Tag Archive

Florida: DHS preparing report on 2016 Palm Beach election ransomware | David Smiley and Nicholas Nehamas/Miami Herald

Less than five weeks before Florida’s March presidential primary, the Department of Homeland Security is investigating a previously unreported cyber attack on Palm Beach County’s elections office, according to Supervisor of Elections Wendy Sartory Link. Link, who was appointed last year by the governor to oversee the county’s beleaguered elections department, said she contacted the FBI in November after a veteran IT employee told her that the office had been infected by a ransomware virus only a few weeks prior to the 2016 election. The virus was not publicly disclosed in 2016. Link said the FBI referred her to DHS, which sent a team of a half-dozen employees to her office late last month to do a “deep dive” into her department’s network. She said a report of their findings and recommendations is expected shortly. “We’ve had the top experts in the country here and they spent a lot of time with our system. When we get the report, we’ll be able to take care of everything we can take care of,” Link said in an interview Thursday. “I wanted this done before March if at all possible.”

Full Article: DHS preparing report on 2016 Palm Beach election ransomware | Miami Herald.

National: After GAO critique, DHS releases 2020 election security plan | Dean DeChiaro/Roll Call

The government’s top cybersecurity agency will focus on four key objectives to secure this year’s elections from hacking and other interference: protecting election infrastructure, assisting political campaigns, increasing public awareness about foreign intrusion, and facilitating the flow of information on vulnerabilities and potential threats between the public and private sectors. That’s according to the Cybersecurity and Infrastructure Security Agency’s #Protect2020 Strategic Plan, issued by the Homeland Security Department on Friday. The blueprint follows a Government Accountability Office report that said the agency would struggle to execute a nationwide strategy without a finalized agenda. The strategic plan describes the agency’s plans to work with federal law enforcement and state and local election officials on a “whole-of-nation effort” to defend electoral systems. “If we learned anything through 2016 and the Russian interference with our elections, it’s [that] no single organization, no single state, no locality can go at this problem alone,” CISA Director Christopher Krebs said in the report.

Full Article: After GAO critique, DHS releases 2020 election security plan - Roll Call.

National: DHS creates ‘tabletop in a box’ for local election security drills | Benjamin Freed/StateScoop

For the past few years, the Department of Homeland Security has convened exercises for state election officials to test how they’d respond to a cyberattack against voting systems. At a National Association of Secretaries of State meeting in Washington last weekend, a DHS official introduced a new product that could make it easier for local officials to run those exercises. The tabletop exercises, as the events are known, are designed to give secretaries of state, election directors, IT leaders and other officials a war game-like environment simulating the threats posed by foreign governments and other adversaries that might try to disrupt a real election. And while the exercises have included representatives of some local governments, one of the biggest challenges statewide election officials say they have is making sure new cybersecurity tools and procedures trickle down to even the smallest, most resource-strapped jurisdictions involved in the democratic process. The Cybersecurity and Infrastructure Security Agency on Friday published its “Elections Cyber Tabletop Exercise Package,” a 58-page guide for state and local officials to hold their own drills simulating ransomware, data breaches, disinformation campaigns and attempts to corrupt voting equipment. Matt Masterson, a senior adviser at CISA, described the document as a “tabletop in a box.”

Full Article: DHS creates 'tabletop in a box' for local election security drills.

Iowa: DHS chief says offer to vet Iowa caucus app was declined | Maggie Miller/The Hill

Acting Homeland Security Secretary Chad Wolf said Tuesday that an offer to vet the app used by the Iowa Democratic Party to tabulate votes during the Iowa caucuses was turned down. “Our Cybersecurity and Infrastructure Security Agency has offered to test that app from a hacking perspective,” Wolf said during an appearance on Fox News’s “Fox & Friends.” Wolf said the offer was “declined” and noted that “we’re seeing a couple of issues with it.” “I would say right now, we don’t see any malicious cyber activity going on,” he added. The Iowa Democratic Party said Tuesday morning that the app used to tabulate votes as part of the first-in-the-nation caucuses, which CNN confirmed was built by the firm Shadow, had a “coding issue in the reporting system” that slowed down the reporting of vote totals.

Full Article: DHS chief says offer to vet Iowa caucus app was declined | TheHill.

