National: Election security drill pits red-team hackers against DHS, FBI and police | Sean Lyngaas/CyberScoop

A year from the 2020 election, sophisticated exercises to help secure the vote are kicking into high gear. On Tuesday, executives from the Boston-based firm Cybereason will conduct a tabletop exercise testing the resolve of officials from the Department of Homeland Security, FBI, and the police department of Arlington County, Virginia, among other organizations. The fictional scenario will involve attackers from an unnamed foreign adversary laying siege to a key city in a U.S. swing state. Hacking, physical attacks and disinformation via social media will be on the table as the attackers seek to flip the vote to their preferred candidate — or sow enough doubt among voters to undermine the result. One of the objectives of the red team — technical specialists from Cybereason and other private organizations — is voter suppression. That is exactly what Russian operatives aimed to achieve in 2016 and what, according to U.S. officials, they could strive for again in 2020. What participants learn from Tuesday’s event can be worked into future election-security drills, which will only grow more frequent as the 2020 vote approaches.

National: Cyber firm sows chaos in election hack simulation | Derek B. Johnson/FCW

The fictional City of Adversaria was ground zero for an Election Day security training exercise pitting law enforcement officials attempting to maintain order during an election against “K-OS,” a mysterious cyber group aiming to disrupt and undermine voter confidence. The simulated battle was part of Operation Blackout, a tabletop exercise hosted by Cybereason Nov. 5 to test how federal officials might react to a dedicated attack on election day. The company invited officials from real federal agencies like FBI and the Department of Homeland Security to sit in on both the “Blue” team representing law enforcement and “Red” team representing K-OS, to learn how to better protect election infrastructure. Ari Schwartz, former senior director of cybersecurity at the National Security Council under President Barack Obama, helped adjudicate the exercise and told FCW afterwards that in a real election, much of the planning by defenders would be gamed out in the weeks and months leading up to election day, but that unforeseen attack vectors are always out there and can throw a wrench into the gears of the best laid plans.

National: Administration officials say election security is a ‘top priority’ ahead of 2020 | Tal Axelrod/The Hill

Several administration officials Tuesday released a joint statement assuring the public that they are prioritizing election security less than a year away from the 2020 presidential race. Attorney General William Barr, Secretary of Defense Mark Esper, outgoing acting Secretary of Homeland Security Kevin McAleenan, acting director of national intelligence Joseph Maguire, FBI Director Christopher Wray and others said they have increased the level of federal support to state and local election officials and are prioritizing the sharing of threat intelligence to improve election security. “In an unprecedented level of coordination, the U.S. government is working with all 50 states and U.S. territories, local officials, and private sector partners to identify threats, broadly share information, and protect the democratic process. We remain firm in our commitment to quickly share timely and actionable information, provide support and services, and to defend against any threats to our democracy,” they said in a joint statement.

Louisiana: Cyberattack on St. James Parish government didn’t stop early voting nor affect schools | David J. Mitchell/The Advocate

A cyberattack that forced the shutdown of St. James Parish government’s computer network did not interrupt early voting for runoff elections Nov. 16 or affect the public schools, according to state and parish school officials. “There was no stop in voting, just a change of the means,” Tyler Brey, spokesman for the Louisiana Secretary of State’s office, said Thursday. Workers in the parish’s Registrar of Voters offices had to switch from electronic voting machines to scanned paper ballots for several hours earlier this week while the state took its own system offline as a security precaution. Brey said voting continued Thursday on standard electronic machines and is expected to do so until early voting ends Saturday. In addition to the statewide runoffs for governor and secretary of state, voters in some parts of St. James will be deciding on two Parish Council seats: District 4 in the Convent area and District 5 in western St. James. Parish officials said Wednesday a phishing attack that state investigators believe originated in Russia hit the parish’s computer network.

