State and local elections officials preparing for the 2018 elections are strapped for time and resources, but the Department of Homeland Security’s National Protection and Programs Directorate is stepping in to help. Two weeks ago, at the request of the Elections Government Coordinating Council, NPPD released guidance on what states and localities should do with their share of the $382 million from 2018 Help America Vote Act Security Fund, said Matt Masterson, NPPD senior cybersecurity advisor, during a June 12 Senate Judiciary Committee hearing. NPPD provided insights on where the money should be used to address risks in the election process. “We focused first on common IT vulnerabilities that exist across elections — things like patching, training for phishing campaigns as well as manpower,” Masterson said.Full Article: DHS steps up security assistance for states' election systems -- GCN.
National: DHS official: States will probably know first if malicious cyber-activity hits primaries | CyberScoop
The Department of Homeland Security is on standby to alert state officials about any malicious cyber-activity during Tuesday’s primary elections, but the states themselves will likely know first if something is amiss, Matthew Masterson, a senior cybersecurity adviser at DHS, told CyberScoop. With voters going to the polls in eight states, Tuesday’s primaries are a chance for DHS to test the communication protocols it has sought to ingrain in election personnel across the country. State officials, who generally have the best views of their networks, will flag potentially malicious activity for DHS, which can in turn alert other states, according to Masterson. “If we see or have information to suggest something is going on, we have the ability to immediately share it with the states,” he said in an interview. Ahead of the midterm elections, DHS has looked to “ramp up” its cyberthreat reports to state officials to get them information that is easily understood and not overly technical, Masterson added.Full Article: DHS official: States will probably know first if malicious cyber-activity hits primaries.
National: Homeland security chief: I haven’t seen intel that showed Russia favored Trump | The Guardian
Donald Trump’s homeland security secretary, Kirstjen Nielsen, told reporters on Tuesday she was unaware of intelligence assessments that Russia favored Trump over Hillary Clinton in the 2016 election. “I do not believe I’ve seen that conclusion that the specific intent was to help President Trump win,” she said. “I’m not aware of that.” Nielsen’s comments stand at odds with the US intelligence community, which concluded in 2017 that Russia tried to influence the 2016 election to benefit Trump. Last week, the Senate intelligence committee said it agreed with that assessment. Nielsen was speaking to reporters after briefing House lawmakers on election security efforts.Full Article: Homeland security chief: I haven't seen intel that showed Russia favored Trump | US news | The Guardian.
The U.S. Department of Homeland Security on Tuesday unveiled a new national strategy for addressing the growing number of cyber security risks as it works to assess them and reduce vulnerabilities. “The cyber threat landscape is shifting in real-time, and we have reached a historic turning point,” DHS chief Kirstjen Nielsen said in a statement. “It is clear that our cyber adversaries can now threaten the very fabric of our republic itself.” The announcement comes amid concerns about the security of the 2018 U.S. midterm congressional elections and numerous high-profile hacking of U.S. companies.Full Article: Homeland Security unveils new cyber security strategy amid threats | Reuters.
As midterm votes are being cast in Pennsylvania and across the country, the U.S. Department of Homeland Security is playing catch-up. Pennsylvania is one of at least 17 states where election officials have requested on-site risk assessments of their election systems. Nearly half those reviews had not been completed by mid-May, including the one for Pennsylvania, which holds its primary election on Tuesday, May 15. A spokesperson for the Pennsylvania Department of State told KDKA-TV the security review will not be completed until June at the earliest. A security review by DHS typically takes two weeks to complete.Full Article: Pennsylvania Waiting For Security Review Of Election Systems « CBS Pittsburgh.
With the midterm congressional primaries about to go into full swing, the Department of Homeland Security has completed security reviews of election systems in only about half the states that have requested them so far. The government’s slow pace in conducting the reviews has raised concerns that the nation’s voting systems could be vulnerable to hacking, especially after U.S. intelligence agencies warned that Russia plans to continue meddling in the country’s elections. Among those still waiting for Homeland Security to conduct a risk assessment is Indiana, one of four states with primaries on Tuesday. Its ballot includes several hotly contested races, including a Republican primary for U.S. Senate. Indiana Secretary of State Connie Lawson said she is confident state officials have done what they can to safeguard Tuesday’s voting, but acknowledged: “I’ll probably be chewing my fingernails during the entire day on Election Day.”Full Article: States Await Election Security Reviews as Primaries Heat Up | Indiana News | US News.
A Department of Homeland Security official acknowledged that more than 21 states could have been targeted by Russian hackers prior to the 2016 election and told lawmakers the department hasn’t seen any similar activity in the lead-up to the 2018 mid-terms. In an April 24 Senate Homeland Security and Governmental Affairs Committee hearing, Jeanette Manfra, assistant secretary for the office of cybersecurity and communications, fended off questions about whether the department had “misled” Congress and the American public about how many states had been targeted by Russian hackers in the lead-up to the 2016 presidential elections. The department has consistently pegged the number of states affected at 21, but Sen. Claire McCaskill (D-Mo.) pointed out that number reflects only the number of states that had sensors or tools in place to capture the scanning activity. Manfra largely agreed with that interpretation.Full Article: Senator pushes for answers on scope of 2016 Russia voting probes -- FCW.