North Carolina: Election probe finds security flaws in key North Carolina county but no signs of Russian hacking | Kim Zetter/Politico

long-awaited report this week from the Department of Homeland Security found security problems with the computer systems that a North Carolina county used to handle voter data during the 2016 election — but no evidence that Russian hackers had breached them. Still, the review is unlikely to totally resolve questions surrounding the county’s use of software provided by the Florida company VR Systems, which — as POLITICO reported last week — have added to broader doubts about the security of election technology that Americans will use at the polls in 2020. Experts contacted by POLITICO said the new DHS analysis has its share of holes — for instance, failing to examine all the computer systems the Russians could have targeted. And they noted that officials in Durham County, N.C., had waited until about a week after Election Day to preserve some potentially important evidence. “I think [the investigation is] incomplete,” says Jake Williams a former NSA hacker who is founder of the security firm Rendition Infosec and trains forensic analysts. “It’s the best investigation that can be conducted under the circumstances. We can’t investigate what we don’t have, [and] a lot of the crucial evidence is missing.” Among other security issues, the heavily redacted DHS report indicates that someone had used a “high value” desktop computer handling Durham County’s voter-registration data to access a personal Gmail account on Election Day. The report provides a lengthy list of suggestions — all blacked out — for how the county can improve the security of its election infrastructure.

Full Article: Election probe finds security flaws in key North Carolina county but no signs of Russian hacking - POLITICO.

North Carolina: Federal review finds no evidence hacking caused 2016 Durham County election problems | Travis Fain/WRAL

A U.S. Department of Homeland Security review found no evidence that hacking caused the 2016 election problems that forced Durham County to shut down electronic poll books on election day, the State Board of Elections said Monday in a joint statement with Durham’s board of elections. The report, months in the making, is “compelling evidence that there were no cyberattacks impacting the 2016 election in Durham,” Durham County Board of Elections Chairman Philip Lehman said in the joint statement. The state released a heavily redacted version of the 12-page report late Monday afternoon. In it, federal cyber security experts say they “did not conclusively identify any threat actor activity,” but that aspects of the state’s election security could be improved. Most of these recommendations are redacted for security reasons, but Lehman said in his statement that the county has already “implemented additional training, security measures and staffing changes” since 2016. State elections director Karen Brinson Bell said the state is working with county boards and the federal government “to improve security at every step in the voting process.”

Full Article: Federal review finds no evidence hacking caused 2016 Durham election problems :: WRAL.com.

North Carolina: No evidence of cyber attack in Durham County 2016 election, acordind to DHS | Will Doran/Raleigh News & Observer

There’s no evidence that the 2016 Election Day problems in Durham were the result of cyber hackers, according to the federal government. Special Counsel Robert Mueller’s report on Russian election interference said a company — whose description closely matched the company that provided voter check-in software for Durham and other North Carolina counties in 2016 — was targeted by hackers. And Durham experienced widely reported issues with that check-in software during the 2016 elections. State officials have long said they believed the problems were just due to human error, however, and not anything malicious like foreign hackers. But after the Mueller report’s findings on election interference became public earlier this year, officials at the Department of Homeland Security agreed to look into the Durham situation. On Monday, putting an end to their months-long investigation, they announced they had found nothing to indicate a cyber attack. Phillip Lehman, chairman of the Durham County Board of Elections, called the report “compelling evidence that there were no cyberattacks impacting the 2016 election in Durham.” “As we have acknowledged, there was human error in the preparation of electronic poll books,” Lehman said in a news release announcing the investigation’s findings. “Since that time, the Durham County Board of Elections has implemented additional training, security measures and staffing changes. Elections in 2017, 2018 and 2019 were conducted efficiently and accurately with no significant incidents.”

Full Article: Election hacking evidence not found in NC: US investigation | Raleigh News & Observer.

National: Top U.S. Cybersecurity Officials to Depart as Election Season Enters Full Swing | Byron Tau and Dustin Volz/Wall Street Journal

Two top government officials with broad cybersecurity and election-integrity portfolios have announced they are stepping down this month, a loss of expertise in a critical area less than a year before the 2020 presidential election. Amy Hess, the executive assistant director of the Criminal, Cyber, Response, and Services Branch of the Federal Bureau of Investigation will depart for a job as the chief of public services in Louisville, Ky. Jeanette Manfra, the most senior official dedicated exclusively to cybersecurity at the Department of Homeland Security, will leave her post at year’s end for a job in the private sector. Both women have announced their departure in recent weeks. Senior U.S. intelligence officials have warned the elections are likely to be targeted online by Russia and other foreign adversaries following Moscow’s success in disrupting the 2016 race. The FBI and DHS are two of the primary agencies responsible for combating foreign influence operations online, along with intelligence agencies including the National Security Agency. The FBI established a Foreign Influence Task Force in 2017 and has made investments to deepen its cybersecurity capabilities. DHS is the lead federal partner for state and local election officials with a focus on safeguarding voting systems from hackers.

