National: Microsoft Data Shows Hackers Still Targeting U.S. Elections | Alyza Sebenius and Kartikay Mehrotra/Bloomberg

State-backed hackers have attempted to infiltrate targets related to U.S. elections more than 700 times in the past year, furthering concerns about potential meddling in upcoming races, according to a blog posted Wednesday by Microsoft Corp. The hackers responsible are mostly from Russia and North Korea, said Tom Burt, Microsoft’s vice president for customer security & trust, in an interview. The company has counted nearly 10,000 hacks globally stemming from state-sponsored attacks in the past year. Of those, 781 have been to democracy-focused organizations, particularly non-governmental organizations and think tanks, and nearly all of those attacks, 95 %, are against U.S.-based organizations. “We have uncovered attacks specifically targeting organizations that are fundamental to democracy,” Burt wrote. “Democracy-focused organizations in the United States should be particularly concerned.” The attacks on democratic institutions are a likely precursor to hacking attempts on campaigns and election systems ahead of the 2020 presidential elections, according to the blog. However, the North Korea-based hackers may be conducting espionage on issues of special interest like nuclear disarmament, rather than seeking to hack elections, Burt said in the interview.

National: Russia Is Using Cold War Strategy to Undermine the Faith of Americans in the 2020 Election—Will It Work? | Adam Piore/Newsweek

Three events occurring in rapid succession on October 7, 2016, stand out in Robby Mook's memory.The first came at about 3:30 pm. The Obama Administration issued a statement that publicly blamed Russia for hacking the Democratic National Committee and orchestrating the release of the thousands of emails roiling the Democratic Party, which, it said, were "intended to interfere with the US election process." In the day's crazy news cycle, that highly-unusual announcement never had a chance.At 4 pm, The Washington Post unveiled the infamous Access Hollywood Tape, on which then-candidate Donald Trump was recorded boasting about his own sexual harassment of women. "When you're a star, they let you do it. You can do anything. Grab 'em by the pussy. You can do anything."Within the hour, yet another media bomb dropped. Wikileaks released another trove of emails—the first 20,000 pages of 50,000 hacked emails stolen from the account of Hillary Clinton's Campaign Chairman John Podesta. "It was so clear what was happening," recalls Mook, who at the time was a 35-year-old political operative running the Clinton campaign. In time, reporters would dig out old transcripts of paid speeches to Wall Street banks, controversial comments about Catholic voters and other documents that turned out to be damaging to the Clinton campaign. U.S. intelligence has since linked the Podesta trove to the Russian military.

National: Hill Democrats target McConnell in election security push | Derek B. Johnson/FCW

Congressional Democrats are banding together to sound the alarm on the looming security threats facing the 2020 elections -- and bash the senator they believe is most responsible for legislative inaction. In a July 23 press conference scheduled one day before Special Counsel Robert Mueller heads to Capitol Hill to testify on his report that found "sweeping and systemic" efforts on the part of the Russian government to interfere in the 2016 elections, a group of Democrats pledged to barnstorm around the country serving as "Paul Reveres" to warn about the continuing need for comprehensive election security legislation. They spent most of their time taking aim at Senate Majority Leader Mitch McConnell (R-Ky.), who has become in many respects the primary target of ire for election security advocates after congressional Republicans acknowledged in a Rules Committee hearing earlier this year that he was blocking legislation from reaching the floor of the Senate. "The remarkable thing is on an issue where there is broad bipartisan support…McConnell has not brought a single piece of election security legislation to the floor even though the president's own security team has said that we're in jeopardy," Sen. Mark Warner (D-Va.) said.

Mississippi: Elections officials fight back against hackers, foreign operatives | Erin Pickens/WAPT

Ever since the 2016 presidential election, the issue of foreign operatives and hackers manipulating the voting process has been a huge concern. Hackers tried 200,000 times on Election Day to jam the polling place locator on the Mississippi Secretary of State’s website. Secretary of State Delbert Hosemann said his office works year-round to identify and stop any potential problems. “We have been meeting and giving cybersecurity information to our circuit clerks and our election commissioners in a lot of instances,” Hosemann said. “We’ve started dual authentication if they want to get into the statewide election management system.” The U.S. Election Assistance Commission, which is the only federal agency focused full time on elections, says states have only spent about 29% of the $380 million Congress allocated in spring 2018 for election security. Congress gave states five years to spend those funds. Eleven states, including Mississippi, still have at least one precinct that uses paperless voting equipment that does not provide a voter-verified paper ballot to allow for risk-limiting audits.

