Trump fires Christopher Krebs, top DHS official who refuted his claims that the election was rigged | Ellen Nakashima and Nick Miroff/The Washington Post

President Trump on Tuesday fired a top Department of Homeland Security official who led the agency’s efforts to help secure the election and was vocal about tamping down unfounded claims of ballot fraud. In a tweet, Trump fired Christopher Krebs, who headed the Cybersecurity and Infrastructure Security Agency (CISA) at DHS and led successful efforts to help state and local election offices protect their systems and to rebut misinformation. Earlier Tuesday, Krebs in a tweet refuted allegations that election systems were manipulated, saying that “59 election security experts all agree, ‘in every case of which we are aware, these claims either have been unsubstantiated or are technically incoherent.’ ” Krebs’s statement amounted to a debunking of Trump’s central claim that the November election was stolen. Trump, who has not conceded the election to President-elect Joe Biden, said on Twitter: “The recent statement by Chris Krebs on the security of the 2020 Election was highly inaccurate, in that there were massive improprieties and fraud — including dead people voting, Poll Watchers not allowed into polling locations, ‘glitches’ in the voting machines which changed votes from Trump to Biden, late voting, and many more. Therefore, effective immediately, Chris Krebs has been terminated as Director of the Cybersecurity and Infrastructure Security Agency.” Late Tuesday, following Trump’s tweet, acting DHS secretary Chad Wolf called Krebs’s deputy, Matthew Travis, to inform him that the White House had overruled CISA’s succession plan that named him acting director, essentially forcing him to resign, Travis said.

Full Article: Trump fires top DHS official who refuted his claims that the election was rigged – The Washington Post

Top official on U.S. election cybersecurity tells associates he expects to be fired | Christopher Bing, Joseph Menn, and Raphael Satter/Reuters

Top U.S. cybersecurity official Christopher Krebs, who worked on protecting the election from hackers but drew the ire of the Trump White House over efforts to debunk disinformation, has told associates he expects to be fired, three sources familiar with the matter told Reuters. Krebs, who heads the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), did not return messages seeking comment. CISA and the White House declined comment. Separately, Bryan Ware, assistant director for cybersecurity at CISA, confirmed to Reuters that he had handed in his resignation on Thursday. Ware did not provide details, but a U.S. official familiar with his matter said the White House asked for Ware’s resignation earlier this week. The departure is part of the churn in the administration since Republican President Donald Trump was defeated by Democrat Joe Biden in last week’s election, raising concerns about the transition to the president-elect who would take office on Jan. 20. Trump, who has yet to concede and has repeatedly made unsubstantiated claims of electoral fraud, fired Defense Secretary Mark Esper and has installed loyalists in top positions at the Pentagon. Krebs has drawn praise from both Democrats and Republicans for his handling of the election, which generally ran smoothly despite persistent fears that foreign hackers might try to undermine the vote.

Full Article: Exclusive: Top official on U.S. election cybersecurity tells associates he expects to be fired | Reuters

National: ‘No bar’ to what election officials shared on Election Day, DHS says | Benjamin Freed/CyberScoop

As voting culminated Tuesday and vote-counting continued into Wednesday, Department of Homeland Security officials said that a virtual “situational awareness room” where federal, state and local officials shared intelligence about cyber activity and other potential disruptions with each other was largely successful as an information-sharing space on Election Day. Over the course of Tuesday, the room — operated by the federally funded Election Infrastructure Information Sharing and Analysis Center — saw participation from about 500 election and voter-protection officials, IT staff, vendors and representatives from social media companies and political parties. And while DHS officials repeatedly described the cyber activity observed on Election Day as “another Tuesday on the internet,” there was a flutter of activity inside the virtual war room. “The engagement was great,” a senior official with the Cybersecurity and Infrastructure Security Agency said about 11:30 p.m. Tuesday night. “A lot of sharing around scanning, sharing of IPs, sharing of emails. That’s what we wanted. There’s no bar to what we share.”

