chief election officers collectively, Democrats and Republicans, going to Selma to walk across the Edmund Pettus Bridge together,” Benson told Governing. The question is whether the secretaries can bridge enough of their differences to unite around federal legislation to improve election security. Benson and Merrill appeared alongside cybersecurity experts before the U.S. Committee on House Administration this week, more than two years after Russia’s cyberattack on American election systems during the 2016 presidential campaign.

National: After Russian Election Interference, Americans Are Losing Faith in Elections | Susan Milligan/US News

As lawmakers, state elections officials and social media executives work to limit intervention in the 2020 elections by Russia and other foreign operatives, an unsettling truth is emerging. Vladimir Putin may already be succeeding. The troubling disclosures of Russian meddling in the 2016 campaign – “sweeping and systematic,” special counsel Robert Mueller concluded in his report on the matter – have policymakers on guard for what intelligence officials say is a continuing campaign by Russia to influence American elections. But even if voting machines in all jurisdictions are secured against hacking and social media sites are scrubbed of fake stories posted by Russian bots, the damage may already have been done, experts warn, as Americans’ faith in the credibility of the nation’s elections falters.

National: House Democrats reintroduce bill to protect elections from cyberattacks | Maggie Miller/The Hill

House Democratic chairmen on Friday reintroduced a bill to protect U.S. election systems against cyberattacks, including requiring President Trump to produce a “national strategy for protecting democratic institutions.” The Election Security Act is aimed at reducing risks posed by cyberattacks by foreign entities or other actors against U.S. election systems. The national strategy from President Trump would “protect against cyber attacks, influence operations, disinformation campaigns, and other activities that could undermine the security and integrity of United States democratic institutions.”

National: House Administration Committee to make election security a 'primary focus' | TRegina Zilbermintshe Hill

The secretaries of state of Michigan and Alabama went before the House Administration Committee Wednesday to advocate for more federal resources to secure election systems against cyber attacks and committee leaders vowed to make the issue a “primary focus.” “Federal action is needed now to grasp the scope of the problem and to innovate concrete solutions that can be implemented before the next federal election cycle in 2020,” House Administration Committee Chairwoman Zoe Lofgren (D-Calif.) said at the hearing on election security. 

National: Election commission names new lead for testing and certifying voting systems | Sean Lyngaas/CyberScoop

The federal Election Assistance Commission has appointed Jerome Lovato, a former Colorado state election official, as head of the commission’s program for testing and certifying voting systems, according to a commission email obtained by CyberScoop. Lovato replaces Ryan Macias, who was filling the role in an acting capacity and will step down this month. The crucial EAC program works with the country’s top voting equipment vendors to certify and decertify voting system hardware and software. 

National: Microsoft offers software tools to secure elections | Associated Press

Microsoft has announced an ambitious effort to make voting secure, verifiable and subject to reliable audits by registering ballots in encrypted form so they can be accurately and independently tracked long after they are cast. Two of the three top U.S elections vendors have expressed interest in potentially incorporating the open-source software into their voting systems. The software is being developed with Galois, an Oregon-based company separately creating a secure voting system prototype under contract with the Pentagon’s advanced research agency, DARPA. Dubbed “ElectionGuard,” it will be available this summer, Microsoft says, with early prototypes ready to pilot for next year’s U.S. general elections. CEO Satya Nadella announced the initiative Monday at a developer’s conference in Seattle, saying the software development kit would help “modernize all of the election infrastructure everywhere in the world.” Three little-known U.S. companies control about 90 percent of the market for election equipment, but have long faced criticism for poor security, antiquated technology and insufficient transparency around their proprietary, black-box voting systems. Open-source software is inherently more secure because the underlying code is easily scrutinized by outside experts but has been shunned by the dominant vendors whose customers — the nation’s 10,000 election jurisdictions — are mostly strapped for cash. None offered bids when Travis County, Texas, home to Austin, sought to build a system with the “end-to-end” verification attributes that ElectionGuard promises to deliver. Two of the leading vendors, Election Systems & Software of Omaha, Nebraska, and Hart InterCivic of Austin, Texas, both expressed interest in partnering with Microsoft for ElectionGuard. A spokeswoman for a third vendor, Dominion Voting Systems of Denver, said the company looks forward to “learning more” about the initiative.