National: Intelligence Chief Names New Election Security Oversight Official | Julian E. Barnes/The New York Times

An experienced official will oversee election security intelligence across the government in a newly created senior position, the director of national intelligence announced on Friday as part of an effort to improve coordination and speed response to attacks by foreign governments. Intelligence officials said the new post reflects the reality that influence operations by Russia, China and other countries are likely to continue indefinitely. Shelby Pierson, who worked on intelligence issues surrounding the 2018 midterm elections, was named to the post, which will cover both potential attacks on voting infrastructure and influence campaigns. Administration critics praised the appointment but said it did not obviate the need for a director at the National Security Council to coordinate not just intelligence but also the response to foreign interference campaigns. And critics in Congress warned that President Trump’s skepticism over foreign influence campaigns continues to undermine the government response. Ms. Pierson’s appointment will help intelligence agencies direct resources to election security and “bring the strongest level of support to this critical issue,” said Dan Coats, the director of national intelligence, who called it an “enduring challenge.” Mr. Coats also said he was ordering all of the intelligence agencies with a role in election security to appoint a senior official to oversee issues of foreign influence and infrastructure attacks. These officials will form an Election Executive and Leadership Board to ensure intelligence agencies are properly focused on voting security issues.

National: “We’re not ready” for foreign election interference in 2020, says Rep. Adam Schiff | Eric Johnson/Vox

In May, Facebook refused to remove a deceptively edited viral video that made Speaker of the House Nancy Pelosi look drunk — a decision that does not bode well for how Silicon Valley will handle disinformation and election interference in 2020, Rep. Adam Schiff says. And for that matter, he said on the latest episode of Recode Decode with Kara Swisher, Congress and the voting public aren’t prepared to deal with those things either. “The tech companies aren’t ready,” Schiff said. “They don’t have, I think, their policies fully thought out yet. The government isn’t ready. We don’t have the technologies yet to be able to detect more sophisticated fakes.” “And the public, by and large, when you bring up ‘deepfake,’ they don’t know what you’re referring to,” he added. “And so we don’t have much time. It’s eight months until the primaries begin to try to prepare the public, prepare ourselves, determine what other steps need to be taken to protect ourselves from this kind of disinformation.”

National: Election security to take back seat at Mueller hearing | Maggie Miller/TheHill

This week’s much-anticipated hearing with former special counsel Robert Mueller promises to be full of high political drama. But election security — a key focus of the Mueller report — isn’t likely to garner much attention from lawmakers. Mueller is scheduled to testify before the House Judiciary and Intelligence committees in back-to-back hearings Wednesday to discuss the findings of his 448-page report on Russian interference in the 2016 presidential election. The first volume of the report was devoted to Russian efforts to interfere in the elections through social media and hacking operations, with Mueller later emphasizing in rare public remarks that election security is an issue that “deserves the attention of every American.” “I will close by reiterating the central allegation of our indictments, that there were multiple, systematic efforts to interfere in our elections,” Mueller said in a public statement to the press in May. His lengthy report detailed how Russian actors hacked into the computer system of the Democratic National Committee, engineered a social media disinformation campaign that favored President Trump and conducted “computer intrusion operations” against those working on former Secretary of State Hillary Clinton’s presidential campaign. In the wake of the report’s release, election security debates ramped up on Capitol Hill, with Republicans and Democrats strongly disagreeing on what steps, if any, Congress should take ahead of the 2020 elections. The Democratic-led House has passed several election security bills, while the GOP-controlled Senate has mostly avoided voting on them and others, with Senate Majority Leader Mitch McConnell (R-Ky.) citing concerns about federalizing elections and claiming agencies already doing enough to address the problem.