National: Smartphone Voting Could Expand Accessibility, But Election Experts Raise Security Concerns | Abigail Abrams/Time

ome voters with disabilities will be able to cast their ballots on smart phones using blockchain technology for the first time in a U.S. election on Tuesday. But while election officials and mobile voting advocates say the technology has the potential to increase access to the ballot box, election technology experts are raising serious security concerns about the idea. The mobile voting system, a collaboration between Boston-based tech company Voatz, nonprofit Tusk Philanthropies and the National Cybersecurity Center, has previously been used for some military and overseas voters during test pilots in West Virginia, Denver and Utah County, Utah. Now, Utah County is expanding its program to include voters with disabilities in its municipal general election as well. Two Oregon counties, Jackson and Umatilla, will also pilot the system for military and overseas voters on Tuesday. The idea, according to Bradley Tusk, the startup consultant and philanthropist who is funding the pilots, is to increase voter turnout. “We can’t take on every interest group in Washington around the country and beat them, but I think what we can do is let the genie out of the bottle,” he says.

National: Cyber officials tout reforms with one year to Election Day | Maggie Miller/The Hill

Officials and cyber experts are expressing confidence in reforms made to prevent a repeat of election hacking and foreign interference one year ahead of their biggest test yet, Election Day 2020, even as they remain vigilant. This optimism comes even as lawmakers remain sharply divided along party lines on how to address election security concerns. Sen. Ron Johnson (R-Wis.), the chairman of the Senate Homeland Security and Governmental Affairs Committee, told reporters on Thursday that he believes “great strides” have been made since 2016 by the Department of Homeland Security (DHS) and election officials. “It’s a serious issue, and one we take seriously, but when I take a look at all the threats facing this nation, it really is on the lower end of my priority list in terms of what I’m overly concerned about because it’s being addressed I think pretty effectively,” Johnson said. Democratic House Homeland Security Committee Chairman Bennie Thompson (Miss.), though, warned this week that “in just over a year, voters in many states across the country will vote for president in 2020 on machines that are old, have no paper trail, and are vulnerable to manipulation.”

National: A Plan to Crowdsource Voting Machines’ Security Problems | Andrea Noble/Defense One

A northern Virginia infrastructure-threat clearinghouse is trying to build a system to help voting-system manufacturers learn about problems with their machines. Fueled by monetary rewards and curiosity, hackers have helped companies discover and fix security vulnerabilities in a variety of technology and software applications. But one year out from the 2020 presidential election, can they do more to help secure voting systems? Technology researchers hope so. The Information Technology-Information Sharing and Analysis Center, or IT-ISAC, is evaluating the feasibility of creating a coordinated vulnerability disclosure, or CVD, program that could alert voting system companies about weaknesses. The first step in establishing a CVD program requires voting vendors to have a system in place for receiving information about discovered vulnerabilities and acting on that information—procedures several vendors have already begun to implement, said Scott Algeier, the executive director of IT-ISAC, a non-profit that serves as a clearinghouse for information on cyber threats to critical infrastructure.

National: How the threat of hacking looms over the 2020 election | Ellen Daniel/Verdict

With the UK bracing for a general election and campaigning ahead of the US 2020 presidential election now in full swing, the threat of election hacking is once more a key topic of conversation. The now infamous Democratic National Committee cyber attacks, in which hackers with ties to Russia breached the DNC network via a phishing attack, exemplified how easily democratic infrastructure can be affected by outside interference. However, four years later, the cybersecurity community is still calling for greater efforts to combat the issue. Verdict spoke to Kevin Bocek, VP of security strategy & threat intelligence at cybersecurity firm Venafi to discover the motivations behind election hacking and whether the threat can ever be fully removed. Despite the publication of the Mueller report earlier this year, and the conclusion that Russia “interfered in the 2016 presidential election in sweeping and systematic fashion”, the implications for the Western democratic system are yet to be fully addressed.

Florida: State and federal officials promise transparency but sidestep specifics on election security | Jeffrey Schweers/Tallahassee Democrat

State, local and federal officials asked the public to trust their ongoing efforts to strengthen Florida’s election system against foreign and domestic threats leading up to the 2020 elections, but they refused to give any details. “We are committed to the maximum amount of transparency as possible,” Secretary of State Laurel Lee told more than a dozen reporters Friday at a 30-minute Tallahassee news conference hosted by Larry Keefe, U.S. Attorney for Florida’s northern district. She dodged a barrage of questions about why the state won’t say which counties were hacked in 2016, what vulnerabilities her office found during a review of the election systems of all 67 counties, and whether the state would disclose any future breaches or potential breaches to the public. A week ago, she sidestepped the same questions during a 30-minute interview with the Tallahassee Democrat citing security issues. Keefe said Friday’s news conference was ushering in an “unprecedented” collaboration among state, federal and local officials responsible for election security, vowing his office will investigate and prosecute any election tampering.