National: Democrats focus on election security, voting rights | McClatchy

Democratic leaders are launching a more aggressive push this month that could widen their probe of possible voter suppression into states other than those now under scrutiny, seeking to make it particularly less difficult for minority voters, who tend to vote Democratic, to go to the polls. House Oversight Committee Chairman Elijah Cummings told McClatchy he wants to “make sure we spend significant effort and time, perhaps even looking at even more states and seeing what they’re doing and shining a light on what they may be doing illegally or improperly to stop or hinder people from voting and having those votes counted.” Cummings was already planning to look at possible voter suppression in North Carolina, Georgia, Texas and Kansas. The Maryland Democrat did not name additional states. At the same time, congressional Democrats are stepping up pressure on Republicans to address election security lapses to prevent a repeat of Russian meddling in the 2016 election. The Russian interference, combined with allegations of voter suppression, erode confidence in the electoral system, Democrats argue, and if both are not addressed, voters could be discouraged from participating in the 2020 election. “This is my worry, that we have done very little now to correct the threat of Russian interference with our electoral system,” Cummings said, “which means that it might be that the only way this whole situation that we’re in is corrected is through the ballot, with people voting.”

National: U.S. Cyber Command Bolsters Allied Defenses to Impose Cost on Moscow | The New York Times

American officials are pushing ahead on efforts with allied nations to counter Russia’s interference in democratic elections and other malign activities, military cybercommanders said on Tuesday, an effort intended to allow the United States to better observe and counter Moscow’s newest cyberweapons. American officials deployed last year to Ukraine, Macedonia and Montenegro, and United States Cyber Command officials said that their missions included defending elections and uncovering information about Russia’s newest abilities. Cyber Command will continue some of those partnerships and expand its work to other countries under attack from Russia, officials said Tuesday. The deployments, officials said, are meant to impose costs on Moscow, to make Russia’s attempts to mount online operations in Europe and elsewhere more difficult and to potentially bog down Moscow’s operatives and degrade their ability to interfere in American elections. “We recognize and understand the importance of being in constant contact with the enemy in this space, especially below the level of armed conflict, so we can defend ourselves and we can impose costs,” Maj. Gen. Charles L. Moore, the director of operations for Cyber Command, said Tuesday. “That is it in a nutshell.” With new authorities from the White House, as well as congressional legislation that declared online operations a traditional military activity, Cyber Command stepped up its election defenses last year, allowing commanders to develop a strategy to engage American adversaries.

National: Can open source help safeguard elections? | FCW

Lawmakers and policy experts are demonstrating increased interest in open source technology as a means to solving longstanding challenges and road blocks around election security. State and local governments rely on proprietary software and hardware from a small handful of private vendors to power their voting machines, voter registration systems and other technologies. Those vendors have historically been reluctant or unwilling to allow third-party audits of their products, and when outside researchers have gotten their hands on voting machines or probed commonly used software like voter registration systems, they’ve found extensive and worrying cybersecurity vulnerabilities in nearly every model. That reluctance has led to a number of projects that have sprouted up over the past year from organizations aiming to disrupt the status quo. One such organization, Voting Works, was created last year in partnership with the non-profit Center for Democracy and Technology and seeks to build “secure, usable, affordable and open-source voting machines” that will help to restore trust in the modern election system.

National: Limiting the cyber threat to elections infrastructure | GCN

Voter confidence in the integrity of elections is critical to a vibrant democracy. Recent cyberattacks by foreign state actors accompanied by disinformation campaigns aimed at U.S. voters have contributed to an erosion in the public’s trust of electoral results. But there’s another set of issues just as concerning: persistent, preventable “seams” or vulnerabilities in election system tools, processes and guidelines. E-voting machines are among the most prominent business technology solutions of the 21st century, yet they remain vulnerable to physical and data tampering and weaknesses in the chain of custody. In a 2012 study, the Argonne National Laboratory’s vulnerability assessment team discovered that attackers could exploit the integrity of an e-voting machine chassis with relative ease regardless of tamper-evident seals or locks. Data stored on e-voting machines was not encrypted, leaving it susceptible to interception, modification or deletion by an attacker. In the Argonne study, white-hat hackers used after-market wireless card adapters to intercept and alter communications exchanged between e-voting machines and the elections network infrastructure. The study concluded that successful tampering with just one in three voting machines is enough to change the outcome of an election.

