National: I study blockchain. It’s not ready to use in our elections | Nir Kshetri/Fast Company

A developing technology called blockchain has gotten attention from election officials, startups, and even Democratic presidential candidate Andrew Yang as a potential way to boost voter turnout and public trust in election results. I study blockchain technology and its potential use in fighting fraud, strengthening cybersecurity, and securing voting. I see promising signs that blockchain-based voting could make it more convenient for people to vote, thereby boosting voter turnout. And blockchain systems can be effective at strengthening the security of devices, networks, and critical systems such as electricity grids, as well as protecting personal privacy. The few small-scale tests run so far have identified problems and vulnerabilities in the digital systems and government administrative procedures that must be resolved before blockchain-based voting can be considered safe and trustworthy. Therefore I don’t see clear evidence that it can prevent, or even detect, election fraud.

National: Election security drill pits red-team hackers against DHS, FBI and police | Sean Lyngaas/CyberScoop

A year from the 2020 election, sophisticated exercises to help secure the vote are kicking into high gear. On Tuesday, executives from the Boston-based firm Cybereason will conduct a tabletop exercise testing the resolve of officials from the Department of Homeland Security, FBI, and the police department of Arlington County, Virginia, among other organizations. The fictional scenario will involve attackers from an unnamed foreign adversary laying siege to a key city in a U.S. swing state. Hacking, physical attacks and disinformation via social media will be on the table as the attackers seek to flip the vote to their preferred candidate — or sow enough doubt among voters to undermine the result. One of the objectives of the red team — technical specialists from Cybereason and other private organizations — is voter suppression. That is exactly what Russian operatives aimed to achieve in 2016 and what, according to U.S. officials, they could strive for again in 2020. What participants learn from Tuesday’s event can be worked into future election-security drills, which will only grow more frequent as the 2020 vote approaches.

National: Internet Voting Is Becoming A Reality In Some States, Despite Cyber Fears | Miles Parks/NPR

For decades, the cybersecurity community has had a consistent message: Mixing the Internet and voting is a horrendous idea. “I believe that’s about the worst thing you can do in terms of election security in America, short of putting American ballot boxes on a Moscow street,” howled Sen. Ron Wyden, D-Ore., on the Senate floor this year. And yet, just a few years removed from Russia’s attack on democracy in the 2016 presidential election, and at a time of increased fear about election security, pockets of the U.S. are doing just that: experimenting with Internet voting as a means to increase turnout. Some experts are terrified. Others see the projects as necessary growth in an American voting system they call woefully stuck in a previous century. The number of people expected to vote this way in 2020 is still minuscule. But the company administering the system and advocates pushing for its use are open about wanting to fundamentally change the way Americans cast their ballots over the coming decade. The U.S. does not have a federalized election infrastructure. That means states and localities have the freedom to oversee voting how they see fit, with little oversight from the federal government. In some cases, that can lead to contradictory trends: At the same time some states implement same-day voter registration, others add more burdensome photo ID requirements. Voting technology is no different.

National: Cyber firm sows chaos in election hack simulation | Derek B. Johnson/FCW

The fictional City of Adversaria was ground zero for an Election Day security training exercise pitting law enforcement officials attempting to maintain order during an election against “K-OS,” a mysterious cyber group aiming to disrupt and undermine voter confidence. The simulated battle was part of Operation Blackout, a tabletop exercise hosted by Cybereason Nov. 5 to test how federal officials might react to a dedicated attack on election day. The company invited officials from real federal agencies like FBI and the Department of Homeland Security to sit in on both the “Blue” team representing law enforcement and “Red” team representing K-OS, to learn how to better protect election infrastructure. Ari Schwartz, former senior director of cybersecurity at the National Security Council under President Barack Obama, helped adjudicate the exercise and told FCW afterwards that in a real election, much of the planning by defenders would be gamed out in the weeks and months leading up to election day, but that unforeseen attack vectors are always out there and can throw a wrench into the gears of the best laid plans.

