National: Cybersecurity Experts Caution Against Calls to Expand Online Voting | Aila Slisco/Newsweek

Calls for an expansion of online voting are being met with concern from cybersecurity experts who caution that votes could be easily manipulated if the practice is widely adopted. West Virginia Secretary of State Mac Warner has recently called for states to expand online voting for overseas military members and people with disabilities that prevent them from voting in person without assistance. West Virginia is one of several states that allow online and mobile voting for overseas military and this year expanded the practice to include disabled people, with 180 voting in a pilot program during the June primary, including 25 disabled people. In 2018, the state was the first to offer voting using a mobile app for service members, with 144 using the technology to vote in that year’s general election, according to a report from the Military Times. In Georgia’s DeKalb County, lawmakers last month called for online voting to become available for all voters throughout the state, according to The Champion. Similar calls have been made by officials and advocates in other states, along with prominent figures like former presidential candidate Andrew Yang, who tweeted about the issue last week. However, cybersecurity experts caution that online voting could present major threats to the integrity of elections since ballots transmitted online are especially vulnerable to attacks from hackers. Limited online voting has been experimented with for years in the U.S., and used on a larger scale in a handful of other countries, but experts say that vulnerabilities are inevitably found in systems when they are examined closely.

National: Democrats say Trump election czar isn’t telling the whole story about Russian interference | Ken Dilanian/NBC

The Trump administration’s election security czar issued a rare statement describing foreign efforts to interfere in the 2020 election Friday. Democrats labeled it misleading, saying it failed to convey the scope of Russia’s interference and how its messaging matches that of President Donald Trump. With just over 100 days until the November election, the statement came from Bill Evanina, a career FBI agent who serves as the top counterintelligence official in the Office of the Director of National Intelligence. Evanina has been given the task of coordinating what to tell Congress and the public about foreign political interference. American adversaries are “seeking to compromise the private communications of U.S. political campaigns, candidates and other political targets,” Evanina said in Friday’s statement, and they “also seek to compromise our election infrastructure, and we continue to monitor malicious cyber actors trying to gain access to U.S. state and federal networks, including those responsible for managing elections.” “In addition, foreign nations continue to use influence measures in social and traditional media in an effort to sway U.S. voters’ preferences and perspectives, to shift U.S. policies, to increase discord and to undermine confidence in our democratic process,” Evanina said. “The coronavirus pandemic and recent protests, for instance, continue to serve as fodder for foreign influence and disinformation efforts in America.”

National: Microsoft Makes Azure Compatible with Election Security Sensors | Phil Goldstein/StateTech Magazine

With a little more than 100 days before the general election on Nov. 3, state governments, nonprofits and technology companies are increasing their efforts to enhance election cybersecurity. In late June, Microsoft announced a partnership with the nonprofit Center for Internet Security, which runs the Elections Infrastructure Information Sharing and Analysis Center. Microsoft has made its Azure cloud platform compatible with election network security sensors from CIS. Separately, CIS launched a pilot program with several states to test and verify voter registration databases, election night reporting systems and other systems. Taken together, they represent increased election security efforts. However, time is running out before Election Day, making it urgent for state and local governments to put new enhancements in place sooner rather than later.

North Macedonia: Russia denies interfering in North Macedonia’s July 15 general election | Valentina Dimitrievska/bne IntelliNews

Accusations of Russian interference in North Macedonia’s July 15 snap general election are “absurd”, Russian foreign ministry spokesperson Maria Zakharova told a news conference on July 23. Many anonymous audio recordings were revealed during the pre-election campaign, compromising politicians from both the ruling SDSM and the opposition VMRO-DPMNE. There were also a series of hacker attacks around election day, including against the State Election Commission (SEC) website. However, no official accusations have been levelled at Moscow in connection to the vote. Zakharova commented on the election in response to a journalist’s question, and accused Western politicians of hypocrisy and a “cynical use of double standards”. “It was not difficult to notice a series of video messages posted by senior Western politicians during the election campaign in North Macedonia that openly and persistently called on people to vote for one or another party. Against the background of this foreign interference, speculations about certain Russian influence are absolutely unfounded and completely absurd,” Zakharova said. The election resulted in a slim victory for the SDSM, which won only two more seats in the parliament than VMRO-DPMNE, making the formation of a new cabinet difficult.