Illinois: State Elections Board: ‘We’re Under Constant Threat’ from Foreign Interference | Paris Schutz/WTTW

The 2020 election is just under a year away, and both federal and state election authorities say the threat of foreign interference is ramping up. Illinois was one of several states whose election infrastructure was attacked by Russians in 2016, and officials say they’ve made big changes to make sure it doesn’t happen again. But can voters be sure the new measures will work? The Illinois State Board of Elections says it has received $13.2 million in federal aid since 2016 to deal with foreign interference. As outlined in the Mueller report, Russian hackers successfully breached an Illinois voter database that included information such as names, addresses and voter registration status. The breach affected 76,000 Illinois voters, but the board says there is no evidence that hackers manipulated any of that information to try and change voter registration status and, ultimately, impact the outcome of the election. But they say it was a wakeup call.

Virginia: We now know that Russia specifically targeted Virginia elections in 2016 | Mike Valerio/WUSA

Russian hackers with the Kremlin’s military intelligence unit targeted Virginia’s election infrastructure in 2016 – a cyber operation now confirmed by current and former state election officials. The Russian effort searched for vulnerabilities within Virginia’s online election infrastructure, authorities familiar with the matter said. The specific Russian actions targeting Virginia have not been previously reported. Analysts within the Department of Homeland Security eventually traced the suspicious activity to the GRU, the Russian military spy agency. The attempts to break into Virginia’s election systems did not change any votes, steal any personal information, or affect any voting during the presidential election, the officials stressed. Yet Richmond first received notice of the Russian reconnaissance only after hackers looked for weaknesses within the state’s election websites. Federal investigators disseminated a critical cyber bulletin known as a FLASH alert only days after malicious actors broke into Illinois’s voter database in the summer of 2016. The alert detailed how the Illinois Board of Elections reported an unusual surge in online traffic – traffic later traced back to Russia.

National: New federal guidelines could ban internet in voting machines | Eric Geller/Politico

A long-awaited update to federal voting technology standards could ban voting machines from connecting to the internet or using any wireless technology such as Wi-Fi or Bluetooth. A new draft of version 2.0 of the Voluntary Voting System Guidelines says that voting machines and ballot scanners “must not be capable of establishing wireless connections,” “establishing a connection to an external network” or “connecting to any device that is capable of establishing a connection to an external network.” If they survive a review process, the new rules would represent a landmark development in voting technology oversight, eliminating one of cybersecurity experts’ top concerns about voting machines by plugging holes that skilled hackers could exploit to tamper with the democratic process. The wireless and internet bans are included in the latest draft of the “system integrity” section of the VVSG update. A working group focused on the VVSG’s cybersecurity elements reviewed the document during an Oct. 29 teleconference.

National: Almost 100 former officials, members of Congress urge Senate action on election security | Maggie Miller/The Hill

A group of nearly 100 former members of Congress, Cabinet officials, ambassadors and other officials is urging Congress to take action to secure U.S. elections, citing “severe threats to our national security” if certain steps are not taken. The officials, all of whom are members of nonprofit political action group Issue One’s “ReFormer’s Caucus,” sent a letter to the Senate on Thursday urging members to support various bills designed to bolster election security. “Foreign interference in American elections is a national security emergency,” the group wrote. “We are alarmed at the lack of meaningful Congressional action to secure our elections. The United States cannot afford to sit by as our adversaries exploit our vulnerabilities. Congress — especially the Senate — must enact a robust and bipartisan set of policies now.” Specifically, the officials advocated for the passage of five bipartisan bills, including the Honest Ads Act, a bill meant to increase the transparency surrounding online political ads, and the Defending Elections from Threats by Establishing Redlines (DETER) Act, which would impose sanctions on countries that interfere in U.S. elections. The officials also urged the Senate to pass legislation aimed at increasing the cybersecurity of voting infrastructure and cracking down on foreign donations to U.S. elections.