National: Administration officials say election security is a ‘top priority’ ahead of 2020 | Tal Axelrod/The Hill

Several administration officials Tuesday released a joint statement assuring the public that they are prioritizing election security less than a year away from the 2020 presidential race. Attorney General William Barr, Secretary of Defense Mark Esper, outgoing acting Secretary of Homeland Security Kevin McAleenan, acting director of national intelligence Joseph Maguire, FBI Director Christopher Wray and others said they have increased the level of federal support to state and local election officials and are prioritizing the sharing of threat intelligence to improve election security. “In an unprecedented level of coordination, the U.S. government is working with all 50 states and U.S. territories, local officials, and private sector partners to identify threats, broadly share information, and protect the democratic process. We remain firm in our commitment to quickly share timely and actionable information, provide support and services, and to defend against any threats to our democracy,” they said in a joint statement.

National: Feds and police are war-gaming all the ways an election can be hacked | Joseph Marks/The Washington Post

As voters head to the polls today in Virginia’s odd-year contest, federal officials and local police are war-gaming how adversaries could disrupt next year’s contest without hacking any election systems at all. Officials from the FBI, Department of Homeland Security and U.S. Secret Service are working with cops in Arlington to game out how to respond if hackers from Russia or elsewhere in 2020 disrupt electricity at polling places, shut down streetlights, or hijack radio and TV stations to suppress voter turnout and raise doubts about election results. They’ll also test how to respond if adversaries launch social media campaigns to incite fights at polling places — or to spread rumors about riots or violence that deter people from going out to vote. Cybersecurity experts and academics will play the mock hackers, lobbing new challenges at officials throughout the day. The exercise underscores how hackers could destroy public faith in an election’s outcome without changing any votes. And that’s particularly concerning because many of these potential targets are far more vulnerable than voting machines. “If you can prevent people from getting to the polls … if you can effectively disenfranchise certain segments of the population, that’s far more disruptive to the republic than taking out a few voting machines,” Sam Curry, chief security officer at Cybereason, the company organizing the war game, told me.

National: Smartphone Voting Could Expand Accessibility, But Election Experts Raise Security Concerns | Abigail Abrams/Time

ome voters with disabilities will be able to cast their ballots on smart phones using blockchain technology for the first time in a U.S. election on Tuesday. But while election officials and mobile voting advocates say the technology has the potential to increase access to the ballot box, election technology experts are raising serious security concerns about the idea. The mobile voting system, a collaboration between Boston-based tech company Voatz, nonprofit Tusk Philanthropies and the National Cybersecurity Center, has previously been used for some military and overseas voters during test pilots in West Virginia, Denver and Utah County, Utah. Now, Utah County is expanding its program to include voters with disabilities in its municipal general election as well. Two Oregon counties, Jackson and Umatilla, will also pilot the system for military and overseas voters on Tuesday. The idea, according to Bradley Tusk, the startup consultant and philanthropist who is funding the pilots, is to increase voter turnout. “We can’t take on every interest group in Washington around the country and beat them, but I think what we can do is let the genie out of the bottle,” he says.

National: Cyber officials tout reforms with one year to Election Day | Maggie Miller/The Hill

Officials and cyber experts are expressing confidence in reforms made to prevent a repeat of election hacking and foreign interference one year ahead of their biggest test yet, Election Day 2020, even as they remain vigilant. This optimism comes even as lawmakers remain sharply divided along party lines on how to address election security concerns. Sen. Ron Johnson (R-Wis.), the chairman of the Senate Homeland Security and Governmental Affairs Committee, told reporters on Thursday that he believes “great strides” have been made since 2016 by the Department of Homeland Security (DHS) and election officials. “It’s a serious issue, and one we take seriously, but when I take a look at all the threats facing this nation, it really is on the lower end of my priority list in terms of what I’m overly concerned about because it’s being addressed I think pretty effectively,” Johnson said. Democratic House Homeland Security Committee Chairman Bennie Thompson (Miss.), though, warned this week that “in just over a year, voters in many states across the country will vote for president in 2020 on machines that are old, have no paper trail, and are vulnerable to manipulation.”