Full Article: ‘No bar’ to what election officials shared on Election Day, DHS says

National: DHS plans largest-ever operation to secure U.S. election against hacking | Joseph Marks/The Washington Post

The Department of Homeland Security’s cybersecurity division is mounting the largest operation to secure a U.S. election, aiming to prevent a repeat of Russia’s 2016 interference and to ward off new threats posed by Iran and China. On Election Day, DHS’s Cybersecurity and Infrastructure Security Agency will launch a 24/7 virtual war room, to which election officials across the nation can dial in at any time to share notes about suspicious activity and work together to respond. The agency will also pass along classified information from intelligence agencies about efforts they detect from adversaries seeking to undermine the election and advise states on how to protect against such attacks. “I anticipate possibly thousands of local election officials coming in to share information in real time, to coordinate, to track down what’s real and what’s not, separate fact from fiction on the ground,” said Matt Masterson, CISA’s senior cybersecurity adviser, who has helped lead election preparations. “We’ll be able to sort through what’s happening and identify: Is this a typical election event or is this something larger?” The operation will run for days or weeks until winners are clear in most races — and potentially until the election is formally certified in December. “We’ll remain stood up until the [election] community tells us, ‘Okay, we’re good, you can stand down,’ ” Masterson said. The wide-ranging operation is the culmination of four years during which CISA has grown from a backwater agency that was largely unknown outside Washington to the main federal government liaison to a nationwide ecosystem of officials running the elections.

Full Article: DHS plans largest-ever operation to secure U.S. election against hacking – The Washington Post

National: U.S. Homeland Security agency faulted for election planning around potential violence | Raphael Satter and Christopher Bing/Reuters

The U.S. Department of Homeland Security’s watchdog body said on Tuesday that officials at its Cybersecurity and Infrastructure Security Agency had not adequately planned for potential violence at polling places and vote counting stations. The watchdog’s report, issued with a week to go before the Nov. 3, comes as the threat of violence has crept up the national agenda. Recent Reuters reporting has highlighted how everyone from retailers (here to social media companies here) has begun making contingency plans should the election turn chaotic or violent. The shift in attention comes after years of election-related anxiety revolving around the integrity of vote tallying machines and electronic poll books or the threat of foreign disinformation carried by social media. The DHS Office of the Inspector General noted that the department’s Cybersecurity and Infrastructure Security Agency – the DHS arm generally responsible for protecting U.S. infrastructure from digital and physical threats – offers an array of cybersecurity support to state and local governments.

Full Article: U.S. Homeland Security agency faulted for election planning around potential violence | Reuters

National: DHS Looks to Expand Tracking of Election Interference Through Social Media | Brandi Vincent/Nextgov

The Homeland Security Department intends to tap into custom-created algorithms, analytics and commercially-offered services to trace and capture deliberate efforts by foreign state and non-state actors to sway Americans’ views via social media leading up to the 2020 election. Four months before voters head to the polls, the agency—through its Office of Intelligence and Analysis Cyber Mission Center—released a solicitation asking contractors to speedily weigh in on services they can provide to collect and analyze potential foreign influence using online posts, and ultimately produce social media-centered intelligence products to enhance election security. “Currently, there is a significant amount of foreign influence activity targeting U.S. 2020 elections on social media platforms, and the [intelligence community’s] lack of capability and resources in this area result in this activity being left largely untracked. Agencies with the requisite expertise and tradecraft to do this work are building the capability but those efforts will not be operational in time to help defend the 2020 general election,” officials wrote in a request for quotations published Tuesday evening. “An urgent and compelling need exists to build the capacity to detect and mitigate foreign influence operations conducted against the U.S. using social media in time for the 2020 U.S. elections.”