National: Voting machines still easy prey for determined hackers | Derek B. Johnson/FCW

Security researchers showed lawmakers and reporters how easy it is to compromise voting machines in what has become an annual event at the U.S. Capitol. The Washington, D.C., version of the Voting Village event at the DefCon security conference in Las Vegas gives policymakers a hands-on glimpse of the technology that powers U.S. democracy. This year’s report is consistent with prior exercises: virtually every machine experts can get their hands on can be easily exploited in a number of different ways. What has changed in recent years, said Voting Village Co-founder Harri Hursti, is that the community of security researchers with first-hand experience working with these machines has grown from less than a dozen to thousands. Even though the annual event has been held for several years, fresh researchers have discovered of new vulnerabilities and attack vectors. “In this area, it’s always mind-blowing how these machines keep giving,” Hursti told FCW.

National: GOP senator blocks sweeping election reform bill | Jordain Carney/The Hill

A Republican senator blocked a sweeping House-passed election and ethics reform bill on Wednesday, the latest of several failed attempts by Democrats to advance election-related legislation ahead of 2020. Democratic Sens. Jeff Merkley (Ore.) and Tom Udall (N.M.) tried to pass the ethics and elections reform measure, known as H.R. 1, which they argued had been buried in the upper chamber’s “legislative graveyard.” “The For the People Act repairs our broken campaign finance system, opens up the ballot box to all Americans [and] lays waste to the corruption in Washington,” Udall said. “We must unite in defense of our electoral system and in defense of the sanctity of our democracy.” Merkley argued that the bill was crucial “because everything else we care about … is going to fail if we let this chamber be controlled by powerful special interests through this corrupted system.” But Sen. Roy Blunt (R-Mo.), the chairman of the Senate Rules Committee, objected to the bill’s passage, arguing that the legislation would “give the federal government unprecedented control over elections in this country.”

National: Free cybersecurity help for campaigns is on its way | Joseph Marks/The Washington Post

Securing political campaigns against cyberattacks is about to get a lot cheaper. A nonprofit group that won permission in May from the Federal Election Commission to provide campaigns with free and reduced-price cybersecurity help is announcing its first slate of services this morning, including email security, encrypted messaging and security training for staff. Defending Digital Campaigns, which was co-founded by Hillary Clinton’s 2016 campaign manager Robby Mook and Mitt Romney’s 2012 campaign manager Matt Rhoades, is basically a middleman for the services provided by cybersecurity companies. They’ll be available to presidential and congressional campaigns that meet certain polling or fundraising thresholds and to political party committees.The DDC announcement marks one of the biggest efforts yet to prevent a repeat of the 2016 election when Kremlin-linked hackers stole and released embarassing documents from the Democratic National Committee and the Clinton campaign in an effort to help the Trump campaign, according to U.S. intelligence officials.

National: Voting Village brings equipment to lawmakers to boost urgency on election security | Sean Lyngaas/CyberScoop

A year from the 2020 election and with a new round of election security funding stalled in Congress, the DEF CON Voting Village organizers have again taken to Capitol Hill to raise awareness about software vulnerabilities in voting equipment. This time, they brought the equipment with them to drive home their point. “If we’re going to meaningfully introduce funding or introduce new technologies for 2020, time is rapidly running out to be able to do that,” Matt Blaze, a professor at Georgetown University and co-organizer of the Voting Village, told CyberScoop. “We need to act pretty fast.” A handful of House Democrats and their staffers sauntered up to equipment on display, including a ballot-marking device and an electronic voting machine, to ask the researchers about the software bugs they found. “This is really helpful in understanding that these aren’t just abstract problems, that these are real things,” Blaze, an expert in cryptology, told CyberScoop. This is the second time in a month that the Voting Village has hosted an event on Capitol Hill. Last month, Blaze and Harri Hursti, another village organizer, unveiled the village’s annual report on flaws in voting gear that could be exploited by hackers.