National: A Plan to Crowdsource Voting Machines’ Security Problems | Andrea Noble/Defense One

A northern Virginia infrastructure-threat clearinghouse is trying to build a system to help voting-system manufacturers learn about problems with their machines. Fueled by monetary rewards and curiosity, hackers have helped companies discover and fix security vulnerabilities in a variety of technology and software applications. But one year out from the 2020 presidential election, can they do more to help secure voting systems? Technology researchers hope so. The Information Technology-Information Sharing and Analysis Center, or IT-ISAC, is evaluating the feasibility of creating a coordinated vulnerability disclosure, or CVD, program that could alert voting system companies about weaknesses. The first step in establishing a CVD program requires voting vendors to have a system in place for receiving information about discovered vulnerabilities and acting on that information—procedures several vendors have already begun to implement, said Scott Algeier, the executive director of IT-ISAC, a non-profit that serves as a clearinghouse for information on cyber threats to critical infrastructure.

National: How the threat of hacking looms over the 2020 election | Ellen Daniel/Verdict

With the UK bracing for a general election and campaigning ahead of the US 2020 presidential election now in full swing, the threat of election hacking is once more a key topic of conversation. The now infamous Democratic National Committee cyber attacks, in which hackers with ties to Russia breached the DNC network via a phishing attack, exemplified how easily democratic infrastructure can be affected by outside interference. However, four years later, the cybersecurity community is still calling for greater efforts to combat the issue. Verdict spoke to Kevin Bocek, VP of security strategy & threat intelligence at cybersecurity firm Venafi to discover the motivations behind election hacking and whether the threat can ever be fully removed. Despite the publication of the Mueller report earlier this year, and the conclusion that Russia “interfered in the 2016 presidential election in sweeping and systematic fashion”, the implications for the Western democratic system are yet to be fully addressed.

National: John Oliver on exploitable voting machines: ‘We must fix this’ | Adrian Horton/The Guardian

On Last Week Tonight, John Oliver focused on voting – a staple of American democracy and, among other things, “the only way to get Sean Spicer off of Dancing with the Stars”. Before Americans vote this Tuesday – yes, Oliver reminded, there are elections this Tuesday – it’s worth asking: “How much do you trust the system that counts your ballots?” It’s not unreasonable to have some questions about election security, Oliver continued. We now know that in 2016, Russian hackers targeted election systems in all 50 states. In that case, they targeted voter registration data; as for the machines, officials have promised that they’re secure, but a Senate report on the 2016 election infrastructure found that some were “vulnerable to exploitation by a committed adversary”. Oliver offered some context: there’s not one election system in use across the US. Some states use paper ballots, others have a print-out ballot, still others use all-electronic systems. Those electronic machines were introduced after the contested 2000 presidential election, in which the race between George W Bush and Al Gore came down to 1,000 votes in a Florida recount cast on push-pin ballots.

National: New federal guidelines could ban internet in voting machines | Eric Geller/Politico

A long-awaited update to federal voting technology standards could ban voting machines from connecting to the internet or using any wireless technology such as Wi-Fi or Bluetooth. A new draft of version 2.0 of the Voluntary Voting System Guidelines says that voting machines and ballot scanners “must not be capable of establishing wireless connections,” “establishing a connection to an external network” or “connecting to any device that is capable of establishing a connection to an external network.” If they survive a review process, the new rules would represent a landmark development in voting technology oversight, eliminating one of cybersecurity experts’ top concerns about voting machines by plugging holes that skilled hackers could exploit to tamper with the democratic process. The wireless and internet bans are included in the latest draft of the “system integrity” section of the VVSG update. A working group focused on the VVSG’s cybersecurity elements reviewed the document during an Oct. 29 teleconference.

National: Almost 100 former officials, members of Congress urge Senate action on election security | Maggie Miller/The Hill

A group of nearly 100 former members of Congress, Cabinet officials, ambassadors and other officials is urging Congress to take action to secure U.S. elections, citing “severe threats to our national security” if certain steps are not taken. The officials, all of whom are members of nonprofit political action group Issue One’s “ReFormer’s Caucus,” sent a letter to the Senate on Thursday urging members to support various bills designed to bolster election security. “Foreign interference in American elections is a national security emergency,” the group wrote. “We are alarmed at the lack of meaningful Congressional action to secure our elections. The United States cannot afford to sit by as our adversaries exploit our vulnerabilities. Congress — especially the Senate — must enact a robust and bipartisan set of policies now.” Specifically, the officials advocated for the passage of five bipartisan bills, including the Honest Ads Act, a bill meant to increase the transparency surrounding online political ads, and the Defending Elections from Threats by Establishing Redlines (DETER) Act, which would impose sanctions on countries that interfere in U.S. elections. The officials also urged the Senate to pass legislation aimed at increasing the cybersecurity of voting infrastructure and cracking down on foreign donations to U.S. elections.