National: Internet-based voting is the new front in the election security wars | Joseph Marks/The Washington Post

Voting systems that rely on the Internet are fast becoming a major conflict zone in the battle to secure the 2020 election against hacking. The development comes as states are scrambling to revamp their voting procedures to respond to the novel coronavirus pandemic. In some cases that means allowing digital voting to play a more prominent role, despite persistent warnings from experts that it’s highly insecure and often unverifiable. The Department of Homeland Security, the FBI and the Election Assistance Commission jumped into the fray on Friday, sending guidance to states warning about the major security challenges posed by all voting systems that use the Internet in some way. The guidance covers ballots sent digitally to voters; ballots sent and marked online but printed out and returned by physical mail; and ballots that are received and returned entirely digitally. The agencies warned about dangers related to all three systems but especially the third, which they say poses “significant security risks.” Among those risks: Hackers could change large numbers of votes, block votes from being recorded or undermine ballot secrecy.

National: DHS memo: ‘Significant’ security risks presented by online voting | Sean Lyngaas/CyberScoop

The Department of Homeland Security has told election officials and voting vendors that internet-connected voting is risky to the point that ballots returned online “could be manipulated at scale” by a malicious attacker. The advisory that DHS’s Cybersecurity and Infrastructure Security Agency sent states on Fri ay is perhaps the federal government’s sternest warning yet against online voting. It comes as officials weigh their options for conducting elections during a pandemic and as digital voting vendors see an opportunity to hawk their products. While the risk of election officials delivering ballots to voters via the internet can be managed, the return of those ballots by voters “faces significant security risks to the confidentiality, integrity, and availability of voted ballots,” CISA said in the guidance, which CyberScoop reviewed. “These risks can ultimately affect the tabulation and results and, can occur at scale.” The guidance, which is marked “For Official Use Only” and is not public, cites a theoretical “man-in-the-middle” attack, in which a hacker intercepts and alters data, as one risk to voters who return ballots electronically. Other federal agencies involved in election security — the Election Assistance Commission, the FBI, and the National Institute of Standards and Technology — signed off on the document.

National: Coronavirus has upended election security training with just months before November | Joseph Marks/The Washington Post

Russian hackers could target election officials working from home. Adversaries could spread rumors about coronavirus outbreaks at polling sites to deter people from showing up on Election Day. Or they could launch disinformation campaigns claiming elections have been delayed or canceled entirely because of the virus. Those are just some of the new scenarios the University of Southern California’s Election Security Initiative is tackling as it races to conduct virtual training programs for campaign and election officials across all 50 states before November. The big takeaway: Every aspect of securing elections is now far harder than they ever imagined. The array of challenges officials are facing now make the pre-pandemic concerns about Russian hacking seem simple by comparison. “Security concerns now are more urgent in almost all cases because the virus has really exacerbated security issues,” the initiative’s executive director Adam Clayton Powell III told me. “It’s not an abstraction. It’s very real for people that they’ll have to do this work in a more urgent climate than they anticipated.”  USC launched its initiative early this year with a laser focus on helping to combat interference from Russia and other U.S. adversaries.  The group, which received most of its funding from Google, planned to hold in-person trainings across the country and to help officials who attended link up with experts at local universities who could help them prepare for cyberattacks, disinformation campaigns and related threats. But, like everything else about the election landscape, that plan was upended by the pandemic.

National: DHS, FBI: Russia could try to covertly advise candidates in 2020 | Eric Tucker/Associated Press

The Department of Homeland Security and FBI warned states earlier this year that Russia could look to interfere in the 2020 U.S. elections by covertly advising political candidates and campaigns, according to a law enforcement memo obtained by The Associated Press. The Feb. 3 document details tactics U.S. officials believe Russia could use to interfere in this year’s elections, including secretly advising candidates and campaigns. It says that though officials “have not previously observed Russia attempt this action against the United States,” political strategists working for a business mogul close to President Vladimir Putin have been involved in political campaigning in numerous African countries. The memo underscores how Trump administration officials are continuing to sound alarms about the prospect of future Russian interference in American politics even as President Donald Trump has sought to downplay the Kremlin’s involvement in his 2016 win over Democrat Hillary Clinton. Because it was prepared before the coronavirus outbreak, the memo does not reflect how the pandemic might affect the tactics Russia might use to interfere with the election.