United Kingdom: ISC Attributes Cyber-Attacks and Election Interference to Russia | Dan Raywood/Infosecurity Magazine

Russia has been named as a “highly capable cyber-actor” by the UK government’s Intelligence and Security Committee. Claiming that “the UK is one of Russia’s top Western intelligence targets,” particularly given the UK’s firm stance against recent Russian aggression and the UK-led international response to the 2018 Salisbury attack, the ISC warned that Russia’s intelligence services are disproportionately large and powerful and are able to act without constraint. This has allowed a fusion between state, business and serious and organized crime making Russia an all-encompassing security threat. In terms of the cyber-threat, the ISC report stated that Russia employs organized crime groups to supplement its cyber-skills and carries out malicious cyber-activity in order to assert itself aggressively with democratic interference having “undertaken cyber pre-positioning on other countries’ Critical National Infrastructure.” The report claimed: “Given the immediate threat this poses to our national security, we are concerned that there is no clear coordination of the numerous organizations across the UK intelligence community working on this issue; this is reinforced by an unnecessarily complicated wiring diagram of responsibilities amongst Ministers.”

National: As November Looms, So Do Cybersecurity Concerns for Elections | Adam Stone/FedTech Magazine

The action related to the hotly anticipated primary election season was expected to last for months. With dozens of Democratic candidates still on the ballot for the first primary in New Hampshire, social media taking an active role in campaigning and the threat of foreign influence on the election playing out, election officials were keenly aware of the need to keep the elections secure. Heightened public interest came to a near halt in early March — when former Vice President Joe Biden essentially nailed down the Democratic nomination on Super Tuesday, and the COVID-19 pandemic sent voters home and delayed primaries — but cybersecurity experts remain on high alert as they look to November. When voting patterns get disrupted, the bad actors who watch U.S. elections closely may seek to sway the outcomes, either by tampering with systems or by chipping away at public trust, they say. “This is a highly scrutinized space,” says Geoff Hale, director of the Election Security Initiative at the Cybersecurity and Infrastructure Security Agency, part of the Department of Homeland Security. “Anything that goes wrong can be used to undermine confidence in the institution.”

National: Election officials praised for sharing information, knocked for sharing passwords | Benjamin Freed/StateScoop

State and local election officials have done a “tremendous” job reporting information about potential cyberthreats during the 2020 cycle, a senior Department of Homeland Security official said Tuesday. But some, particularly at the city and county level, are also still in the unfortunate habit of not changing default passwords on new equipment or even sharing credentials, Matt Masterson, a senior adviser at DHS’s Cybersecurity and Infrastructure Security Agency, told the National Association of Secretaries of State online conference. “CISA has observed instances where several people in election-related offices having been sharing passwords over e-mail or default passwords are being used,” read one of the slides Masterson shared. Still, Masterson praised the actions that states’ top election officials have taken over the past few years to secure their network infrastructure and increase the amount of information they share with their counties and with federal entities like CISA, especially through organizations such as the Election Infrastructure Information Sharing and Analysis Center. “We really have a much better picture of the election landscape,” he said. “We’re much more likely to feel a tremor in the Force now compared to 2016.”

National: The future of voting probably still requires a paper backup | Andrew Marino/The Verge

The week on our Vergecast interview series, cybersecurity journalist Kim Zetter talks with The Verge’s Nilay Patel and Russell Brandom about the state of election security in the United States. The circumstances of a pandemic in an election year has complicated the voting process. In an analysis by NPR, it was found that thousands of mail-in ballots for the 2020 primaries were rejected because of late arrival, even in cases where the voter sent it in on time. In the 2020 Iowa caucus, paper backups of ballets needed to be relied upon after an app that was created to tally the votes started giving error messages. Zetter says if we’re going to use computers and software to count votes in an election, there also needs to be another system in parallel to secure the outcome. “You need to have the paper backup,” she says. “You need to have an auditing mechanism in place and an auditing law in place. And then you need the resources given to election officials for this process to succeed by November.”

National: Joe Biden is putting the Kremlin on notice about election interference | Joseph Marks/The Washington Post

Democrats are sounding alarms about foreign election interference and pledging to punch back hard against Russia or any other adversary that undermines U.S. voting. In his most expansive statement to date on the subject, presumptive Democratic presidential nominee Joe Biden pledged to “leverage all appropriate instruments of national power and make full use of my executive authority to impose substantial and lasting costs on state perpetrators [of election interference]” if he wins the White House. “I am putting the Kremlin and other foreign governments on notice,” the former vice president said. “If elected president, I will treat foreign interference in our election as an adversarial act that significantly affects the relationship between the United States and the interfering nation’s government.” Democratic leaders in Congress, meanwhile, publicly released a July 13 letter to FBI Director Christopher Wray suggesting Congress itself is being used as a tool to “launder and amplify” foreign disinformation about the election. The letter didn’t specify how that’s happening but a congressional aide said the claim is based on intelligence information included in a classified addendum to the letter. The letter demands a briefing for all members of Congress. on the threats. It was signed by House Speaker Nancy Pelosi (D-Calif.), Senate Minority Leader Charles Schumer (D-N.Y.), House Intelligence Chairman Adam Schiff (D-Calif.) and Sen. Mark Warner (Va.), top Democrat on the Senate Intelligence Committee.