National: Voting machines still easy prey for determined hackers | Derek B. Johnson/FCW

Security researchers showed lawmakers and reporters how easy it is to compromise voting machines in what has become an annual event at the U.S. Capitol. The Washington, D.C., version of the Voting Village event at the DefCon security conference in Las Vegas gives policymakers a hands-on glimpse of the technology that powers U.S. democracy. This year’s report is consistent with prior exercises: virtually every machine experts can get their hands on can be easily exploited in a number of different ways. What has changed in recent years, said Voting Village Co-founder Harri Hursti, is that the community of security researchers with first-hand experience working with these machines has grown from less than a dozen to thousands. Even though the annual event has been held for several years, fresh researchers have discovered of new vulnerabilities and attack vectors. “In this area, it’s always mind-blowing how these machines keep giving,” Hursti told FCW.

National: FBI chief warns of possible 2020 interference from Russia, China | Maggie Miller/The Hill

FBI Director Christopher Wray on Wednesday testified that he expects Russian actors to attempt to interfere in the 2020 elections, adding that he also expects countries like China to explore disinformation efforts. “Some of the things that the Russians have tried in other countries we expect them to try to do here as well, it’s pretty common to test it out in other jurisdictions, thankfully we don’t have elections every year, so that gives us a little bit of time to plan ahead,” Wray testified in regards to potential attacks on U.S. elections to the House Homeland Security Committee. Wray did not offer details of what exactly the Russians might attempt due to the open setting of the hearing. Wray noted that while the FBI has not seen “any intention” from China, Iran and North Korea to attempt attacks on election infrastructure, these countries are “clearly interested in engaging in malign foreign influence” in regards to elections, such as through social media disinformation efforts.

National: GOP senator blocks sweeping election reform bill | Jordain Carney/The Hill

A Republican senator blocked a sweeping House-passed election and ethics reform bill on Wednesday, the latest of several failed attempts by Democrats to advance election-related legislation ahead of 2020. Democratic Sens. Jeff Merkley (Ore.) and Tom Udall (N.M.) tried to pass the ethics and elections reform measure, known as H.R. 1, which they argued had been buried in the upper chamber’s “legislative graveyard.” “The For the People Act repairs our broken campaign finance system, opens up the ballot box to all Americans [and] lays waste to the corruption in Washington,” Udall said. “We must unite in defense of our electoral system and in defense of the sanctity of our democracy.” Merkley argued that the bill was crucial “because everything else we care about … is going to fail if we let this chamber be controlled by powerful special interests through this corrupted system.” But Sen. Roy Blunt (R-Mo.), the chairman of the Senate Rules Committee, objected to the bill’s passage, arguing that the legislation would “give the federal government unprecedented control over elections in this country.”

National: Free cybersecurity help for campaigns is on its way | Joseph Marks/The Washington Post

Securing political campaigns against cyberattacks is about to get a lot cheaper. A nonprofit group that won permission in May from the Federal Election Commission to provide campaigns with free and reduced-price cybersecurity help is announcing its first slate of services this morning, including email security, encrypted messaging and security training for staff. Defending Digital Campaigns, which was co-founded by Hillary Clinton’s 2016 campaign manager Robby Mook and Mitt Romney’s 2012 campaign manager Matt Rhoades, is basically a middleman for the services provided by cybersecurity companies. They’ll be available to presidential and congressional campaigns that meet certain polling or fundraising thresholds and to political party committees.The DDC announcement marks one of the biggest efforts yet to prevent a repeat of the 2016 election when Kremlin-linked hackers stole and released embarassing documents from the Democratic National Committee and the Clinton campaign in an effort to help the Trump campaign, according to U.S. intelligence officials.