Full Article: Top U.S. Cybersecurity Officials to Depart as Election Season Enters Full Swing - WSJ.

National: Just How Regulated Are Our Nation’s Elections? | Hadley Hitson/Fortune

The U.S. federal government subjects nearly every industry to a slew of operational rules and regulations. Defense contractors are prohibited from utilizing certain Chinese telecommunications companies like Huawei in order to prevent theft of the nation’s military technology. Power companies must abide by mandatory reliability standards and report any attempted or successful breaches of their systems to a federal commission. National banks implement federally required security procedures to prevent robberies. These sectors are meticulously managed with hundreds of requirements specifically because the Department of Homeland Security considers them so vital that their incapacitation would have a “debilitating effect” on the country as a whole.  But when it comes to elections, a cornerstone of American democracy, the vendors whose voting equipment is used throughout the country largely lack the level of federal oversight and direction that protect other critical infrastructure industries from domestic and foreign interference.

Full Article: How Regulated and Secure Is Voting in U.S. Elections? | Fortune.

National: DHS cyber agency invests in election auditing tool to secure 2020 elections | Maggie Miller/The Hill

The Department of Homeland Security’s (DHS) cybersecurity agency announced Thursday it would partner with election officials and private sector groups to develop an election auditing tool that can be used to help ensure the accuracy of votes in 2020. DHS’s Cybersecurity and Infrastructure Security Agency (CISA) is partnering with non-profit group VotingWorks on an open-source software tool known as Arlo, which is provided to state and local election officials for free. According to CISA, Arlo conducts an audit of votes by selecting how many ballots and which ballots to audit and comparing the audited votes to the original count. The tool has already been used to conduct post-election audits across the country, including during the recent 2019 elections. Election officials in Pennsylvania, Michigan, Virginia, Ohio and Georgia have signed on to partner with CISA on Arlo, with more officials expected to join.

Full Article: DHS cyber agency invests in election auditing tool to secure 2020 elections | TheHill.

National: Senior DHS cyber official Jeanette Manfra to step down | Sean Lyngaas/CyberScoop

Jeanette Manfra, a senior cybersecurity official at the Department of Homeland Security, plans to step down from her position, according to multiple sources familiar with the matter. DHS officials are preparing an internal announcement about Manfra’s departure that could come as soon as this week, two sources told CyberScoop. Manfra has been a key liaison for the agency, speaking about cyberthreats to U.S. supply chains, election infrastructure, and industrial control systems to both the private sector and Congress. She has also represented DHS at top cybersecurity conferences like RSA and DEF CON. Over the course of her tenure, Manfra took on increasingly senior and cybersecurity-focused roles, culminating in her becoming assistant director at DHS’s Cybersecurity and Infrastructure Security Agency (CISA) last year. In a speech last year, she likened supply-chain vulnerabilities to a “digital public health crisis.” It was not immediately clear who would replace her. One source told CyberScoop that officials had a replacement in mind, but declined to say who that was.

Full Article: Senior DHS cyber official Jeanette Manfra to step down.

National: Senate Democrats urge DHS to fund cyber threat information-sharing programs | Maggie Miller/The Hill

A group of three Senate Democrats is urging the Department of Homeland Security’s (DHS) cyber agency to help fund cybersecurity threat information-sharing centers involved in election security efforts. In a letter sent on Monday to Christopher Krebs, the director of DHS’s Cybersecurity and Infrastructure Security Agency, Senate Minority Leader Charles Schumer (D-N.Y.), and Sens. Maggie Hassan (D-N.H.) and Gary Peters (D-Mich.) expressed concerns around the funding level for two information-sharing groups. Specifically, the senators noted that DHS’s proposed fiscal 2020 budget covers only around 70 percent of the estimated $15 million it would take for the Center for Internet Security to run both the Multi-State Information Sharing and Analysis Center (MS-ISAC) and the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC).

Full Article: Senate Democrats urge DHS to fund cyber threat information-sharing programs | TheHill.