National: Microsoft reveals election-related investigation findings | CISO Magazine

Microsoft says it has detected more than 740 intrusion attempts by state-sponsored attackers last year targeting the U.S.-based political parties, campaigns, and other democracy-focused organizations, who are subscribed to Microsoft’s AccountGuard service. The Microsoft AccountGuard provides free cyber threat detection services to election-related candidates, campaigns, and other groups. The Tech giant revealed the probe findings at the Aspen Security Forum, where it demonstrated a voting system ElectionGuard software. Microsoft said the new voting system offers secure and verifiable voting experience. “Since the launch of Microsoft AccountGuard last August, we have uncovered attacks specifically targeting organizations that are fundamental to democracy. We have steadily expanded AccountGuard, our threat notification service for political campaigns, parties, and democracy-focused nongovernmental organizations (NGOs), to include 26 countries across four continents,” Microsoft said in a blog post.

National: Why getting election security right for 2020 matters | J.M. Porup/CSO Online

How much election security is enough? The answer: Enough to convince a losing candidate that they lost. Will that happen for the 2020 elections? Probably not. "Is it enough? How much is enough?" Herb Lin, Senior Research Scholar at the Center for International Security and Cooperation at Stanford University, and co-author of the Stanford Cyber Policy Center's "Securing American Elections" report, asks. "Unfortunately it's not a technical answer. Enough means you've done enough so that you can persuade the loser of an election that in fact the voting machines weren't hacked." "You have to take into account the possibility that the loser will rally his troops and complain about the result," he adds. "The election machinery, both organizational and technical, all of that has to be of sufficiently high quality, and resistant to attack, that you can persuade the loser of an election that they fairly lost." That makes election security as much of a political problem as it is a technical problem. Voters must have confidence that the voting was fair, regardless of how much money is spent or what security controls are put in place. That makes securing election infrastructure categorically different than almost any other information security challenge today. At present many jurisdictions are struggling to escape the bottomless pit of despair paperless voting, and that's a no-brainer. But once we raise the bar from wow-crazy-bad to meh-just-not-great, how do we reach a plateau of sustainably trustworthy voting security?

Editorials: People privy to the intelligence are convinced another electoral attack is coming | Greg Sargent/The Washington Post

Rep. Adam B. Schiff (D-Calif.), the chairman of the House Intelligence Committee, had a conversation with Vox’s Kara Swisher that should worry anyone who thinks our elections should be free from foreign interference. Needless to say, this evidently doesn’t include President Trump, who has basically invited another round of foreign electoral sabotage, or Senate Majority Leader Mitch McConnell (R-Ky.), who refuses to allow the Senate to vote on any of the numerous bills that have been proposed to shore up our political system against such sabotage. So that basically rules out any serious legislative response in advance of the next attack. But what remains striking is how convinced Democrats who have seen the intelligence are that this is really going to happen. Schiff points out that Facebook recently refused to remove a viral video that was edited to make House Speaker Nancy Pelosi (D-Calif.) look drunk, and notes that neither the tech companies nor our own government are prepared:

“The tech companies aren’t ready,” Schiff said. “They don’t have, I think, their policies fully thought out yet. The government isn’t ready. We don’t have the technologies yet to be able to detect more sophisticated fakes.”

“And the public, by and large, when you bring up ‘deepfake,’ they don’t know what you’re referring to,” he added. “And so we don’t have much time. It’s eight months until the primaries begin to try to prepare the public, prepare ourselves, determine what other steps need to be taken to protect ourselves from this kind of disinformation.”

Voting Blogs: U.S. Elections Are Still Vulnerable to Foreign Hacking | Tim Lau/Brennan Center for Justice