National: Voting Village brings equipment to lawmakers to boost urgency on election security | Sean Lyngaas/CyberScoop

A year from the 2020 election and with a new round of election security funding stalled in Congress, the DEF CON Voting Village organizers have again taken to Capitol Hill to raise awareness about software vulnerabilities in voting equipment. This time, they brought the equipment with them to drive home their point. “If we’re going to meaningfully introduce funding or introduce new technologies for 2020, time is rapidly running out to be able to do that,” Matt Blaze, a professor at Georgetown University and co-organizer of the Voting Village, told CyberScoop. “We need to act pretty fast.” A handful of House Democrats and their staffers sauntered up to equipment on display, including a ballot-marking device and an electronic voting machine, to ask the researchers about the software bugs they found. “This is really helpful in understanding that these aren’t just abstract problems, that these are real things,” Blaze, an expert in cryptology, told CyberScoop. This is the second time in a month that the Voting Village has hosted an event on Capitol Hill. Last month, Blaze and Harri Hursti, another village organizer, unveiled the village’s annual report on flaws in voting gear that could be exploited by hackers.

National: Threat to US elections in 2020 is not limited to Russia | Eric Tucker/Associated Press

Russia interfered in the 2016 election and may try to sway next year’s vote as well. But it’s not the only nation with an eye on U.S. politics. American officials sounding the alarm about foreign efforts to disrupt the 2020 election include multiple countries in that warning. Concerns abound not only about possible hacking of campaigns but also about the spread of disinformation on social media and potential efforts to breach voting databases and even alter votes. The anxiety goes beyond the possibility that U.S. adversaries could affect election results: The mere hint of foreign meddling could undermine public confidence in vote tallies, a worrisome possibility in a tight election. “Unfortunately, it’s not just Russia anymore. In particular, China, Iran, a couple of others, studied what the Russians did in 2016,” said James Lewis, a cybersecurity expert at the Center for Strategic and International Studies in Washington.

National: The Market for Voting Machines Is Broken. This Company Has Thrived in It. | Jessica Huseman/ProPublica

In the glare of the hotly contested 2018 elections, things did not go ideally for ES&S, the nation’s largest manufacturer of voting technology. In Georgia, where the race for governor had drawn national interest amid concerns about election integrity, ES&S-owned technology was in use when more than 150,000 voters inexplicably did not cast a vote for lieutenant governor. In part because the aged ES&S-managed machines did not produce paper backups, it wasn’t clear whether mechanical or human errors were to blame. Litigation surrounding the vote endures to this day. In Indiana, ES&S’ systems were plagued by mishaps at the local level. In Johnson County, for instance, the company’s brand-new machines faltered in ways that made it difficult to know whether some people had voted more than once. “ES&S misjudged the need for appropriate resources to serve Johnson County on Election Day 2018,” a report issued by state election officials later concluded. Johnson County subsequently terminated its contract with ES&S and, this September, paid more than $1.5 million to purchase an entirely new set of equipment. The uneven performance by ES&S in 2018, however, did little to dent its position as one of the most popular and powerful voting technology companies in the U.S. Any number of prior controversies hadn’t either.

National: Here’s where U.S. cyber warriors are working to protect against election threats | Olivia Gazis/CBSNews

The U.S. government’s actions to disrupt Russia’s attempted cyber incursions into the 2018 midterm elections took place in part in a newly constructed Joint Operations Center (JOC) on the National Security Agency’s expanding Fort Meade campus in Maryland. Efforts to protect the 2020 elections are expected to follow a similar drill. Located in the middle of the Cyber Integration Center — a 380,000 square foot, $520 million building whose construction was completed last September — the JOC links two adjoining facilities where NSA and U.S. Cyber Command personnel reside. A massive floor dotted by pods of desks and dominated by three curved, 20-foot-tall screens, the JOC is run by roughly 200 civilian and military officials who work 12-hour, rotating shifts — 24 hours a day, seven days a week, 365 days a year. “One of the first activities that were run out of here was NSA and U.S. Cyber Command support to the 2018 elections,” said Colonel Stephen Landry, a senior officer in the NSA’s recently launched Cybersecurity Directorate. That included support, he said, to the Russia Small Group, an election security task force comprising NSA and Cyber Command officials that was created last year by General Paul Nakasone, who heads both agencies. The Russia Small Group was instrumental in carrying out an offensive cyber operation that took the Internet Research Agency, a Kremlin-linked troll farm known to have waged an influence campaign in 2016, offline ahead of the November midterms. Nakasone has since publicly touted the success of the group, made it a permanent fixture, and said its approach in 2018 would serve as a model for 2020. (Its members are scattered throughout NSA and Cyber Command, not physically concentrated in the JOC.)