National: Top DHS official says no ‘malicious cyber activity’ seen on Super Tuesday | Maggie Miller/The Hill

A senior official at the Department of Homeland Security’s (DHS) cyber agency said Tuesday night that they had not seen any “malicious cyber activity” aimed at disrupting elections during primary voting in 14 states. “We don’t have any reports of any malicious cyber activity across the states today,” the senior official at the Cybersecurity and Infrastructure Security Agency (CISA) told reporters. The official noted that while there were some “sporadic” information technology (IT) issues, all the election systems were able to get “back up and running” with no issues due to targeting by hackers. One IT incident the official pointed to was in California, where the secretary of state’s website was briefly brought down by what the office tweeted was “higher than normal traffic” and not hacking activity.

National: DHS Rolls Out ‘Tabletop in a Box’ Election Cybersecurity Tool | Phil Goldstein/StateTech Magazine

With the 2020 election primary season fully underway, state and local election officials are ramping up their cybersecurity efforts to counter malicious threats. They are also getting support from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. Several weeks ago, CISA released a 58-page guide, its “Elections Cyber Tabletop Exercise Package,” which it calls a “tabletop in a box.” The guide is designed to allow state and local officials to conduct election security drills simulating phishing and ransomware attacks, corrupted voter registration information, disinformation campaigns and attacks on voting equipment. As StateScoop reports, such tabletop exercises, “are designed to give secretaries of state, election directors, IT leaders and other officials a war game-like environment simulating the threats posed by foreign governments and other adversaries that might try to disrupt a real election.” Tabletop exercises can be used to “enhance general awareness, validate plans and procedures, rehearse concepts, and/or assess the types of systems needed to guide the prevention of, protection from, mitigation of, response to, and recovery from a defined incident,” the guide states.

National: Ransomware top of mind for DHS cyber chief | Derek B. Johnson/FCW

The Department of Homeland Security’s cyber chief said his organization is trying to do more to address ransomware and other digital threats that directly touch the lives of citizens. Speaking at the RSA Conference in San Francisco, Cybersecurity and Infrastructure Security Agency Director Christopher Krebs said his agency has stepped up efforts to proactively reach out to federal agencies, local governments, businesses and critical infrastructure managers about how to prepare and what to do if their data is encrypted and held ransom by criminals or state-aligned hacking groups. “For years and years and years, particularly in the federal government, we’ve been focused on the nation-state adversary, the highly capable, the big four: Russia, China, Iran [and] North Korea,” he said. “I think we’ve been a little bit late to the game on ransomware,” he said, adding, it’s what average Americans see “in their schools, their hospitals and their municipal agencies.” Krebs described CISA’s role as that of a middleman uniquely positioned to canvass all the major stakeholders in the cybersecurity ecosystem and “facilitate a knowledge transfer from the haves to the have-nots.” CISA can leverage the collective financial and human capital resources of the big fish — like major banks — and push that knowledge and awareness down the chain to the broader cybersecurity ecosystem.

Florida: DHS preparing report on 2016 Palm Beach election ransomware | David Smiley and Nicholas Nehamas/Miami Herald

Less than five weeks before Florida’s March presidential primary, the Department of Homeland Security is investigating a previously unreported cyber attack on Palm Beach County’s elections office, according to Supervisor of Elections Wendy Sartory Link. Link, who was appointed last year by the governor to oversee the county’s beleaguered elections department, said she contacted the FBI in November after a veteran IT employee told her that the office had been infected by a ransomware virus only a few weeks prior to the 2016 election. The virus was not publicly disclosed in 2016. Link said the FBI referred her to DHS, which sent a team of a half-dozen employees to her office late last month to do a “deep dive” into her department’s network. She said a report of their findings and recommendations is expected shortly. “We’ve had the top experts in the country here and they spent a lot of time with our system. When we get the report, we’ll be able to take care of everything we can take care of,” Link said in an interview Thursday. “I wanted this done before March if at all possible.”