National: DHS chief issues stern warning to Russia, others on election meddling, cyberattacks | The Hill
Homeland Security Secretary Kirstjen Nielsen issued a stern warning to Russia and other countries looking to meddle in future U.S. elections, saying that the U.S. government will consider all options “seen and unseen” for responding to malicious attacks in cyberspace. “The United States, as you know, possesses a spectrum of response options both seen and unseen, and we will use them to call out malign behavior, punish it and deter future cyber hostility,” Nielsen said in keynote remarks at the RSA cybersecurity conference in San Francisco on Tuesday. “Our cyber defenses help guard our very democracy and all we hold dear. To those who would try to attack our democracy to affect our elections, to affect the elections of our allies, to undermine our national sovereignty, I have a simple word of warning: Don’t,” Nielsen said.Full Article: DHS chief issues stern warning to Russia, others on election meddling, cyberattacks | TheHill.
Homeland Security Secretary Kirstjen Nielsen promised that the federal government would do all it could to prevent Russians from hacking future elections, but stopped short of guaranteeing that those measures would be effective. “I feel secure that we are and will continue to do everything we can to help state and locals secure their election infrastructure,” Nielsen said on Tuesday, avoiding answering a question about whether the U.S. voting system is hacker proof. The DHS secretary’s comments at the annual RSA cybersecurity conference in San Francisco come after members of the U.S. Senate Intelligence Committee urged Nielsen and the DHS to speed up efforts to secure the nation’s elections, according to the New York Times. In September, the DHS notified 21 U.S. states that Russia had attempted to hack their voting systems prior to the last presidential election.Full Article: DHS Secretary Kirstjen Nielsen Talks Russia Hacks, Upcoming Elections | Fortune.
Colorado: Department of Homeland Security Testing Colorado’s Election Systems With Operation Cyber Storm | Westword
Colorado’s election systems have been under attack by cyber intruders. Networks are being poked and prodded in an attempt to bypass security measures, access control systems and manipulate or extract data. Don’t worry, though: The attacks are not real. Rather, they are simulations part of “Cyber Storm,” the nation’s largest cybersecurity exercise, overseen by the Department of Homeland Security. Colorado is one of seven states participating in the exercise, along with nearly 1,000 other “players” across the nation that range from law enforcement agencies to transportation and manufacturing networks. According to DHS, the exercises are the sixth iteration of Operation Cyber Storm, and the simulated cyber attacks are meant to expose cyber vulnerabilities and test network administrators’ preparedness, security measures and responses.Full Article: Department of Homeland Security Testing Colorado's Election Systems With Operation Cyber Storm | Westword.
The Department of Homeland Security is giving states, including Colorado and Texas, a chance to game out how they might respond to a cyberattack on election systems ahead of this year’s midterm vote. The department began its biennial “Cyber Storm” exercises on Tuesday, working with more than 1,000 “players” across the country, including state governments and manufacturers, to test how they would withstand a large-scale, coordinated cyberattack aimed at the U.S.’s critical infrastructure such as transportation systems and communications.Full Article: States to Game Out Election Threats in Homeland Security Drills - Bloomberg.
National: After GOP is criticized over election security, key official goes to Homeland Security | The Hill
The official recently replaced atop the U.S. Election Assistance Commission (EAC) is joining the Department of Homeland Security to protect elections from cyber threats, The Hill has learned. Matthew Masterson was replaced as chairman of the EAC in February as a result of a decision made by Republican leadership. The move opened up House Speaker Paul Ryan (R-Wis.) to criticism. Masterson has now signed on to work as a senior cybersecurity adviser at Homeland Security’s main cyber wing and to assist the department’s election security mission. A Homeland Security official confirmed that Masterson will work at the National Protection and Programs Directorate, which spearheads efforts to protect critical infrastructure from cyber and physical threats.Full Article: After GOP is criticized over election security, key official goes to Homeland Security | TheHill.
National: Trump wants new authority over polling places. Top election officials say no | The Boston Globe
President Trump would be able to dispatch Secret Service agents to polling places nationwide during a federal election, a vast expansion of executive authority, if a provision in a Homeland Security reauthorization bill remains intact. The rider has prompted outrage from more than a dozen top elections officials around the country, including Secretary of State William F. Galvin of Massachusetts, a Democrat, who says he is worried that it could be used to intimidate voters and said there is “no basis” for providing Trump with this new authority. “This is worthy of a Third World country,” said Galvin in an interview. “I’m not going to tolerate people showing up to our polling places. I would not want to have federal agents showing up in largely Hispanic areas.” “The potential for mischief here is enormous,” Galvin added. The provision alarming him and others is a rider attached to legislation that would re-authorize the Department of Homeland Security. The legislation already cleared the House of Representatives with bipartisan support.Full Article: Trump wants new authority over polling places. Top election officials say no - The Boston Globe.
