The road from Washington to St. Petersburg apparently passes through Arizona – at least the cyber-road does. That’s according to the long-awaited Mueller report on the two-year investigation into possible Russian meddling in the 2016 presidential election. Buried in the 448-page report is a little more than a page that said Russian intelligence officers used a “leased computer” in Arizona to help funnel information that was stolen from hacked Democratic Party computers. About half of the page on the Arizona server is redacted because the information relates to an “investigative technique” – one of the areas blacked out from the report, along with information about grand jury testimony, ongoing investigation and privacy concerns. The unredacted portions do not reveal where in Arizona the leased computer was located or which company might have leased it.Full Article: Mueller report says Russian hacking once went through Arizona server | Cronkite News - Arizona PBS.
Sen. Rick Scott today demanded that the FBI release information about a suspected Russian hack of at least one Florida county, a revelation that came to light in Thursday’s report from special counsel Robert Mueller. The Florida Republican, in a letter to FBI Director Christopher Wray, asked the agency to provide information to both Congress and the Florida Department of State. He asked the FBI to identify which Florida county had been compromised and gave the agency seven days to comply. “It is my goal to have free and fair elections with zero fraud,” wrote Scott, who noted his push to spend money on election cybersecurity ahead of the 2018 elections. “This is a very serious issue that needs the immediate attention of the FBI.” The FBI did not immediately reply to a request for comment.Full Article: Scott demands FBI information on Russian hacking.
Minnesota: While hackers threaten 2020 election systems, politics intruding on security fixes | Minneapolis Star Tribune
Despite broad agreement that foreign hackers will again target American voting systems in 2020, partisan friction in St. Paul and Washington has stalled efforts to bolster election security, with less than a year to go before Minnesotans cast presidential primary ballots. The delay has alarmed elections officials and cybersecurity experts who warn of a repeat of 2016, when Russians targeted Minnesota and 20 other states in what special counsel Robert Mueller’s report, released Thursday, called a “sweeping and systematic fashion.” “Hackers learn from hackers: The question becomes if [Russia] can do it, why wouldn’t any hacker around the world do it?” said Clint Watts, a former FBI agent and cybersecurity scholar. “We can talk Russia all day, but everybody knows this can be done now.” Amid the warnings of Russian interference, Minnesota lawmakers remain at odds over using more than $6 million in federal funds approved by Congress more than a year ago to shore up election security. Minnesota is the only state that has yet to touch its share of the $380 million federal appropriation. At the same time, a measure co-sponsored by Minnesota U.S. Sen. Amy Klobuchar to improve cybersecurity information sharing between federal agencies and local election workers also is at a standstill. Local officials warn that time is running out.Full Article: While hackers threaten 2020 election systems, politics intruding on security fixes - StarTribune.com.
Counties are preparing to adopt the latest in election technology – but progress could depend on whether and when the state pays for the upgrade. As part of their effort to get lawmakers, freeholders and others familiar with what’s available, the New Jersey Association of Election Officials recently held a trade show at the Trenton War Memorial showing off the current state of technology – items common in some states but rare, for now, in New Jersey. Cape May County Clerk Rita Fulginiti said the pace for the updates will depend on state law and state funding. “It will cost a lot to upgrade to better equipment, but it’s all about the voter and making voting systems accessible to the voter,” Fulginiti said. New Jersey would need to spend $64 million to upgrade all the voting machines in the state, New York University’s Brennan Center for Justice estimates.Full Article: Who will pay to upgrade NJ's voting technology?.
North Carolina: Mueller report: Did Russian government hack 2016 North Carolina voting? | Raleigh News & Observer
The Mueller report released Thursday found that Russian spies successfully hacked into a U.S. voting software company during the 2016 elections, and North Carolina officials think there’s a chance it was software that’s in use here. The N.C. Board of Elections now has sent a letter to VR Systems, whose voting software was used by 21 North Carolina counties in 2016. The letter, which was first reported by WRAL, asks the company to “provide immediate, written insurance regarding the security of your network.” The Mueller report didn’t specifically name the company. But VR Systems confirmed in a written statement that it’s the company in question. The company’s software can’t be used to count or change votes. Instead, it manages the electronic polling books used to check in voters, to make sure people don’t vote twice. The Mueller report found that “Russian cyber actors in 2016 targeted” the company, and “installed malware on the company network.” Durham County, which had numerous problems and delays in the 2016 elections, was using the company’s check-in software at the time. The Mueller report does not go into the full extent of the hacking, and while it does say at least one Florida county was hacked, the report does not name any North Carolina successes for the hackers.Full Article: Mueller report: Did Russian government hack 2016 NC voting? | Raleigh News & Observer.