National: What’s Russia still doing to interfere with U.S. politics — and what’s the U.S. doing about it? | The Washington Post

President Trump and Russian President Vladimir Putin spoke by phone Friday morning, covering, according to both sides, a wide range of issues. Included among them, according to a subsequent tweet from Trump, was the “Russian hoax” — apparently a reference to the recently concluded investigation into Russian interference in the 2016 election. It’s a bit uncertain, though: Trump regularly referred to the investigation as a hoax but has also repeatedly claimed that the idea that Russia interfered at all was questionable. The probe led by special counsel Robert S. Mueller III left little doubt about Russia’s role. Mueller obtained indictments against two dozen Russians for the two-pronged effort to steal and publish material from Democratic sources and to foster political divisions through events and on social media. Trump has long argued that the source of the hacking in particular was unknowable, reiterating shorthand allusions to his skepticism as recently as February.

TRUMP on whether he discussed election meddling with PUTIN:
“We discussed it. He actually sort of smiled when he said something to the effect that it started off as a mountain and it ended up being a mouse, but he knew that because he knew there was no collusion, whatsoever.” pic.twitter.com/qlEaWP6Eqy— JM Rieger (@RiegerReport) May 3, 2019

In an interview with Fox News on Thursday, Trump was asked whether he had spoken to Putin about Russia’s efforts to interfere in U.S. politics, an effort that Attorney General William P. Barr said in Senate testimony this week was ongoing. “I don’t think I’ve spoken to him about the 2020, but I certainly have told him you can’t do what you’re doing,” Trump said. “And I don’t believe they will be.”

National: Sen. Klobuchar on Russian interference: Trump ‘makes it worse by calling it a hoax’ | The Washington Post

Sen. Amy Klobuchar (D-Minn.) on Sunday sharply criticized President Trump’s response to Russian interference in U.S. elections, saying that the president “makes it worse by calling it a hoax.” Trump had a lengthy phone call with Russian President Vladi­mir Putin on Friday. After being repeatedly asked by reporters whether he raised the issue of election interference or warned Putin not to do it again, Trump eventually acknowledged the issue, saying, “We didn’t discuss that.” Klobuchar, who is running for the 2020 Democratic presidential nomination, said Sunday that there is “ample evidence” that Trump is not concerned about the possibility that Russia may try to interfere in the next election. She accused Trump of dismissing the seriousness of the issue. “This was actually an invasion of our democracy, okay?” Klobuchar said on CNN’s “State of the Union.” U.S. national security officials have been preparing for Russian interference in 2020 by tracking cyberthreats, sharing intelligence about foreign disinformation efforts with social media companies and helping state election officials protect their systems against foreign manipulation. But Trump has repeatedly rebuffed warnings from senior aides about Russia and sought to play down the country’s potential to influence American politics.

National: Trips To Vegas And Chocolate-Covered Pretzels: Election Vendors Come Under Scrutiny | NPR

It is likely to be a banner year for the voting equipment industry with state and local election offices planning to spend hundreds of millions of dollars on new machines ahead of the 2020 election. This year’s purchases will probably amount to the biggest buying wave since right after the 2000 presidential election, when officials rushed to replace discredited punch card machines with touchscreen voting equipment. Those machines are rapidly aging and are being replaced with machines that leave a paper backup as a result of security concerns about purely electronic voting. The voting equipment purchases come at a time of increased scrutiny over the security and integrity of elections following Russia’s efforts to interfere in the 2016 election. Some states, such as Georgia, South Carolina and Delaware, are replacing all of their voting machines, while several other states, including California, Ohio and Pennsylvania, are replacing much of their equipment. About one quarter of voters live in the states doing most of the buying. The buying spree has also put a focus on the close ties between vendors and the government officials who buy their equipment. Advocacy groups and some politicians allege that vendors have unduly influenced the procurement process in many places, something the companies and election officials deny.

National: CISA wants more funding for critical infrastructure activities | FCW

The head of the federal government’s top civilian cybersecurity agency told two House panels this week that he would prioritize increased technical assistance to critical infrastructure entities if provided with additional funding in the fiscal 2020 budget. Christopher Krebs, director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, pointed to the substantial investment Congress has made to CISA’s budget for election security operations over the past few years as a model for how the agency would like to deploy additional resources to other critical infrastructure sectors. “Congress has invested in my agency to date, close to $60 million, purely related to election security,” Krebs said at an April 30 hearing with the House Homeland Security Cybersecurity, Infrastructure Protection and Innovation Subcommittee. “Outside of federal networks, I don’t think I have another critical infrastructure sector that Congress has invested specifically to that level.” CISA provides a variety of services to the 16 critical infrastructure sectors it serves, from sharing of cyber threat intelligence to in-depth vulnerability scans. The agency has also indicated in recent months that it has plans to begin installing technical sensors around critical infrastructure systems to detect malicious activity, similar to the Albert sensors it has deployed around election and voting systems.