National: After GAO critique, DHS releases 2020 election security plan | Dean DeChiaro/Roll Call

The government’s top cybersecurity agency will focus on four key objectives to secure this year’s elections from hacking and other interference: protecting election infrastructure, assisting political campaigns, increasing public awareness about foreign intrusion, and facilitating the flow of information on vulnerabilities and potential threats between the public and private sectors. That’s according to the Cybersecurity and Infrastructure Security Agency’s #Protect2020 Strategic Plan, issued by the Homeland Security Department on Friday. The blueprint follows a Government Accountability Office report that said the agency would struggle to execute a nationwide strategy without a finalized agenda. The strategic plan describes the agency’s plans to work with federal law enforcement and state and local election officials on a “whole-of-nation effort” to defend electoral systems. “If we learned anything through 2016 and the Russian interference with our elections, it’s [that] no single organization, no single state, no locality can go at this problem alone,” CISA Director Christopher Krebs said in the report.

National: DHS creates ‘tabletop in a box’ for local election security drills | Benjamin Freed/StateScoop

For the past few years, the Department of Homeland Security has convened exercises for state election officials to test how they’d respond to a cyberattack against voting systems. At a National Association of Secretaries of State meeting in Washington last weekend, a DHS official introduced a new product that could make it easier for local officials to run those exercises. The tabletop exercises, as the events are known, are designed to give secretaries of state, election directors, IT leaders and other officials a war game-like environment simulating the threats posed by foreign governments and other adversaries that might try to disrupt a real election. And while the exercises have included representatives of some local governments, one of the biggest challenges statewide election officials say they have is making sure new cybersecurity tools and procedures trickle down to even the smallest, most resource-strapped jurisdictions involved in the democratic process. The Cybersecurity and Infrastructure Security Agency on Friday published its “Elections Cyber Tabletop Exercise Package,” a 58-page guide for state and local officials to hold their own drills simulating ransomware, data breaches, disinformation campaigns and attempts to corrupt voting equipment. Matt Masterson, a senior adviser at CISA, described the document as a “tabletop in a box.”

Iowa: DHS chief says offer to vet Iowa caucus app was declined | Maggie Miller/The Hill

Acting Homeland Security Secretary Chad Wolf said Tuesday that an offer to vet the app used by the Iowa Democratic Party to tabulate votes during the Iowa caucuses was turned down. “Our Cybersecurity and Infrastructure Security Agency has offered to test that app from a hacking perspective,” Wolf said during an appearance on Fox News’s “Fox & Friends.” Wolf said the offer was “declined” and noted that “we’re seeing a couple of issues with it.” “I would say right now, we don’t see any malicious cyber activity going on,” he added. The Iowa Democratic Party said Tuesday morning that the app used to tabulate votes as part of the first-in-the-nation caucuses, which CNN confirmed was built by the firm Shadow, had a “coding issue in the reporting system” that slowed down the reporting of vote totals.

North Carolina: Election probe finds security flaws in key North Carolina county but no signs of Russian hacking | Kim Zetter/Politico

A long-awaited report this week from the Department of Homeland Security found security problems with the computer systems that a North Carolina county used to handle voter data during the 2016 election — but no evidence that Russian hackers had breached them. Still, the review is unlikely to totally resolve questions surrounding the county’s use of software provided by the Florida company VR Systems, which — as POLITICO reported last week — have added to broader doubts about the security of election technology that Americans will use at the polls in 2020. Experts contacted by POLITICO said the new DHS analysis has its share of holes — for instance, failing to examine all the computer systems the Russians could have targeted. And they noted that officials in Durham County, N.C., had waited until about a week after Election Day to preserve some potentially important evidence. “I think [the investigation is] incomplete,” says Jake Williams a former NSA hacker who is founder of the security firm Rendition Infosec and trains forensic analysts. “It’s the best investigation that can be conducted under the circumstances. We can’t investigate what we don’t have, [and] a lot of the crucial evidence is missing.” Among other security issues, the heavily redacted DHS report indicates that someone had used a “high value” desktop computer handling Durham County’s voter-registration data to access a personal Gmail account on Election Day. The report provides a lengthy list of suggestions — all blacked out — for how the county can improve the security of its election infrastructure.