The U.S. Department of Homeland Security now considers U.S. elections a part of the nation’s critical infrastructure. The DHS is now offering the Guam Election commission technical assistance to help with election security. In fact, GEC Executive Director Maria Pangelinan just returned from a meeting in Washington D.C. where DHS officials briefed election officials on the services they are offering. Pangelinan says Homeland Security is offering assistance with assessing the cyber security and physical security needs of the GEC. Pangelinan says that Guam’s election system is relatively safe from cyber-attacks because the system is not internet based and the island no longer uses electronic voting booths.
Wisconsin: For state officials, election security a concern heading into 2018 elections | Wisconsin State Journal
Amid warnings that Russia will again try to meddle in U.S. elections in 2018, state officials are sizing up Wisconsin’s defenses — and saying past missteps must be avoided in working with national-security officials who can spot such threats. The state Elections Commission also hopes lawmakers will act on a request for more funding to hire three more staffers, including at least one position dedicated to election security. Russian government cyberactors unsuccessfully targeted Wisconsin election systems in July 2016 as part of a broader effort to interfere in U.S. elections, federal intelligence officials have concluded. The commission said Homeland Security didn’t notify it until September 2017, about 14 months later, that it believed the attempted cyberattacks came from hackers tied to the Russian government.Full Article: For state officials, election security a concern heading into 2018 elections | Politics and Elections | host.madison.com.
As lawmakers and federal investigators continue to try to understand the chaos foreign actors were able to create during the 2016 election, the US Department of Homeland Security has taken a central role in helping secure the next election. The agency declared the US election system, which is run by a fragmented group of officials in all 50 states as well as dozens of smaller local governments, to be a part of the nation’s “critical infrastructure” in January 2017. The agency doesn’t have any legal authority over election officials, but it offers programs to help them keep hackers out of voting machines, voter registration databases and public-facing election websites.Full Article: Homeland Securitys tall order: A hacker-free election - CNET.
The Department of Homeland Security on Monday pushed back against a recent NBC News report claiming that Russian hackers “successfully penetrated” U.S. voter roles before the 2016 elections, calling it misleading. “Recent NBC reporting has misrepresented facts and confused the public with regard to Department of Homeland Security and state and local government efforts to combat election hacking,” Jeanette Manfra, the department’s chief cybersecurity official, said in a statement. The article published by NBC last week drew on an exclusive interview with Manfra, during which she told the publication that U.S. officials observed “a targeting of 21 states and an exceptionally small number of them were actually successfully penetrated.”Full Article: Homeland Security calls NBC report on election hacking 'false' | TheHill.
A U.S. cybersecurity official said Wednesday that Russia “successfully penetrated” the voter rolls in a small number of states in 2016. Jeanette Manfra, the head of cybersecurity at the Department of Homeland Security (DHS), told NBC News that Russia targeted 21 states and “an exceptionally small number of them were actually successfully penetrated.” DHS previously notified the 21 states that Russia had attempted to hack their elections systems before the 2016 election. It was Manfra who first revealed to the Senate Intelligence Committee last June that the states had their systems targeted by Russian hackers ahead of the election.Full Article: DHS cyber chief: Russia 'successfully penetrated' some state voter rolls | TheHill.
National: Democrats press Gowdy to subpoena Homeland Security for election hacking documents | The Hill
Democratic lawmakers are pressing House Oversight and Government Reform Committee Chairman Trey Gowdy (R-S.C.) to subpoena the Department of Homeland Security (DHS) for documents related to Russia’s efforts to target state systems ahead of the 2016 presidential election. In a letter sent to Gowdy on Monday, the Democrats on the committee accused the Trump administration of withholding “critical information” from Congress on the targeting. Homeland Security said last year that Russian hackers tried to probe election-related systems in 21 states. Most of the activity amounted to only preparations for hacking, such as scanning for vulnerabilities, though both Illinois and Arizona witnessed breaches of state voter registration databases. None of the systems targeted were involved in vote tallying, officials say.Full Article: Dems press Gowdy to subpoena Homeland Security for election hacking documents | TheHill.
National: DHS won’t do voter-fraud investigation after Trump commission shut down | Washington Times
Homeland Security Secretary Kirstjen Nielsen tamped down on claims her department is going to pursue an investigation into voter fraud, saying Tuesday that her role will be limited to assisting states looking to weed out their own voter lists. President Trump earlier this month canceled his voter fraud commission and asked Homeland Security to pick up some of the work. Republican commissioners had said they expected Ms. Nielsen to take on the work they started of using government data to figure out how many non-citizens are registered and, in some cases, actually casting ballots. But the new secretary told Congress on Tuesday that’s not her goal.