National: Election security drill pits red-team hackers against DHS, FBI and police | Sean Lyngaas/CyberScoop

A year from the 2020 election, sophisticated exercises to help secure the vote are kicking into high gear. On Tuesday, executives from the Boston-based firm Cybereason will conduct a tabletop exercise testing the resolve of officials from the Department of Homeland Security, FBI, and the police department of Arlington County, Virginia, among other organizations. The fictional scenario will involve attackers from an unnamed foreign adversary laying siege to a key city in a U.S. swing state. Hacking, physical attacks and disinformation via social media will be on the table as the attackers seek to flip the vote to their preferred candidate — or sow enough doubt among voters to undermine the result. One of the objectives of the red team — technical specialists from Cybereason and other private organizations — is voter suppression. That is exactly what Russian operatives aimed to achieve in 2016 and what, according to U.S. officials, they could strive for again in 2020. What participants learn from Tuesday’s event can be worked into future election-security drills, which will only grow more frequent as the 2020 vote approaches.

Full Article: Election security drill pits red-team hackers against DHS, FBI and police.

National: Cyber firm sows chaos in election hack simulation | Derek B. Johnson/FCW

The fictional City of Adversaria was ground zero for an Election Day security training exercise pitting law enforcement officials attempting to maintain order during an election against “K-OS,” a mysterious cyber group aiming to disrupt and undermine voter confidence. The simulated battle was part of Operation Blackout, a tabletop exercise hosted by Cybereason Nov. 5 to test how federal officials might react to a dedicated attack on election day. The company invited officials from real federal agencies like FBI and the Department of Homeland Security to sit in on both the “Blue” team representing law enforcement and “Red” team representing K-OS, to learn how to better protect election infrastructure. Ari Schwartz, former senior director of cybersecurity at the National Security Council under President Barack Obama, helped adjudicate the exercise and told FCW afterwards that in a real election, much of the planning by defenders would be gamed out in the weeks and months leading up to election day, but that unforeseen attack vectors are always out there and can throw a wrench into the gears of the best laid plans.

Full Article: Cyber firm sows chaos in election hack simulation -- FCW.

National: Administration officials say election security is a ‘top priority’ ahead of 2020 | Tal Axelrod/The Hill

Several administration officials Tuesday released a joint statement assuring the public that they are prioritizing election security less than a year away from the 2020 presidential race. Attorney General William Barr, Secretary of Defense Mark Esper, outgoing acting Secretary of Homeland Security Kevin McAleenan, acting director of national intelligence Joseph Maguire, FBI Director Christopher Wray and others said they have increased the level of federal support to state and local election officials and are prioritizing the sharing of threat intelligence to improve election security. “In an unprecedented level of coordination, the U.S. government is working with all 50 states and U.S. territories, local officials, and private sector partners to identify threats, broadly share information, and protect the democratic process. We remain firm in our commitment to quickly share timely and actionable information, provide support and services, and to defend against any threats to our democracy,” they said in a joint statement.

Full Article: Administration officials say election security is a 'top priority' ahead of 2020 | TheHill.

National: Feds and police are war-gaming all the ways an election can be hacked | Joseph Marks/The Washington Post

As voters head to the polls today in Virginia’s odd-year contest, federal officials and local police are war-gaming how adversaries could disrupt next year’s contest without hacking any election systems at all. Officials from the FBI, Department of Homeland Security and U.S. Secret Service are working with cops in Arlington to game out how to respond if hackers from Russia or elsewhere in 2020 disrupt electricity at polling places, shut down streetlights, or hijack radio and TV stations to suppress voter turnout and raise doubts about election results. They’ll also test how to respond if adversaries launch social media campaigns to incite fights at polling places — or to spread rumors about riots or violence that deter people from going out to vote. Cybersecurity experts and academics will play the mock hackers, lobbing new challenges at officials throughout the day. The exercise underscores how hackers could destroy public faith in an election’s outcome without changing any votes. And that’s particularly concerning because many of these potential targets are far more vulnerable than voting machines. “If you can prevent people from getting to the polls … if you can effectively disenfranchise certain segments of the population, that’s far more disruptive to the republic than taking out a few voting machines,” Sam Curry, chief security officer at Cybereason, the company organizing the war game, told me.

Full Article: The Cybersecurity 202: Feds and police are war-gaming all the ways an election can be hacked - The Washington Post.