Pennsylvania: Pennsylvania is spending millions on election security, but the effort has its critics | PennLive
The release of special counsel Robert Mueller’s redacted report on Russian meddling in the 2016 presidential election brings the issue of election security back into the spotlight. Protecting the integrity of elections is of particular concern to Pennsylvania after escaping an unsuccessful hacking attempt of the statewide voter registration database by Russian operatives in 2016. With the next presidential election now just a year away, county and state election officials are scrambling to make sure they have done everything they possibly can to avoid foreign actors creating chaos when voters go to the polls to elect the nation’s chief executive. Under an order by Gov. Tom Wolf, Pennsylvania is moving to voting machines that leave a paper trail that can be audited. Other efforts include securing the voter registration data. Election officials maintain they are ferreting out potential vulnerabilities that could cast doubt on the integrity of election results and making changes to address them before next year’s primary. That’s why Acting Secretary of the Commonwealth Kathy Boockvar says with certainty, “Pennsylvania voters can be completely confident that when they vote in the presidential primary their vote will be counted accurately.” With those efforts, though, come some resistance from county officials along with concerns, particularly about the cost of new voting systems. Replacing those machines alone is expected to cost between $93 million and $150 million, depending on which system the counties choose, according to Boockvar’s department.Full Article: Pa. is spending millions on election security, but the effort has its critics - pennlive.com.
South Carolina: Tony Shaffer: New Report Highlights Urgent Need to Replace South Carolina Voting System | FITSNews
The U.S. Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) have confirmed that Russian hackers targeted all 50 states during the 2016 elections – not just the 21 states previously reported. This new information highlights the urgent need to replace South Carolina’s old, vulnerable digital touchscreen “DRE” voting machines. As a cyber operations expert with nearly forty years of national security experience, I feel the need to speak up: It’s critical to deter and mitigate these threats before the 2020 elections. South Carolina is moving in the right direction. The legislature has appropriated $40 million for a new voting system and, to ensure a smooth procurement process, given responsibility for procuring the system to the S.C. Department of Administration (SCDOA). As the department examines the available systems, it should carefully consider the efficiency, cost, and security of each system. It should also avoid the mistakes made in Georgia, where the legislature fast-tracked a bill requiring a $150 million voting system comprised of ballot-marking devices (BMDs) without considering a more secure, lower-cost system of hand-marked paper ballots. BMDs, which require voters to select their preferred candidates using a touchscreen, may be more high-tech than paper ballots but are by no means higher quality. BMDs contain vulnerable computer systems that can be hacked to change ballots after they are cast. Although BMDs print a paper record of votes cast, they often do so in barcode format, making it impossible for voters to ensure that their vote will ultimately be recorded accurately. And like any machine, BMDs are susceptible to technical glitches and power outages, increasing chances that voters will be forced to wait in long lines on election day.Full Article: Tony Shaffer: New Report Highlights Urgent Need to Replace SC Voting System – FITSNews.
Florida: Mueller report: Russians gained access to Florida county through spear phishing | Tampa Bay Times
Russian hackers gained access to at least one Florida county’s election computer network during the 2016 campaign, according to Special Counsel Robert Mueller’s report released on Thursday. Mueller’s report said the FBI concluded that the GRU, Russia’s foreign military intelligence agency, sent spear phishing emails to over 120 email accounts used by Florida county officials responsible for overseeing the 2016 election. The emails contained an attached Word document that included malicious software that gave the GRU access to the infected computer. While the hacking attempts were previously reported, the spear phishing effort’s apparent success in at least one Florida county was newly revealed on Thursday. The county was unnamed. “We understand the FBI believes that this operation enabled the GRU to gain access to the network of at least one Florida county government,” the report said. Mueller’s office “did not independently verify that belief.” Paul Lux, president of the Florida State Association of Supervisors of Elections, said he wasn’t aware that any county-level election systems were compromised in Florida. “It is not information that I am aware of,” Lux said in an interview Thursday. “To my knowledge, no counties were compromised. So, my presumption is that. I don’t know which county would have been compromised, and that’s nothing I’ve ever heard of.” The Florida Department of State said they have no knowledge of any successful hacking attempt during the 2016 election.Full Article: Mueller report: Russians gained access to Florida county through spear phishing | Tampa Bay Times.