National: Election security push stumbles amid White House resistance | Politico

Senate Democrats and Republicans can agree on perhaps just one thing about special counsel Robert Mueller’s investigation — that Russia interfered in the 2016 presidential election. But bipartisan legislation to address foreign intrusions is all but dead amid a distinct lack of enthusiasm from Senate GOP leadership and the Trump White House. At a heated hearing with Attorney General William Barr on Wednesday, Sen. Amy Klobuchar (D-Minn.) blasted the White House for blocking the election security bill she co-sponsored with Sen. James Lankford (R-Okla.) in the previous Congress. And in an interview, Klobuchar put the blame for the impasse squarely on President Donald Trump’s former White House counsel Don McGahn as well as Senate Majority Leader Mitch McConnell. “It was Don McGahn,” Klobuchar said Wednesday. “He called Republicans about the bill, didn’t want them to do it. And McConnell also didn’t want the bill to move forward. So it was a double-edged thing.” Klobuchar added that McGahn, who was previously chair of the Federal Election Commission, “had a personal interest in it” and that, with him no longer at the White House, “maybe they can look at it fresh.” McGahn did not respond to a request for comment.

National: Mueller Findings Raise Election Hacking Fears in States | Stateline

Tucked into the 448-page report from Special Counsel Robert Mueller were four paragraphs about major breaches into state and local election systems. Mueller’s description of Russian interference designed to help the Trump campaign was a reminder of how far many state and local officials have come in securing election infrastructure, but also of how stark the threat remains to the nation’s 8,000 election offices. The report even disclosed a previously unknown breach: Russian intelligence agents in November 2016 tried to introduce corrupted files into election offices in several Florida counties. The hackers succeeded in at least one of those counties, the report indicates. It raises questions about election systems’ vulnerability to outside hackers — and why the FBI didn’t tell Florida officials about the attempted strike. Election security experts say malicious foreign actors continue this year to target voter registration databases, Election Day result programs, and election office websites and social media profiles as they did during the last presidential election. “It once again reinforces that this is a legitimate threat,” said Maurice Turner, a senior technologist at the nonprofit Center for Democracy and Technology in Washington, D.C. “This isn’t just a one-time issue that’s come and gone.” Any interference operations targeting the 2020 presidential election already have begun, Turner said. Phishing emails designed to allow hackers to capture passwords, usernames or personal information through unwitting officials likely have already gone out, he said.

National: Klobuchar finds Attorney General Barr unaware of major election security legislation | Roll Call

Attorney General William Barr said Wednesday that he was not familiar with the Senate’s bipartisan effort to enhance the security of election systems ahead of 2020. Barr had not yet returned to the Department of Justice when, last year, the Senate Rules and Administration Committee abruptly cancelled a markup of a bipartisan bill known as the Secure Elections Act. The legislation crafted by Oklahoma Republican Sen. James Lankford and Minnesota Democratic Sen. Amy Klobuchar seeks to require state election officials to conduct audits following elections, as well as to establish paper ballot backup systems. “The White House, just as we were on the verge of getting a markup in the Rules Committee, getting it to the floor where I think we would get the vast majority of senators, the White House made calls to stop this,” Klobuchar said at the hearing, recalling the events of August 2018. Klobuchar then asked Barr for a commitment to work on the legislation. “I will work with you to enhance the security of our election, and I’ll take a look at what you are proposing,” Barr said. “I’m not familiar with it.” Klobuchar responded to Barr by pointing out that the bill is the main bipartisan measure related to election security, noting support of Intelligence Chairman Richard M. Burr, R-N.C., and Vice Chairman Mark Warner, D-Va., as well as fellow Judiciary Committee members including Democrat Kamala Harris of California and Chairman Lindsey Graham, a South Carolina Republican.

National: Here’s the one thing Republicans and Democrats could agree on during Barr hearing | The Washington Post

During a contentious and highly partisan hearing with Attorney General William Barr yesterday, senators did manage to find one bipartisan point of agreement: Pushing for improved election and campaign security before 2020. During the more than four-hour Judiciary Committee hearing, both Republicans and Democrats sought Barr’s support for legislation to require paper records for 2020 votes and efforts to harden election infrastructure and to combat digital misinformation. And they urged the Justice Department to help 2020 presidential campaigns ward off foreign interference. “The special counsel’s report is the end of the road when it comes to the question of the Trump administration’s intent,” Sen. Joni Ernst (R-Iowa) said. “But it is just the beginning of the conversation on how we counter Russia and other foreign adversaries in their attempts to undermine our Republic.” It seemed to be the only point of political alignment at the hearing during which Democrats savaged Barr for allegedly misrepresenting findings in the report from special counsel Robert S. Mueller III and after which numerous Democratic senators called on the attorney general to resign. But it’s far from clear that Congress will be able to pass election security legislation in time for the 2020 contest.