Election officials warn that the time is running out for Congress to bolster security before the 2020 race. The warnings follow a recent statement from a senior U.S. intelligence official confirming that Russia, China, and Iran are attempting to manipulate public opinion ahead of the 2020 elections. And earlier this year, the Department of Homeland Security and the FBI reported that Russian hacking efforts in 2016 were more extensive than originally understood, targeting elections in all 50 states. Congress took a major step last year toward helping states boost their election security efforts by approving $380 million in grant funds through the Help America Vote Act (HAVA). States have started to put that funding to work and are expected to spend 85 percent of that money by the 2020 election, much of it on cybersecurity, updated voting equipment, and election audits, according to estimates by the Elections Assistance Commission (EAC). But despite those efforts, many election security projects at the state level remain unfunded or underfunded, as outlined in Defending Elections, a new paper authored by a bipartisan group of organizations including the Brennan Center, the Alliance for Securing Democracy, R Street Institute, and the University of Pittsburgh Institute for Cyber Law, Policy, and Security. Defending Elections provides case studies from six states analyzing how they allocated their HAVA grants and the outstanding needs for additional election security funding. “State and local election officials need support from the federal government,” said Liz Howard, who is a counsel in the Brennan Center’s Democracy Program, was the former deputy commissioner for the Virginia Department of Elections, and co-authored the Defending Elections report. “They are on the front lines, yet many, especially those in rural localities, simply lack the resources to implement additional election security projects to further strengthen our election infrastructure.”

National: Intel chief Coats establishes election security adviser position | Maggie Miller/The Hill

The intelligence community has crafted a position to oversee threats to election security, officials announced Friday, the latest effort to shore up security heading into the 2020 presidential elections. Director of National Intelligence (DNI) Daniel Coats has appointed Shelby Pierson to serve as the first “election threats executive” (ETE), tasking her to be the intelligence community's “principal advisor” on election security threats. Pierson served as the crisis manager for election security for the Office of the Director of National Intelligence during the 2018 midterm elections, and has worked in the intelligence community for more than 20 years. Coats praised Pierson and said her “knowledge and experience make her the right person to lead this critical mission.” The DNI noted in a statement that “Election security is an enduring challenge and a top priority for the IC [intelligence community]. In order to build on our successful approach to the 2018 elections, the IC must properly align its resources to bring the strongest level of support to this critical issue.” Along with establishing the new position, Coats also directed all intelligence agencies that have a role in securing elections to designate a lead executive to work with the ETE to help coordinate election security efforts for the administration.

National: Voting by Phone Is Easy. But Is It Secure? | Matt Vasilogambros/Stateline

For the first time in a presidential election, voters in two upcoming Democratic caucuses will be able to vote using their phones. The Democratic Party announced this month that Iowans and Nevadans in February will be able to opt out of the traditional caucus experience and vote using the keypads on their cellphones or landlines. Party leaders say the change will make the caucus process more inclusive, especially for members of the military and others who can’t easily caucus in person, such as people with disabilities and voters who live in remote areas. … Voting by phone is voting through the internet, either through mobile apps or the tabulating and downloading process, said Marian Schneider, president of Verified Voting, an election integrity nonprofit that advocates for a paper trail in voting. That opens the door to malicious actors, like the foreign intelligence agents who attempted to hack U.S. state and local voting systems during the last presidential race. In light of those attempts, many states are going back to paper ballots or requiring a paper trail to back up electronic systems. “Did people not get any lessons learned from 2016?” Schneider said. “It’s really an odd time to be doing this.”

National: No. 2 U.S. intelligence official talks about how U.S. is preparing for 2020 election threats | Olivia Gazis/CBS News

The U.S. intelligence community is preparing to confront a novel set of challenges related to the upcoming 2020 presidential elections amid proliferating disinformation threats – in part by boosting the amount of information it shares publicly, according to the number two intelligence official. "We have no expectation that, in 2020, [adversaries] will stay with the approach that they had in 2018," said Principal National Intelligence Deputy Director Sue Gordon, who serves as deputy to Director of National Intelligence Dan Coats. "So, I think we already have raised our vision." In an interview with Intelligence Matters host and CBS News senior national security contributor Michael Morell, Gordon, a career intelligence official who spent 27 years at the CIA before being nominated to her current post by President Trump in 2017, said foreign adversaries' efforts to interfere with the country's election security potentially pose a near-existential threat. "I can think of no greater threat to America than actions that would make us not believe in ourselves," she said. "That is, national interests of our adversaries using information in order to sow seeds of division … or make people believe their votes don't count, or position tools in our infrastructure" to otherwise affect the integrity of voting processes.