Illinois: Mueller report confirms Russians ‘compromised’ Illinois State Board of Elections | Chicago Sun-Times
The Mueller Report confirms the Russians tried to hack the Illinois Board of Elections website in 2016. “In one instance in approximately June 2016, the GRU compromised the computer network of the Illinois State Board of Elections by exploiting a vulnerability in the SBOE’s website. The GRU then gained access to a database containing information on millions of registered Illinois voters and extracted data related to thousands of U.S. voters before the malicious activity was identified,” the report states. This was part of an effort of the Russian intelligence agency — the GRU — to determine “vulnerabilities” on websites of more than two dozen states, including Illinois. The Chicago Sun-Times reported on the hacking attempt in 2017. The hack had nothing to do with counting votes in elections in Illinois. The hackers looked at voting registration data: name, address, date of birth, gender and the last four digits in the Social Security number. In all, hackers searched through about 80,000 records, with the elections board confirming the records of just under 3,000 voters were viewed by the hackers.Full Article: Mueller report confirms Russians 'compromised' Illinois State Board of Elections | Chicago Sun-Times.
North Carolina: In wake of Mueller report, North Carolina elections officials want answers from electronic pollbook vendor | WRAL
North Carolina elections officials want to know whether an unnamed voting technology company that Robert Mueller’s report says was compromised by Russian hackers is the same firm that supplies poll book software to more than a dozen counties across the state. In a letter to VR Systems sent Thursday afternoon, State Board of Elections General Counsel Josh Lawson asked the company to provide “immediate, written assurance” about the security of its products, which came under fire two years ago when a leaked intelligence report named the company as the target of a Russian hacking attempt known as “spearphishing.” Mueller’s report, released in a redacted form Thursday morning, notes that, in August 2016, Russian intelligence officers targeted a “voting technology company that developed software used by numerous U.S. counties to manage voter rolls,” installing malicious code on the company’s network. The name of the firm is blacked out due to “personal privacy” exemptions. Lawson said, based on the leaked intelligence report and a separate 2017 federal indictment, that VR Systems was a target of the GRU, the Russian military intelligence agency.Full Article: In wake of Mueller report, NC elections officials want answers from electronic pollbook vendor :: WRAL.com.
Pennsylvania: Philadelphia elections officials won’t overturn controversial voting-machine decision | Philadelphia Inquirer
The two judges acting as Philadelphia’s elections officials won’t overturn the three-member election board’s selection of new voting machines, a setback for watchdogs and advocates who have been criticizing the choice and urging officials to start over. Instead, Common Pleas Court Judge Giovanni Campbell wrote Wednesday to City Controller Rebecca Rhynhart, he will allow the Feb. 20 voting-machine decision to stand. “I recognize that voting systems are contested issues and people feel passionately about the systems that will be used for their exercise of a core constitutional right. And I am grateful that you and others have been voicing those concerns to the Board of Elections,” Campbell wrote. “However, I do not believe the Board of Elections should overrule its prior legitimate determinations.” Advocates have for weeks implored Campbell and another judge, Vincent Furlong, to invalidate the selection, arguing among other things that it was an illegal vote and that the choice was not in voters’ best interests.Full Article: Philly elections officials won’t overturn controversial voting-machine decision.