North Carolina: Federal review finds no evidence hacking caused 2016 Durham County election problems | Travis Fain/WRAL

A U.S. Department of Homeland Security review found no evidence that hacking caused the 2016 election problems that forced Durham County to shut down electronic poll books on election day, the State Board of Elections said Monday in a joint statement with Durham’s board of elections. The report, months in the making, is “compelling evidence that there were no cyberattacks impacting the 2016 election in Durham,” Durham County Board of Elections Chairman Philip Lehman said in the joint statement. The state released a heavily redacted version of the 12-page report late Monday afternoon. In it, federal cyber security experts say they “did not conclusively identify any threat actor activity,” but that aspects of the state’s election security could be improved. Most of these recommendations are redacted for security reasons, but Lehman said in his statement that the county has already “implemented additional training, security measures and staffing changes” since 2016. State elections director Karen Brinson Bell said the state is working with county boards and the federal government “to improve security at every step in the voting process.”

North Carolina: No evidence of cyber attack in Durham County 2016 election, acordind to DHS | Will Doran/Raleigh News & Observer

There’s no evidence that the 2016 Election Day problems in Durham were the result of cyber hackers, according to the federal government. Special Counsel Robert Mueller’s report on Russian election interference said a company — whose description closely matched the company that provided voter check-in software for Durham and other North Carolina counties in 2016 — was targeted by hackers. And Durham experienced widely reported issues with that check-in software during the 2016 elections. State officials have long said they believed the problems were just due to human error, however, and not anything malicious like foreign hackers. But after the Mueller report’s findings on election interference became public earlier this year, officials at the Department of Homeland Security agreed to look into the Durham situation. On Monday, putting an end to their months-long investigation, they announced they had found nothing to indicate a cyber attack. Phillip Lehman, chairman of the Durham County Board of Elections, called the report “compelling evidence that there were no cyberattacks impacting the 2016 election in Durham.” “As we have acknowledged, there was human error in the preparation of electronic poll books,” Lehman said in a news release announcing the investigation’s findings. “Since that time, the Durham County Board of Elections has implemented additional training, security measures and staffing changes. Elections in 2017, 2018 and 2019 were conducted efficiently and accurately with no significant incidents.”

National: Top U.S. Cybersecurity Officials to Depart as Election Season Enters Full Swing | Byron Tau and Dustin Volz/Wall Street Journal

Two top government officials with broad cybersecurity and election-integrity portfolios have announced they are stepping down this month, a loss of expertise in a critical area less than a year before the 2020 presidential election. Amy Hess, the executive assistant director of the Criminal, Cyber, Response, and Services Branch of the Federal Bureau of Investigation will depart for a job as the chief of public services in Louisville, Ky. Jeanette Manfra, the most senior official dedicated exclusively to cybersecurity at the Department of Homeland Security, will leave her post at year’s end for a job in the private sector. Both women have announced their departure in recent weeks. Senior U.S. intelligence officials have warned the elections are likely to be targeted online by Russia and other foreign adversaries following Moscow’s success in disrupting the 2016 race. The FBI and DHS are two of the primary agencies responsible for combating foreign influence operations online, along with intelligence agencies including the National Security Agency. The FBI established a Foreign Influence Task Force in 2017 and has made investments to deepen its cybersecurity capabilities. DHS is the lead federal partner for state and local election officials with a focus on safeguarding voting systems from hackers.

National: Just How Regulated Are Our Nation’s Elections? | Hadley Hitson/Fortune

The U.S. federal government subjects nearly every industry to a slew of operational rules and regulations. Defense contractors are prohibited from utilizing certain Chinese telecommunications companies like Huawei in order to prevent theft of the nation’s military technology. Power companies must abide by mandatory reliability standards and report any attempted or successful breaches of their systems to a federal commission. National banks implement federally required security procedures to prevent robberies. These sectors are meticulously managed with hundreds of requirements specifically because the Department of Homeland Security considers them so vital that their incapacitation would have a “debilitating effect” on the country as a whole.  But when it comes to elections, a cornerstone of American democracy, the vendors whose voting equipment is used throughout the country largely lack the level of federal oversight and direction that protect other critical infrastructure industries from domestic and foreign interference.