National: Intrusion monitors for election security are going virtual | Benjamin Freed/StateScoop

As interest in cybersecurity swells among election officials, a small group of states has begun experimenting with a virtualized network-intrusion system that until recently had only been available in the form of a physical device. Typically, the Albert system, which is designed and distributed by the nonprofit Center for Internet Security, consists of single-unit physical servers outfitted with the organization’s open-source software that detects anomalous and malicious network activity. But five states and territories, led by Nebraska, have started using Albert sensors that run on a virtual server to detect attempted intrusions of their voter registration databases. The software-based version of the Albert system is a product of collaboration between the participating states, which have asked to remain anonymous; Election Systems & Software, which produces the voter registration system used by Nebraska and the others; and CIS, which operates the Elections Infrastructure Information Sharing and Analysis Center, the federally funded entity through which state officials, local officials and the U.S. Department of Homeland security exchange alerts about election security.

Pennsylvania: Elections experts say cybersecurity threats demand federal funding | Deb Erdley/Tribune-Review

Unfunded cybersecurity needs are leaving state and local election officials to stand on the front lines of threats from sophisticated international interests, a new report asserts. “Defending Elections,” a report from the Brennan Center for Justice, highlights growing concerns that myriad unmet security needs pose a threat to fair elections. Christopher R. Deluzio, policy director of the University of Pittsburgh Institute for Cyber Law, Policy and Security, was among five researchers who collaborated on the report. He said a close look at efforts under way in six states — Alabama, Arizona, Illinois, Louisiana, Oklahoma and Pennsylvania — underscored the challenges elections officials face, from the need to purchase new voting machines that will create a paper record, to developing systems for post-election audits, addressing emerging cyber vulnerabilities and upgrading voter registration systems. Part of the problem is the cost of underwriting new voting machines as states and counties struggle to meet the timeline to have systems with paper backups in place in time for the 2020 presidential primaries. In Pennsylvania, where voting machines are purchased at the county level, Deluzio said the $14 million federal grant that was doled out to counties will finance only about 10% to 12% of the estimated $150 million needed to replace voting machines across the state.

West Virginia: Warner Calls Cyberattack a Warning for Election Cybersecurity | Steven Allen Adams/The Intelligencer

A recent ransomware attack on government computer systems in Harrison County did not affect voter registration systems or other counties, and the West Virginia Secretary of State’s Office is preparing counties for other cyber-attacks leading to the 2020 election. Secretary of State Mac Warner was joined by his staff and county clerks from the region Wednesday at the secretary’s North Central Business Hub in Clarksburg. On June 13, county databases were victims of a ransomware attack, whereby computer services are locked out until a ransom is paid. Offices affected included the prosecuting attorney, the county assessor and the clerk’s office. Ransomware attacks can often happen when someone clicks a phishing link, which allows bad actors access to the computer system. “Everyone is susceptible to this individually, in businesses, in government, and so on,” Warner said. “It’s important to know what we’re doing in West Virginia to stay ahead of this trend and what we’re doing to train folks.” Harrison County Clerk Susan Thomas said the cyber-attack only affected the office’s online access to vital records, estate and probate documents, and tax records. The records are still available for view at the clerk’s office, though re-creating the online database could take years. The FBI and the U.S. Attorney’s Office for the Northern District of West Virginia are investigating the attack.

National: Senate passes bill making hacking voting systems a federal crime | Jordain Carney/The Hill

The Senate passed legislation on Wednesday night that would make it a federal crime to hack into any voting systems used in a federal election. The bill, known as the Defending the Integrity of Voting Systems Act, passed the chamber on Wednesday night by unanimous consent, which requires the sign off of every senator. It would allow the Justice Department to pursue federal charges against anyone who hacks voting systems used in federal elections under the Computer Fraud and Abuse Act. Sen. Sheldon Whitehouse (D-R.I.), Richard Blumenthal (D-Conn.) and Lindsey Graham (R-S.C.) introduced the legislation earlier this year and it cleared the Judiciary Committee in May. "Our legislation to protect voting machines will better equip the Department of Justice to fight back against hackers that intend to interfere with our election," Blumenthal said when the bill was introduced.