The Minnesota Legislature shouldn’t delay up to $6.6 million in federal election cybersecurity funding to use as potential end-of-session bargaining, according to Secretary of State Steve Simon. Simon made several stops in south-central Minnesota Monday to discuss the upcoming 2020 election with local officials. The secretary of state stopped at Gustavus Adolphus College to praise students’ efforts to increase voter turnout. He also shared concerns he has with lawmakers delaying discussions on federal funding. “Every state in the country has it,” Simon said after a meeting with Blue Earth County officials. “We’re the only state that doesn’t. And it’s inexcusable.” Congress approved $380 million in additional election cybersecurity money following the 2016 elections and numerous attacks on state election systems. While 45 states automatically received funding, Minnesota — which gets $6.6 million under the updated Help America Vote Act — is one of five states that needs lawmaker approval before the Secretary of State’s Office gets that money. Simon made a $1.5 million request from lawmakers last year to free up money before the 2018 election, as Minnesota was one of 21 states targeted by foreign hackers attempting to get access to voter information during the 2016 election. That request was rolled into a $1 billion supplemental budget bill then-Gov. Mark Dayton vetoed. The DFL-controlled House passed a new bill in February allowing election officials to get all $6.6 million. Yet the GOP-controlled Senate passed a bill that only freed up Simon’s original $1.5 million request.Full Article: Simon: Federal election money shouldn't be budget bargaining chip | Local News | mankatofreepress.com.
East Texas state Sen. Bryan Hughes’ signature bill on election security won passage Monday in the Texas Senate and moves to the House of Representatives for debate. Senate Bill 9 creates a paper trail for electronic voting. It also takes aim at voter fraud that can occur when people who help disabled voters try to influence how they vote. It enhances the penalty for making a false statement on a mail ballot application from a misdemeanor to state jail felony and requires those who help voters who are not family members to sign a form documenting their role. The bill also would require people who help disabled voters cast a mail-in ballot officially certify that the voter they help is physically unable to enter a poll without risk to harm. In addition, it allows poll watchers to accompany both the voter and helper into the voting area. “The heart of the bill is that paper ballot, that paper backup,” Hughes, R-Mineola, said as he urged passage of the measure. “This is not a partisan issue. … It says if you’re going to bring someone to the polls and help them cast their ballot … then, yes. We want to know your names.” Hughes chaired a Select Committee on Election Security last summer in preparation for the legislative session that opened in January. Many of the provisions in his Senate Bill 9, he told senators, came from sworn testimony from Democrats and Republicans. The bill passed on a 19-12 vote along party lines. “For whatever reason, the national Democrats made this a lightning rod,” he said. “Election integrity is important to all of us.”Full Article: Hughes' election security bill passes in Senate | Elections | news-journal.com.
The St. Louis County Board of Elections is upgrading its voting equipment for the upcoming 2020 elections. The county has roughly 1,800 touch voting machines and 500 optical scan paper ballot tabulators that have had their fair share of wear and tear, and the software is now out of date. Eric Fey, the Democratic director of elections for the St. Louis County Board, said the last time county voters had new voting equipment was in 2005. “Although the equipment is 100% accurate, we have to replace components more often,” Fey said. “It’s very hard to get replacement parts. And then with the software, the programming of the ballot, the tabulation of the ballots is very labor intensive.” Currently, the board of elections is holding public demonstrations with three contenders including Dominion, Hart InterCivic and the county’s current vendor Election Systems & Software.Full Article: St. Louis County Board Of Elections Gearing Up For Upgrades | St. Louis Public Radio.
The chair of the City Council’s Oversight and Investigations Committee is calling for a halt to the Board of Elections’ plan to use machines supplied by a company with a spotty record for this fall’s early voting. “I’m against rigging the process in favor of a contractor with a dubious track record,” said Councilman Ritchie Torres (D-Bronx). Election Systems & Software came under fire after its ballot scanners reportedly jammed at polling places across the city in November’s elections. “There needs to be an investigation of the performance and conflicts of interest involving ES&S. There should be a competitive bidding process,” Torres said. BOE Executive Director Michael Ryan is also on the hot seat after it was revealed last year that he failed to report several posh business trips paid for by ES&S. He subsequently stepped down from an unpaid gig on the contractor’s advisory board.Full Article: Ritchie Torres calls for removal of faulty voting machines.