National: DHS cyber agency invests in election auditing tool to secure 2020 elections | Maggie Miller/The Hill

The Department of Homeland Security’s (DHS) cybersecurity agency announced Thursday it would partner with election officials and private sector groups to develop an election auditing tool that can be used to help ensure the accuracy of votes in 2020. DHS’s Cybersecurity and Infrastructure Security Agency (CISA) is partnering with non-profit group VotingWorks on an open-source software tool known as Arlo, which is provided to state and local election officials for free. According to CISA, Arlo conducts an audit of votes by selecting how many ballots and which ballots to audit and comparing the audited votes to the original count. The tool has already been used to conduct post-election audits across the country, including during the recent 2019 elections. Election officials in Pennsylvania, Michigan, Virginia, Ohio and Georgia have signed on to partner with CISA on Arlo, with more officials expected to join.

National: Senior DHS cyber official Jeanette Manfra to step down | Sean Lyngaas/CyberScoop

Jeanette Manfra, a senior cybersecurity official at the Department of Homeland Security, plans to step down from her position, according to multiple sources familiar with the matter. DHS officials are preparing an internal announcement about Manfra’s departure that could come as soon as this week, two sources told CyberScoop. Manfra has been a key liaison for the agency, speaking about cyberthreats to U.S. supply chains, election infrastructure, and industrial control systems to both the private sector and Congress. She has also represented DHS at top cybersecurity conferences like RSA and DEF CON. Over the course of her tenure, Manfra took on increasingly senior and cybersecurity-focused roles, culminating in her becoming assistant director at DHS’s Cybersecurity and Infrastructure Security Agency (CISA) last year. In a speech last year, she likened supply-chain vulnerabilities to a “digital public health crisis.” It was not immediately clear who would replace her. One source told CyberScoop that officials had a replacement in mind, but declined to say who that was.

National: Senate Democrats urge DHS to fund cyber threat information-sharing programs | Maggie Miller/The Hill

A group of three Senate Democrats is urging the Department of Homeland Security’s (DHS) cyber agency to help fund cybersecurity threat information-sharing centers involved in election security efforts. In a letter sent on Monday to Christopher Krebs, the director of DHS’s Cybersecurity and Infrastructure Security Agency, Senate Minority Leader Charles Schumer (D-N.Y.), and Sens. Maggie Hassan (D-N.H.) and Gary Peters (D-Mich.) expressed concerns around the funding level for two information-sharing groups. Specifically, the senators noted that DHS’s proposed fiscal 2020 budget covers only around 70 percent of the estimated $15 million it would take for the Center for Internet Security to run both the Multi-State Information Sharing and Analysis Center (MS-ISAC) and the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC).

National: Election security drill pits red-team hackers against DHS, FBI and police | Sean Lyngaas/CyberScoop

A year from the 2020 election, sophisticated exercises to help secure the vote are kicking into high gear. On Tuesday, executives from the Boston-based firm Cybereason will conduct a tabletop exercise testing the resolve of officials from the Department of Homeland Security, FBI, and the police department of Arlington County, Virginia, among other organizations. The fictional scenario will involve attackers from an unnamed foreign adversary laying siege to a key city in a U.S. swing state. Hacking, physical attacks and disinformation via social media will be on the table as the attackers seek to flip the vote to their preferred candidate — or sow enough doubt among voters to undermine the result. One of the objectives of the red team — technical specialists from Cybereason and other private organizations — is voter suppression. That is exactly what Russian operatives aimed to achieve in 2016 and what, according to U.S. officials, they could strive for again in 2020. What participants learn from Tuesday’s event can be worked into future election-security drills, which will only grow more frequent as the 2020 vote approaches.