National: Top Democrat demands answers on election equipment vulnerabilities | Maggie Miller/TheHill

Sen. Ron Wyden (D-Ore.) is demanding answers from the Election Assistance Commission (EAC) as to how the federal agency plans to secure election equipment amid reports that most machines depend on software that will soon be out-of-date and vulnerable to cyber attacks. In a letter dated July 12 that was released on Monday, Wyden asked EAC Chairwoman Christy McCormick how the agency plans to address this “looming cybersecurity crisis.” “Intelligence officials have made it clear that Russian hackers targeted our elections in 2016, and that they expect similar threats in 2020,” Wyden wrote. “The continued use of out-of-date software on voting machines and the computers used to administer elections lays out the red carpet for foreign hackers. This is unacceptable.” The Associated Press recently reported that the majority of U.S. counties use election management systems that run on Windows 7, an outdated operating system that Microsoft will stop updating in January. The systems are responsible for programming voting machines and tallying votes. Wyden focused his questions on whether products created by Election Systems and Software (ES&S), one of the major U.S. voting equipment manufacturers, would be decertified by the EAC prior to the 2020 elections. According to EAC documentation, the equipment uses Windows 7. Wyden gave McCormick a July 26 deadline to respond to his questions.

National: Microsoft will give away software to guard U.S. voting machines | Ken Dilanian/NBC

Microsoft on Wednesday announced that it would give away software designed to improve the security of American voting machines, even as the tech giant said it had tracked 781 cyberattacks by foreign adversaries targeting political organizations so far this election cycle. The company said it was rolling out the free, open-source software product called ElectionGuard, which it said uses encryption to "enable a new era of secure, verifiable voting." The company is working with election machine vendors and local governments to deploy the system in a pilot program for the 2020 election. The system uses an encrypted tracking code to allow a voter to verify that his or her vote has been recorded and has not been tampered with, Microsoft said in a blog post. Its announcement was timed to coincide with the Aspen Security Forum, an annual conference of current and former intelligence, defense and homeland security officials that kicks off Wednesday in Aspen, Colorado — co-sponsored by Microsoft and others. NBC News is a media partner of the forum. Edward Perez, an election security expert with the independent Open Source Election Technology Institute, said Microsoft's move signals that voting systems, long a technology backwater, are finally receiving attention from the county's leading technical minds.

National: Alarm sounds over census cybersecurity concerns | Maggie Miller/The Hill

Lawmakers are raising concerns that the upcoming 2020 census, which people are expected to fill out primarily online for the first time, is opening the door to potential cyber vulnerabilities. These vulnerabilities were in the spotlight on Capitol Hill on Tuesday as the Senate Homeland Security and Governmental Affairs Committee held a hearing to examine the security of the census, which residents will be able to complete online, over the phone or on paper. The hearing featured testimony from top officials from the Government Accountability Office (GAO), which has added the Census Bureau to its list of “high risk programs” due to cybersecurity and information technology shortfalls.  “Although the Bureau has taken initial steps to address risk, additional actions are needed as these risks could adversely impact the cost, quality, schedule, and security of the enumeration,” Nick Marinos, the director of Information Technology and Cybersecurity at GAO, and Robert Goldenkoff, the director of Strategic Issues at GAO, said in their written testimony. Concerns center around the security of personal data involved in the census, and around securing systems against threats from foreign nations. The anxiety echoes some of the worry surrounding security against cyberattacks from foreign actors during the upcoming presidential election.

National: Secretaries of state plead for more money for election security | Mark Albert/KOCO

The nation’s chief elections officials are pleading for more money from the federal government to shore up the security of crucial voting systems before the presidential contest in 2020, even as such aid appears dead on arrival in the U.S. Senate. Interviews with 10 secretaries of state, conducted by the Hearst Television National Investigative Unit at the annual summer conference of the National Association of Secretaries of State held this year in Santa Fe, New Mexico, found unanimity across party lines. When asked whether their states needed more money for election security, one secretary after another answered in the affirmative. “Absolutely,” responded Pennsylvania Acting Secretary of State Kathy Boockvar, a Democrat. "Absolutely,” seconded Laurel Lee, Florida’s Secretary of State, a member of the Republican party. “Look, we absolutely need more money,” Democrat Alex Padilla, California’s secretary of state, said. "We can always use more money for election security,” said Mac Warner, a Republican who serves as secretary of state in Virginia. But despite the landslide of bipartisan requests, $600 million in additional funding is stuck in the Senate after passing the House last month on a nearly party-line vote.