In January, Akron suffered a “ransomware” attack when hackers shut down the city’s 311 non-emergency phone call system just as city plows were being deployed during a snowstorm. To undo the damage, hackers gave the city a demand: A five-figure sum.Ohio lawmakers are considering legislation — Senate Bill 52 — to deal with that kind of scenario in what they say will be a quick and organized way: The legislation would create a civilian force of 50 to 100 professionals across the state who would work to prevent such attacks and respond when they happen.RELATED: Ohio looks to set up a cyber reserve to fight, prevent attacks The all-volunteer Ohio Cyber Reserve would operate under Maj. Gen. John Harris, the Ohio adjutant general who commands the Army National Guard and the Air National Guard.“There’s so much cyber talent working out there in industry, in business and quite frankly in some municipalities, but we have no way to orchestrate that or organize that,” Harris said in an interview.Full Article: Ohio considers Cyber Reserve: Dayton Business.
Pennsylvania: Philadelphia controller subpoenas city elections officials over voting machine decision | Philadelphia Inquirer
Philadelphia City Controller Rebecca Rhynhart last week subpoenaed the city’s elections officials for documents related to the controversial selection of new voting machines. Rhynhart’s subpoena is the most-pointed official effort known to date to obtain information about a voting machine selection process that critics have decried as opaque, lacking true public input, and biased. The items requested in the subpoena, dated April 1, include copies of all proposals received, the names of all committee members who scored them, and copies of those evaluations. The information was originally due by Tuesday, but the City Commissioners’ Office was granted an extension. (The new deadline was unclear Thursday; the Controller’s Office declined to comment on the subpoena.) Nick Custodio, deputy commissioner under Chairwoman Lisa Deeley, said only that the city’s Law Department “is handling everything as it relates to the request” from Rhynhart. He declined to comment further.Full Article: Voting Machine Selection Prompts Subpoena in Philadelphia.
State officials say the West Virginia Division of Motor Vehicles is losing voter registrations, but they don’t know how many and for how long. Donald Kersey, general counsel for Secretary of State Mac Warner’s office, said the DMV sends the Secretary of State’s office a daily list of voter registrations, but the secretary’s office estimate several registrations are lost per day because of technical problems at the DMV – “a systematic error,” he said. The problem, Kersey said, has been ongoing at least since the 2018 general election. During a five-day test period in January, 37 people, who were flagged as registering at the DMV, did not have their registration received by the Secretary of State. Kersey, who was previously elections director for the Secretary of State, noted that West Virginia law says the DMV should forward voter registrations to the Secretary of State’s office, which transfers it to county clerks. But he said that during early voting before the 2018 general election, dozens of people said they had registered at local DMVs to vote, but the Secretary of State’s office had no record of it.Full Article: WV Division of Motor Vehicles is losing voter registrations | State & Region | register-herald.com.
Voters could get the chance to check their electronic ballot for accuracy before turning it in under a proposed bill. HB 543, sponsored by Rep. Tony Lovasco, R-O’Fallon, would require electronic voting machines to print out a paper ballot that could be reviewed by the voter. That paper ballot would also be available to those checking ballots during recounts. The bill also works to phase out electronic voting machines that directly record results without producing some sort of physical copy. As the machines die out due to age or malfunction, the bill states that they would not be replaced. The bill would make paper ballots the “official ballot” except for those submitted by electronic machines that have not yet been replaced.Full Article: Lawmakers discuss return to paper ballots | State News | columbiamissourian.com.
Ohio: Thousands of voters given wrong polling location by Secretary of State website | Fayette Advocate
An apparent error on the Ohio Secretary of State’s website has caused thousands of voters to have the wrong polling location listed on their voter registration. According to the Pickaway County Board of Elections, “a large majority” of their county’s registered voters have been given the misinformation by the Secretary of State through the state’s official website voter registration portal. “We send a file to the Ohio Secretary of State and it appears they have addresses for several precincts incorrect,” Michele Lockard, director of the Pickaway County Board of Elections wrote in an email to a voter who inquired about the issue Thursday morning. It is unclear exactly how many voters have been impacted by the error, but Lockard said that she, herself, was also affected. It was also not made immediately clear to the Advocate if Pickaway County was the only county impacted by the error. The county has 34,339 registered voters.Full Article: Thousands of voters given wrong polling location by Secretary of State website - Fayette Advocate.