National: Election Assistance Commission Loses Its Top Leaders | Courtney Bublé/Government Executive

s the nation’s elections clearinghouse faces tight funding and criticism from advocacy groups on its new voting guidelines, the agency is losing its top two officials. Election Assistance Commission commissioners voted in early September to not reappoint Executive Director Brian Newby and General Counsel Cliff Tatum, Politico reported. Under the previous succession plan, the chief operating officer would assume the role of acting executive director; however, that position has been vacant since 2015. Commission Chief Information and Security Officer Mona Harrington will assume the role of acting executive director on Wednesday, under the new plan, as the agency starts the search process for a permanent leader. “The [Election Assistance Commission] is charged with providing top quality resources that support accurate, secure and accessible elections for all eligible voters,” the EAC commissioners said in a press release regarding the vacancies. “We are lock-step in our commitment to fulfilling that mandate.”

National: Senate GOP blocks three election security bills for second day | Jordain Carney/The Hill

Senate Republicans blocked three election security bills on Wednesday, marking the second time in as many days they’ve stymied legislation. Sens. Mark Warner (D-Va.), Amy Klobuchar (D-Minn.) and Ron Wyden (D-Ore.) asked for unanimous consent to pass three election-related bills. But they were blocked by Sen. Marsha Blackburn (R-Tenn.), who noted that the unsuccessful attempt was the latest by Democrats to pass election security bills in the Senate ahead of 2020. “You know, it’s not a good sign if you’re doing the same thing over and over and expecting a different result,” Blackburn said. Under Senate rules, any one senator can ask to vote on or pass a bill. But because it requires unanimous support, any one senator can also block their requests. Election security has become a point of contention during the Trump era. House Democrats have passed several election-related bills, including a sweeping ethics and election reform measure, but they’ve hit a wall in the GOP-controlled Senate.

National: What Battleground States Need to Do to Prevent Voting Machine Hacking in 2020 | Hadley Hitson/Fortune

Three companies control the fate of United States elections. Election Systems & Software, Dominion Voting Systems, and Hart InterCivic dominate 92% of the voting machine market, standing to make bank as states rush to update their systems before the looming 2020 election.  In 2016, counties in 16 states used paperless equipment without backup records. The Department of Homeland Security later notified six of those states that hackers targeted their systems. There’s now widespread recognition that paperless machines are the least secure. Some state governments control voting methods, others delegate the decision to local authority, but in most of those states, officials are moving to purchase new machines. “The transition is still happening, but I’m hopeful every battleground state will have a paper backup of every vote,” said Lawrence Norden, director of the Election Reform Program at the NYU Brennan Center For Justice. Norden predicts 90% of votes will have paper backups in 2020.

National: Internal Cybersecurity Memo Warns White House Will Get Hacked | Jennings Brown/Gizmodo

In the 1,006 days since Donald Trump became president, his administration has shown little vigilance when it comes to its own security, and a new internal memo suggests the White House is working to weaken its own cybersecurity safeguards. Axios has published a memo written by the White House computer network defense branch chief Dimitrios Vastakis that warns “the White House is posturing itself to be electronically compromised once again.” The White House did not immediately respond to a Gizmodo request for comment. Vastakis submitted the memo as a letter of resignation last Thursday. As Axios reports, the letter comes after at least twelve top officials were dismissed or resigned from a cybersecurity team that protected the White House from security threats from Russia and other entities. This team—the Office of the Chief Information Security Officer (OCISO)—was built after the Obama administration was attacked by Russian hackers in 2014. As the memo states, the OCISO “was established to take on the responsibility of securing the Presidential Information Technology Community (PITC) network.” Since then, the team has “significantly matured the security posture of PITC and no major compromise has occurred,” according to the memo.