Georgia: Unclassified DHS memo outlined threats to Georgia elections | Mark Niesse/Atlanta Journal Constitution

The potential for tampering in Georgia’s elections last fall prompted the U.S. Department of Homeland Security to warn election officials to be on guard against foreign interference. A recently released DHS memo, titled “A Georgia Perspective on Threats to the 2018 U.S. Elections,” listed concerns about hacking, misinformation spread through social media and disruptions to election infrastructure.The federal advice came as attorneys for state election officials argued in court documents that fears of hacking and vote miscounting were little more than “a theoretical possibility.”Secretary of State Brad Raffensperger’s office said Monday that cybersecurity has been an ongoing priority since well before the 2018 elections.“This memo is standard information sharing and shows what all levels of government are doing to protect our elections,” said spokeswoman Tess Hammock. “DHS prepared a similar memo for every state. There is no evidence of any successful attempts to interfere in Georgia's elections.”The unclassified DHS document became public Wednesday when it was included as an exhibit in an ongoing lawsuit seeking to prevent the continued use of electronic voting machines. “Foreign governments may engage in cyber operations targeting the election infrastructure and political organization in Georgia and engage in influence operations that aim to interfere with the 2018 U.S. elections,” according to the Oct. 2, 2018, document prepared by the DHS Office of Intelligence & Analysis Field Operations Division for the Southeast Region. The two-page memo didn't specify who might have attempted to tamper with Georgia's elections, but it said their goals could have been “to disrupt political processes, sway public opinion, or to undermine certain political organizations.”

Illinois: Audit: State’s technology department full of waste, unequipped to deal with disaster | Jerry Nowicki/Northwest Herald

In its first two years of existence, the state’s lead technology agency was not equipped to handle technology disasters, maintained servers and computers with inadequate or nonexistent anti-virus protection, failed to implement cybersecurity controls, and did not properly document purchases or property inventory, according to areport from the Illinois Auditor General’s office.  The audit of the Illinois Department of Innovation and Technology — a state agency created in January 2016 through an executive order signed by former Republican Gov. Bruce Rauner — also found that an effort to consolidate financial, human capital and procurement functions for all state agencies will cost $150 million more than initially estimated over a six-year implementation period. The Enterprise Resource Planning System, launched during former Democratic Gov. Pat Quinn’s administration and overseen by the Illinois Department of Central Management Services before being taken over by DOIT, will cost just under $400 million by 2021, up from an initial estimate of $250 million. These findings were among 30 listed in Auditor General Frank Mautino’s report for fiscal years 2017 and 2018, the first two years of operation for the department created to “deliver best-in-class innovation and technology to client agencies.” Jennifer Schultz, a spokeswoman for DOIT, said failure to execute the requirements of the executive order was due to a number of factors, including state government dysfunction.

National: Election security briefings failed to satisfy congressional critics | Tim Starks/Politico

House members and senators emerged from two election security briefings by top Trump administration officials Wednesday with plenty of questions. “There is real interest on the part of members of Congress to know who is in charge or what are the operating procedures for the process to move forward,” said Rep. Bennie Thompson (D-Miss.), chairman of the House Homeland Security Committee. “And the answers were not as clear as they need to be.” Some reportedly didn’t get answers about whether President Donald Trump himself has received a comprehensive briefing. Sen. Angus King (I-Maine) told MC that while he was impressed with the 2020 preparation thus far, more needs to be done. “One of the open questions is, what is the responsibility of the intelligence community to notify a campaign if they're being victimized by a foreign adversary?” he said. As for the administration: “Today we shared with Congress how we continue to bring the full strength, capabilities, and expertise of our departments and agencies to identity and defend against threats to the United States,” agency officials involved in the briefing said in a joint statement. “Just like our successful, whole-of-government approach to securing the 2018 elections, we will work together with our Federal, state, local and private sector partners as well as our foreign allies to protect the 2020 elections and maintain transparency with the American public about our efforts.”