Florida: New U.S attorney tries to restore confidence in Florida elections | Mary Ellen Klas/Miami Herald

As state officials acknowledge that domestic and foreign actors may be constantly attempting to penetrate Florida’s election infrastructure, U.S. Attorney Larry Keefe sees another danger that is equally formidable but perhaps harder to manage: public perception. “All you need is a computer and some shrewd, smart, social engineering-type people to get inside the heads of the Americans … and you can wreak havoc on a free and open society,’’ said Keefe, the U.S. attorney for the Northern District of Florida. Secretary of State Laurel Lee acknowledged this week that Florida’s election systems are under “daily” attack by foreign or domestic adversaries and, while she wouldn’t detail what the attacks are, she said the state has launched an aggressive campaign to educate and train local election officials to be able to counter those threats. Keefe said those attacks often attempt to “get inside our electronic election infrastructure and change the voter rolls or tabulations.”

National: Here’s where U.S. cyber warriors are working to protect against election threats | Olivia Gazis/CBSNews

The U.S. government’s actions to disrupt Russia’s attempted cyber incursions into the 2018 midterm elections took place in part in a newly constructed Joint Operations Center (JOC) on the National Security Agency’s expanding Fort Meade campus in Maryland. Efforts to protect the 2020 elections are expected to follow a similar drill. Located in the middle of the Cyber Integration Center — a 380,000 square foot, $520 million building whose construction was completed last September — the JOC links two adjoining facilities where NSA and U.S. Cyber Command personnel reside. A massive floor dotted by pods of desks and dominated by three curved, 20-foot-tall screens, the JOC is run by roughly 200 civilian and military officials who work 12-hour, rotating shifts — 24 hours a day, seven days a week, 365 days a year. “One of the first activities that were run out of here was NSA and U.S. Cyber Command support to the 2018 elections,” said Colonel Stephen Landry, a senior officer in the NSA’s recently launched Cybersecurity Directorate. That included support, he said, to the Russia Small Group, an election security task force comprising NSA and Cyber Command officials that was created last year by General Paul Nakasone, who heads both agencies. The Russia Small Group was instrumental in carrying out an offensive cyber operation that took the Internet Research Agency, a Kremlin-linked troll farm known to have waged an influence campaign in 2016, offline ahead of the November midterms. Nakasone has since publicly touted the success of the group, made it a permanent fixture, and said its approach in 2018 would serve as a model for 2020. (Its members are scattered throughout NSA and Cyber Command, not physically concentrated in the JOC.)

National: Senate GOP blocks three election security bills for second day | Jordain Carney/The Hill

Senate Republicans blocked three election security bills on Wednesday, marking the second time in as many days they’ve stymied legislation. Sens. Mark Warner (D-Va.), Amy Klobuchar (D-Minn.) and Ron Wyden (D-Ore.) asked for unanimous consent to pass three election-related bills. But they were blocked by Sen. Marsha Blackburn (R-Tenn.), who noted that the unsuccessful attempt was the latest by Democrats to pass election security bills in the Senate ahead of 2020. “You know, it’s not a good sign if you’re doing the same thing over and over and expecting a different result,” Blackburn said. Under Senate rules, any one senator can ask to vote on or pass a bill. But because it requires unanimous support, any one senator can also block their requests. Election security has become a point of contention during the Trump era. House Democrats have passed several election-related bills, including a sweeping ethics and election reform measure, but they’ve hit a wall in the GOP-controlled Senate.

National: Internal Cybersecurity Memo Warns White House Will Get Hacked | Jennings Brown/Gizmodo

In the 1,006 days since Donald Trump became president, his administration has shown little vigilance when it comes to its own security, and a new internal memo suggests the White House is working to weaken its own cybersecurity safeguards. Axios has published a memo written by the White House computer network defense branch chief Dimitrios Vastakis that warns “the White House is posturing itself to be electronically compromised once again.” The White House did not immediately respond to a Gizmodo request for comment. Vastakis submitted the memo as a letter of resignation last Thursday. As Axios reports, the letter comes after at least twelve top officials were dismissed or resigned from a cybersecurity team that protected the White House from security threats from Russia and other entities. This team—the Office of the Chief Information Security Officer (OCISO)—was built after the Obama administration was attacked by Russian hackers in 2014. As the memo states, the OCISO “was established to take on the responsibility of securing the Presidential Information Technology Community (PITC) network.” Since then, the team has “significantly matured the security posture of PITC and no major compromise has occurred,” according to the memo.