National: NSA: ‘We know we need to do some work’ on declassifying threat intel | Shannon Vavra/CyberScoop

One of the National Security Agency’s newly minted Cybersecurity Directorate’s goals is to quickly share information on adversarial threats with the private sector — but the process for doing that needs to be refined, the directorate’s leader said Thursday. “The process in place today is where we know we need to do some work,” Anne Neuberger said while speaking at CyberTalks, produced by CyberScoop. “When we find indications of a threat, we see planning to execute a particular operation, or we see the operation being executed. [But] because we learn about it in a classified way, we treat it as classified.” Part of the difficulty the NSA faces is that adversaries often run operations and then discard their compromised infrastructure, making a protracted declassification process nearly useless since “indicators of compromise pretty much they have a ticking time clock for how useful they are,” Neuberger said. The new directorate, which started operations earlier this month, is measuring success by examining how well it is able to prevent attacks moving forward.

National: Trolls could turn to cyber to disrupt the 2020 census | Amanda Seitz and Rachel Lerman/Fifth Domain

Worried about internet trolls and foreign powers spreading false news, census officials are preparing to battle misinformation campaigns for the first time in the count’s 230-year history. The stakes are huge. Who participates in the 2020 census count could influence how U.S. congressional seats and billions of federal tax dollars to educate children, help low-income families and pave new roads are divvied up. “It’s a fine target,” former U.S. Census Bureau director John Thompson said of the form, which is sent every decade to households in America to count the population. “If you want to disrupt a democracy, you can certainly go about it by disrupting a census.” Already, false and inaccurate social media posts about the census have begun to appear online, where they have been viewed thousands of times. Foremost on everyone’s mind are the misinformation wars waged during the last presidential election to confuse U.S. voters. Fake posts about the census began popping up days after the U.S. Supreme Court ruled in June that the Trump administration could not ask about citizenship status on the 2020 census: Conservative bloggers, Twitter users and pundits falsely blamed former President Barack Obama for scrubbing the question from the form in 2010. In fact, the main census form hasn’t included a citizenship question since 1950, and the bureau’s own analysis found it would discourage people from participating, possibly skewing results.

National: Senate Intelligence report triggers new calls for action on election security | Maggie Miller/The Hill

Democrats are renewing their calls for Senate action on election security measures following the release of a Senate Intelligence Committee report that found the Kremlin directed Russian efforts to interfere in the 2016 presidential election. The party has repeatedly gone after Senate Majority Leader Mitch McConnell (R-Ky.) for imposing obstacles to action on election security, a point underscored once again in the wake of the bipartisan Intelligence report. McConnell was “blocking a full-throated U.S. response” by stopping various election security bills from being brought up in the Senate and burying them “in his legislative graveyard,” Senate Minority Leader Charles Schumer (D-N.Y.) charged in a statement. Sen. Michael Bennet (D-Colo.), a member of the Senate Intelligence Committee and a 2020 presidential candidate, called on McConnell to allow votes on election security legislation.

National: Internet Group Says Most U.S. Presidential Candidates Have Cybersecurity Flaws | Sintia Radu/US News

Moire than three years after media reports disclosed hackers were interfering in the 2016 U.S. presidential race to influence voters, most of the country’s candidates in the 2020 presidential election are struggling with cybersecurity issues, according to a nonpartisan group focused on internet standards. A majority of the 23 candidates in the race for the White House failed to meet the privacy and security standards set by the Internet Society’s Online Trust Alliance (OTA), according to the group’s audit released this week. The findings are the latest to show the increasing pressure countries are facing to preserve online security during elections, as well as in their industries and infrastructure. The research by the OTA examined how well the 23 Democratic, Republican and Independent candidates are handling online security challenges in their campaigns. Just seven of the 23 politicians scored 80% or higher in campaign cybersecurity, meaning researchers found no failures in the three areas examined: privacy, website security and consumer protection. Weaknesses ensuring the data privacy of users accessing the candidate’s online platforms raised the most red flags, researchers found.