National: Former Homeland Security secretaries call for action to address cybersecurity threats | Maggie Miller/TheHill

Three former secretaries of the Department of Homeland Security (DHS) on Monday testified that cybersecurity threats to elections and other critical infrastructure are major issues that could impact the security of the nation. Former DHS Secretaries Michael Chertoff, Janet Napolitano and Jeh Johnson all discussed the severity of cyber threats to the U.S. while testifying in New York City during a field hearing at the National September 11 Memorial Museum held by the Senate Homeland Security and Governmental Affairs Committee. Napolitano, who served as secretary under former President Obama from 2009 through 2013, listed cybersecurity as one of the top three threats DHS “can and must confront,” pointing to vulnerabilities in election infrastructure, utility grids and other critical infrastructure as putting the country at risk.  “Our adversaries and international criminal organizations have become more determined and more brazen in their efforts to attack us and to steal from us,” Napolitano said. “We need a whole of government and a whole of public and private sector response to this threat, and it needs to happen immediately.

Full Article: Former Homeland Security secretaries call for action to address cybersecurity threats | TheHill.

New Jersey: New Jersey and Homeland Security are teaming up to spot potential election security risks | Dustin Racioppi/NorthJersey.com

State and federal officials plan a daylong series of exercises Tuesday to assess New Jersey’s election security and spot potential weaknesses ahead of voting in November. New Jersey’s Division of Elections is partnering with the U.S. Office of Homeland Security to conduct what is known as the Election Security Tabletop Exercise. The two offices routinely work together on election security, but the event planned for Tuesday is the first of its kind in New Jersey, officials said, bringing together representatives from all of the state’s 21 counties as well as those from 13 other states. In addition, former Homeland Security Secretary Jeh Johnson and current U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency Director Christopher Krebs will address the hundreds of people expected to attend, according to an advisory detailing the event.

Full Article: NJ election officials to be trained to spot election security risks.

National: Distrust, Staffing and Funding Shortages Imperil Election Security | Courtney Bublé/Government Executive

pecial Counsel Robert Mueller was emphatic when he testified before the House Intelligence Committee on July 24 about Russian interference in the 2016 election: “It wasn’t a single attempt. They’re doing it as we sit here, and they expect to do it during the next campaign.” In an earlier, less partisan era, Mueller’s warning likely would have galvanized lawmakers and propelled them to action to ensure the security and integrity of American elections. While federal agencies have taken critical steps to improve security around U.S. elections since 2016, those efforts have been hampered by inadequate funding; staffing problems; mixed messages from Congress and the administration; and, not insignificantly, by Constitutional questions—states and localities hold primary authority for administering elections, and some Republicans worry about the federal government usurping state powers in the name of security. But the special counsel’s warning had no such galvanizing effect. Hours after Mueller testified in the House, Sen. Cindy Hyde-Smith, R-Miss., blocked, without giving a reason, election security bills in the Senate, one of which would have required campaigns to alert the FBI and the Federal Election Commission about election assistance offers from foreign countries. The next day, Senate Majority Leader Mitch McConnell, R-Ky., denied the Democrats’ request for a vote on the House-passed Securing America’s Federal Elections Act, which would have authorized $775 million to bolster state election systems and required paper ballots as a guard against vote tampering. McConnell said the legislation, which passed the House with just a single Republican vote, would nationalize election authorities that “properly belong to the states.”  While few things are more fundamental to democracy than the integrity of the election system, finding a bipartisan consensus for ensuring that integrity has been elusive, and as a result, agencies’s efforts are far less effective than they could be otherwise.

Full Article: Distrust, Staffing and Funding Shortages Imperil Election Security - Government Executive.

National: DHS cyber agency to prioritize election security, Chinese threats | Maggie Miller/The Hill

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) plans to prioritize election security, cybersecurity at federal agencies, and the “persistent threat” posed by China, among its many goals. The agency laid out its key priorities in a new “strategic intent” document released on Thursday, which CISA Director Christopher Krebs described in the introduction as the “keystone” for the agency. Among Krebs’s operational priorities is addressing Chinese threats to U.S. supply chains and to the rollout of 5G networks, bolstering election security efforts at the state and local level, and protecting the cybersecurity of industrial control systems. Other priorities are protecting federal networks against cyber attacks, such as ransomware incidents that have increasingly spread across the country, and defending “soft targets” and crowded venues from physical threats. CISA is the primary agency responsible for assisting state and local governments with securing elections, replacing the former National Protection and Programs Directorate in a law that took effect last year.

Full Article: DHS cyber agency to prioritize election security, Chinese threats | TheHill.