National: As Feds struggle, states create their own anti-election propaganda programs | Kevin Collier/CNN

As the 2020 presidential campaign heats up, individual states are ramping up education efforts to counter the threat posed by foreign disinformation campaigns to US elections. A lack of action at the federal level has prompted many states to craft their own programs designed to counter foreign efforts to undermine American democracy and educate the next generation of voters in schools. "It harms our democratic process when disinformation is at any point fed to voters in our democratic process," Michigan Secretary of State Jocelyn Benson told CNN. "So I do think as secretaries of state, we have a responsibility to it take to the people." Declassified intelligence reports on Russian meddling, by design, refuse to analyze the effectiveness of American opinion. And though most of Russia's known propaganda efforts in the 2016 election were unsophisticated — armies of trolls with often strongly partisan opinions on polarizing subjects — they were effective enough to be widely quoted in the media and cited by a number of political figures, including Texas Republican Sen. John Cornyn, Donald Trump's then-campaign manager Kellyanne Conway, and Michael Flynn, who went on to briefly serve as Trump's national security adviser and was later charged and pleaded guilty to lying to the FBI about conversations with Russia's ambassador.

National: Disabled voters left behind in push to amp up 2020 security, advocates say | Jordan Wilkie/The Guardian

Russian attacks on American democracy in 2016, carried out over the internet, have triggered a national debate over the use of technology in the United States’ upcoming 2020 elections. But some of the best ways to beef up the security of the voting process and fight off future cyber-attacks could have an unintended consequence: limiting access to the vote for people with disabilities. Voting on hand-marked paper ballots – which by definition can’t be hacked – combined with robust audits of how the elections were carried out and how the votes were counted is widely seen as the most secure way to run an election. Cybersecurity experts want hand-marked paper ballot systems, but disability rights advocates want voting machines to be used for all voters, as they are best for disabled access. The two groups have been butting heads over this since the Help America Vote Act (Hava) of 2002, which gave states $3.9bn to buy new voting technology and required every polling place have at least one accessible voting machine. Rather than operate parallel systems – and since it was on the federal dime – many county and state governments decided to purchase voting machines to be used by all voters – something now seen as a security weakness.

National: FEC allow scampaigns to accept discounted cybersecurity services | Maggie Miller/The Hill

The Federal Election Commission (FEC) on Thursday approved a request from a private company to provide discounted cybersecurity services to political campaigns, saying it did not violate campaign finance rules. The decision came in response to a request from Area 1 Security, a California-based company, to offer cybersecurity services to federal political candidates and political committees at discounted rates. The FEC, which has jurisdiction over campaign finance for presidential and congressional elections, decided the arrangement did not violate campaign contribution rules because the company offers similar discounted services to nonpolitical clients as well. The decision allows the company to sell anti-phishing services to federal candidates and political committees for as little as $1,337 per year, according to the FEC. The agency wrote that "doing so would be in the ordinary course of Area 1’s business and on terms and conditions that apply to similarly situated non-political clients."

National: Oh, lovely, a bipartisan election hack alert law bill for Mitch McConnell to feed into the shredder | Shaun Nichols/The Register

Two US lawmakers are pushing a bipartisan bill that would force the Department of Homeland Security (DHS) to alert the public of hacking attempts on election computer systems. House reps Mike Waltz (R-FL) and Stephanie Murphy (D-FL) agreed to reach across the aisle to sponsor HR 3259, the Achieving Lasting Electoral Reforms on Transparency and Security (ALERTS Act). The bill, right now resting in the hands of the House Administration Committee, would require Homeland Security officials issue a notification to Congress, state governments, and local officials whenever they, or any other federal agency, "have credible evidence of an unauthorized intrusion into an election system and a basis to believe that such intrusion could have resulted in voter information being altered or otherwise affected." It seems incredible that this wouldn't already happen, but then we remembered we're living in America in 2019. In addition to state and local authorities, the bill would require individual members of the public be notified when any of their personal information – such as information on voter rolls – is thought to have been pilfered by hackers.