National: Trolls could turn to cyber to disrupt the 2020 census | Amanda Seitz and Rachel Lerman/Fifth Domain

Worried about internet trolls and foreign powers spreading false news, census officials are preparing to battle misinformation campaigns for the first time in the count’s 230-year history. The stakes are huge. Who participates in the 2020 census count could influence how U.S. congressional seats and billions of federal tax dollars to educate children, help low-income families and pave new roads are divvied up. “It’s a fine target,” former U.S. Census Bureau director John Thompson said of the form, which is sent every decade to households in America to count the population. “If you want to disrupt a democracy, you can certainly go about it by disrupting a census.” Already, false and inaccurate social media posts about the census have begun to appear online, where they have been viewed thousands of times. Foremost on everyone’s mind are the misinformation wars waged during the last presidential election to confuse U.S. voters. Fake posts about the census began popping up days after the U.S. Supreme Court ruled in June that the Trump administration could not ask about citizenship status on the 2020 census: Conservative bloggers, Twitter users and pundits falsely blamed former President Barack Obama for scrubbing the question from the form in 2010. In fact, the main census form hasn’t included a citizenship question since 1950, and the bureau’s own analysis found it would discourage people from participating, possibly skewing results.

Colorado: The public, election officials may be kept in the dark on hacks around the U.S. But not in Colorado. | Colleen Long and Christina A. Cassidy/The Associated Press

If the FBI discovers that foreign hackers have infiltrated the networks of your county election office, you may not find out about it until after voting is over. And your governor and other state officials may be kept in the dark, too. There’s no federal law compelling state and local governments to share information when an electoral system is hacked. And a federal policy keeps details secret by shielding the identity of all cyber victims regardless of whether election systems are involved. Election officials are in a difficult spot: If someone else’s voting system is targeted, they want to know exactly what happened so they can protect their own system. Yet when their own systems are targeted, they may be cautious about disclosing details. They must balance the need for openness with worries over undermining any criminal investigation. And they want to avoid chaos or confusion, the kind of disruption that hackers want. The secrecy surrounding foreign hacks is not a hypothetical issue. The public still doesn’t know which Florida counties were breached by Russian agents in the 2016 election. Rick Scott, Florida’s governor in 2016 and now a U.S. senator, was not told at the time and didn’t learn most of the details until this year. And the threat to electoral systems is real. Federal officials believe Russian agents in 2016 searched for vulnerabilities within election systems in all 50 states. And the nation’s intelligence chiefs warn that Russia and other nations remain interested in interfering in U.S. elections.

Ghana: Electoral Commission Cautioned About Cyber Security Fraud | Kingsley Asare/Ghanaian Times

The National Cyber Security Advisor, Dr Albert Antwi-Boasiako has called on the Electoral Commission to put robust cyber security measures in place to protect its system from hacking. Given the reported cases of hacking of electoral systems in other countries during elections, there was the need for the EC to put measures in place to protect the Commission of cyber attack. Dr Antwi-Boasiako made the call in an interview with the Ghanaian Times after a high-level discussion on election and cyber security to close the 2019 National Cyber Security Awareness Month. The one-week programme, attended by participants and ministers from some West African countries was on the theme “Demonstrating Ghana’s cyber security readiness.” It was organised by the Ministry of Communications and National Cyber Security Centre to create awareness on cyber security issues and attacks and the impact of the menace on the economy, corporate bodies and individuals.

United Kingdom: How cyber criminals and fake news could ruin Britain’s next election | James Cook/The Telegraph

Elections in the UK are more likely to bring to mind visions of kindly pensioners in church halls ticking names off lists than shadowy hacking groups attempting to subvert democracy. But hackers, with terrifying powers to spread fake news on a massive scale, are fast becoming a reality of British politics. Last year, ahead of the local elections, the National Cyber Security Centre (NCSC), a division of spy agency GCHQ, published a starkly worded report for local authorities which warned of “insider activity” that could attempt to “manipulate or compromise electoral information or processes for financial gain [or] ideological reasons.” The report urged local authorities to make regular backups of the electoral roll and to keep these backups in secure facilities to make it more difficult for hackers to access them. Ask spies and security experts about the digital threat to elections and you’ll encounter the curious lexicon of intelligence agencies. Hackers are known as “threat actors” who engage in either overt or covert influence campaigns. And when hackers manage to break into a computer network, they typically create an “implant” which allows them to return or to funnel data out without anyone noticing. A series of government departments have found themselves at the frontline of the battle to keep elections secure. In recent months, committee hearings in the Houses of Parliament and briefings by spy agencies have outlined how the government keeps elections safe.