National: 2020 campaigns grappling with how to manage cybersecurity | Associated Press

While candidates were focused on campaigning in 2016, Russians were carrying out a devastating cyber-operation that changed the landscape of American politics, with aftershocks continuing well into Donald Trump’s presidency. And it all started with the click of a tempting email and a typed-in password. Whether presidential campaigns have learned from the cyberattacks is a critical question ahead as the 2020 election approaches. Preventing the attacks won’t be easy or cheap. “If you are the Pentagon or the NSA, you have the most skilled adversaries in the world trying to get in but you also have some of the most skilled people working defense,” said Robby Mook, who ran Hillary Clinton’s campaign in 2016. “Campaigns are facing similar adversaries, and they don’t have similar resources and virtually no expertise.” Traditionally, cybersecurity has been a lower priority for candidates, especially at the early stages of a campaign. They need to raise money, hire staff, pay office rents, lobby for endorsements and travel repeatedly to early voting states. Particularly during primary season, campaign managers face difficult spending decisions: Air a TV ad targeting a key voting demographic or invest in a more robust security system for computer networks?

National: Mueller fails to break stalemate on election meddling crackdown | The Hill

Efforts to combat election meddling in the aftermath of the Mueller report are running into steep political headwinds on Capitol Hill. Special counsel Robert Mueller’s sprawling 448-page report detailed Russia’s efforts to interfere in the 2016 election and sparked fresh calls for tougher sanctions against Moscow or new election security measures. But any initial boost of momentum is now hitting roadblocks with top GOP senators and stalemated partisan standoffs, underscoring the uphill battle for a legislative push leading up to the 2020 election. “I think there’s a lot we can do without passing new legislation,” said Sen. John Cornyn (R-Texas), a member of GOP leadership and the Senate Intelligence Committee. “The House has taken more of an attitude of: Don’t let a crisis go to waste.” Asked about the chances of passing sanctions or election security, Sen. John Thune (S.D.), the No. 2 Senate Republican, said, “We’ll see.” “Some of our members are talking about more sanctions. We’ll see where it goes,” he said. “On the election security stuff … I think we feel confident based on the fact that our elections in this country are basically local, that …  it ensures a certain amount of accountability.”

National: Schumer presses for election security boost after Mueller report | Politico

Senate Minority Leader Chuck Schumer on Tuesday called for swift action to boost election security in 2020 in the wake of the Mueller report. In a letter to his Senate Democratic colleagues, the New York Democrat blasted the Trump administration for “not forcefully and adequately responding to the attack on our democracy” described in special counsel Robert Mueller’s report on Russian interference in the 2016 presidential election. Schumer’s letter comes ahead of the caucus’ first meeting since the release of Mueller’s report and one day before Attorney General William Barr is set to testify before the Senate Judiciary Committee on the investigation. Schumer wants a classified briefing from Trump administration officials about steps they are taking to protect the integrity of U.S. elections, including from the heads of the Department of Homeland Security, FBI and Cyber Command.

National: If Mueller Report Was ‘Tip Of The Iceberg,’ What More Is Lurking Unseen? | NPR

If the political interference documented in special counsel Robert Mueller’s report was just the “tip of the iceberg,” what else is lurking out of sight beneath the surface? That was the question posed by Deputy Attorney General Rod Rosenstein in a speech in New York City, one in which he defended his handling of the Russia investigation and suggested there could be much more to it beyond that contained in Mueller’s report. “The bottom line is, there was overwhelming evidence that Russian operatives hacked American computers and defrauded American citizens, and that is only the tip of the iceberg of a comprehensive Russian strategy to influence elections, promote social discord and undermine America, just like they do in many other countries,” Rosenstein said on Thursday. Mueller’s focus was on the two best-known aspects of Russia’s “active measures”: the theft and release of material embarrassing to political targets and the use of social media platforms to crank up agitation among an already divided populace. Some of the Russian schemes that Mueller left out of his report also are known. On Friday, for example, a federal judge sentenced a woman to 18 months in prison after she pleaded guilty to serving as an unregistered Russian agent from around 2015 until her arrest last summer.