National: Cyber firm sows chaos in election hack simulation | Derek B. Johnson/FCW

The fictional City of Adversaria was ground zero for an Election Day security training exercise pitting law enforcement officials attempting to maintain order during an election against “K-OS,” a mysterious cyber group aiming to disrupt and undermine voter confidence. The simulated battle was part of Operation Blackout, a tabletop exercise hosted by Cybereason Nov. 5 to test how federal officials might react to a dedicated attack on election day. The company invited officials from real federal agencies like FBI and the Department of Homeland Security to sit in on both the “Blue” team representing law enforcement and “Red” team representing K-OS, to learn how to better protect election infrastructure. Ari Schwartz, former senior director of cybersecurity at the National Security Council under President Barack Obama, helped adjudicate the exercise and told FCW afterwards that in a real election, much of the planning by defenders would be gamed out in the weeks and months leading up to election day, but that unforeseen attack vectors are always out there and can throw a wrench into the gears of the best laid plans.

National: Administration officials say election security is a ‘top priority’ ahead of 2020 | Tal Axelrod/The Hill

Several administration officials Tuesday released a joint statement assuring the public that they are prioritizing election security less than a year away from the 2020 presidential race. Attorney General William Barr, Secretary of Defense Mark Esper, outgoing acting Secretary of Homeland Security Kevin McAleenan, acting director of national intelligence Joseph Maguire, FBI Director Christopher Wray and others said they have increased the level of federal support to state and local election officials and are prioritizing the sharing of threat intelligence to improve election security. “In an unprecedented level of coordination, the U.S. government is working with all 50 states and U.S. territories, local officials, and private sector partners to identify threats, broadly share information, and protect the democratic process. We remain firm in our commitment to quickly share timely and actionable information, provide support and services, and to defend against any threats to our democracy,” they said in a joint statement.

National: Feds and police are war-gaming all the ways an election can be hacked | Joseph Marks/The Washington Post

As voters head to the polls today in Virginia’s odd-year contest, federal officials and local police are war-gaming how adversaries could disrupt next year’s contest without hacking any election systems at all. Officials from the FBI, Department of Homeland Security and U.S. Secret Service are working with cops in Arlington to game out how to respond if hackers from Russia or elsewhere in 2020 disrupt electricity at polling places, shut down streetlights, or hijack radio and TV stations to suppress voter turnout and raise doubts about election results. They’ll also test how to respond if adversaries launch social media campaigns to incite fights at polling places — or to spread rumors about riots or violence that deter people from going out to vote. Cybersecurity experts and academics will play the mock hackers, lobbing new challenges at officials throughout the day. The exercise underscores how hackers could destroy public faith in an election’s outcome without changing any votes. And that’s particularly concerning because many of these potential targets are far more vulnerable than voting machines. “If you can prevent people from getting to the polls … if you can effectively disenfranchise certain segments of the population, that’s far more disruptive to the republic than taking out a few voting machines,” Sam Curry, chief security officer at Cybereason, the company organizing the war game, told me.

National: Former Homeland Security secretaries call for action to address cybersecurity threats | Maggie Miller/TheHill

Three former secretaries of the Department of Homeland Security (DHS) on Monday testified that cybersecurity threats to elections and other critical infrastructure are major issues that could impact the security of the nation. Former DHS Secretaries Michael Chertoff, Janet Napolitano and Jeh Johnson all discussed the severity of cyber threats to the U.S. while testifying in New York City during a field hearing at the National September 11 Memorial Museum held by the Senate Homeland Security and Governmental Affairs Committee. Napolitano, who served as secretary under former President Obama from 2009 through 2013, listed cybersecurity as one of the top three threats DHS “can and must confront,” pointing to vulnerabilities in election infrastructure, utility grids and other critical infrastructure as putting the country at risk.  “Our adversaries and international criminal organizations have become more determined and more brazen in their efforts to attack us and to steal from us,” Napolitano said. “We need a whole of government and a whole of public and private sector response to this threat, and it needs to happen immediately.