National: Senate Intelligence report triggers new calls for action on election security | Maggie Miller/The Hill

Democrats are renewing their calls for Senate action on election security measures following the release of a Senate Intelligence Committee report that found the Kremlin directed Russian efforts to interfere in the 2016 presidential election. The party has repeatedly gone after Senate Majority Leader Mitch McConnell (R-Ky.) for imposing obstacles to action on election security, a point underscored once again in the wake of the bipartisan Intelligence report. McConnell was “blocking a full-throated U.S. response” by stopping various election security bills from being brought up in the Senate and burying them “in his legislative graveyard,” Senate Minority Leader Charles Schumer (D-N.Y.) charged in a statement. Sen. Michael Bennet (D-Colo.), a member of the Senate Intelligence Committee and a 2020 presidential candidate, called on McConnell to allow votes on election security legislation.

National: Internet Group Says Most U.S. Presidential Candidates Have Cybersecurity Flaws | Sintia Radu/US News

Moire than three years after media reports disclosed hackers were interfering in the 2016 U.S. presidential race to influence voters, most of the country’s candidates in the 2020 presidential election are struggling with cybersecurity issues, according to a nonpartisan group focused on internet standards. A majority of the 23 candidates in the race for the White House failed to meet the privacy and security standards set by the Internet Society’s Online Trust Alliance (OTA), according to the group’s audit released this week. The findings are the latest to show the increasing pressure countries are facing to preserve online security during elections, as well as in their industries and infrastructure. The research by the OTA examined how well the 23 Democratic, Republican and Independent candidates are handling online security challenges in their campaigns. Just seven of the 23 politicians scored 80% or higher in campaign cybersecurity, meaning researchers found no failures in the three areas examined: privacy, website security and consumer protection. Weaknesses ensuring the data privacy of users accessing the candidate’s online platforms raised the most red flags, researchers found.

Voting Blogs: Election experts warn against RFID-based voting systems | e-lected blog

A voting system which uses Radio Frequency Identification (RFID) technology to store electronic votes has been under scrutiny after election experts questioned its capacity to safeguard the integrity of election data. Though the voting system had been tested in a few Argentine jurisdictions, academics from around the world had not had a real chance to analyze it in detail until authorities from the Democratic Republic of Congo decided to use a similar system for the long-delayed elections of December, 2018. The decision to automate the controversial elections using an untested system drew criticism from U.S. diplomats. According to experts from The Sentry, it is possible to manipulate the information the RFID chip contains, since the use of this unique identifier technology and radio communications give off signals that can be easily detected at distances greater than expected. Experts recommend election officials to refrain from implementing this type of technology.  RFID technology is well known for its usefulness in tracking inventories, but its use extends to other industries, from bookstores and apparel to health and transportation. The main benefit of having RFIDs is that it allows quick communication with remote sensors. Nonetheless, however useful RFID may be for certain industries, elections are an entirely different ballgame. The capacity to allow remote sensors to read the information it contains opens the door for bad actors to hack the votes.

Utah: New threats, new solutions: How Utah’s counties secure elections | Graham Dudley/KSL

Rozan Mitchell would like to clear up one thing: Yes, her office really does look at every signature on returned mail-in ballots and compare them against the signatures on voter registration forms. “People say, ‘Well, you only do a sampling.’ Nope,” Mitchell said, sitting in the Provo headquarters of the Utah County elections office in early September. She is the county’s elections director and, as she’s making clear, she takes that responsibility seriously. “We check the signature on every single one of those ballots that comes through here.” That’s how the county discovers instances where, say, a parent has voted for a missionary serving abroad, or a spouse has voted for someone away on business. “I think people don’t realize the great lengths we go to to do things like that,” Mitchell said. Supervising elections, a function of county clerks and their staff, is a process very much driven by local entities: states, counties and municipalities. The federal government has laws mandating equal access to the ballot box, but it’s up to local governments to decide how to achieve that goal.