New York: Board of Elections Gears Up for Cyberattacks on November Elections |David Uberti/Wall Street Journal

New York state is training election officials on cybersecurity measures this week in the latest attempt to shore up voting systems before November. The state’s Board of Elections began a series of exercises Tuesday to simulate potential attacks on local governments such as disinformation campaigns, malware targeting voting machines and the disruption of systems that store voter registration data. The training is aimed at improving collaboration between county boards of elections and information-technology departments, said John Conklin, a spokesman for the New York State Board of Elections. “There’s a little bit of tension there,” he said. “The county boards are in a much better position now than they were in 2016, and even 2018.” County election and IT officials, along with third-party vendors that supply software or other support to governments, are participating in the workshops. They comprise one prong of New York’s strategy to protect the integrity of the vote. The Board of Elections also has produced a risk assessment for each of the state’s 62 counties, created an elections task force to monitor potential threats and provided annual cybersecurity training to local officials since 2018.

West Virginia: West Virginia officials want other states to adopt online voting for deployed troops | Zach England/Military Times

West Virginia was the first state to allow a mobile voting app option for military members — and officials there are hoping others will follow. In 2018, the state offered overseas and military voters the option of using a mobile phone or tablet to vote in an election. In the general election that year, 144 voters stationed in 31 different countries were able to vote using the technology. The mobile voting app was the result of West Virginia Secretary of State Mac Warner’s interest in breaking down barriers preventing servicemembers from easy access to the polls. During almost three decades in the Army, Warner experienced the difficulties of voting overseas. Roughly 200,000 Americans are deployed overseas and in 2016, less than 20 percent of active duty troops voted, Warner said in an op-ed submission earlier this month. “The less than 20% figure weighs on me heavily,” he wrote. “This is an appalling statistic, and one that should be personally offensive to every American. The current COVID-19 pandemic should serve as the catalyst to leverage technology to correct the disenfranchisement of the men and women who put their lives on the line to protect our democracy.”

Australia: Support grows for an Australian active cyber defence program | Stilgherrian/ZDNet

Tuesday’s industry advisory panel input into Australia’s long overdue 2020 Cyber Security Strategy is a grab-bag of ideas, but what jumps out at your correspondent is its support for active cyber defence (ACD). ACD has been at the centre of the UK government’s cyber defences since 2016. It aims to raise the cost and risk of mounting commodity cyber attacks while reducing the return on investment for criminals. The National Cyber Security Centre (NCSC) has deployed anti-spam defences across the .gov.uk domains and is monitoring internet routing to stop DDoS attacks and route hijacks. It’s been remarkably transparent about its progress, and it’s also led to some big wins. While the NCSC is concerned primarily with government networks, telcos and private-sector organisations are able to plug in. The UK’s program is “a best practice model for Australia to emulate”, according to Australia’s cyber industry advisory panel. “The panel strongly supports the increased use of threat blocking for low-sophistication threats,” they wrote. Support for blocking threats at scale was the highest among those on the front lines of the battle against cybercrime — particularly financial institutions.”

North Macedonia: Hacker group warns parties against appointing ethnic Albanian PM | Valentina Dimitrievska/bne IntelliNews

The hacker group AnonOpsMKD, which claimed that it attacked news aggregator Time.mk on North Macedonia’s election day, July 15, warned of “chaos” in the country if parties allow the appointment of an ethnic Albanian prime minister. The biggest ethnic Albanian party, the Democratic Union for Integration (DUI), led by Ali Ahmeti, has effectively been made kingmaker by the election. It says it wants the next prime minister to be an ethnic Albanian and has proposed former politician Naser Ziberi as its candidate, should it enter into coalition with one of the two main parties.  The ruling Social Democrats (SDSM) won 46 seats in the 120-seat parliament, VMRO-DPMNE 44, the DUI 15, the Alliance for Albanians 12, Levica two and the Democratic Party of Albanians (DPA) one. This means that either the SDSM or VMRO-DPMNE would struggle to form a government without the DUI. “Now a threat to all parties — if you allow DUI to make you choose an Albanian as prime minister, in exchange for mandates — expect the entire Macedonia to be turned upside down, a complete blackout will happen within 24 hours, do not play with the Macedonian people!” the hacker group warned.

National: Democrats Warn of Possible Foreign Disinformation Plot Targeting Congress | David E. Sanger, Nicholas Fandos and Julian E. Barnes/The New York Times

Top congressional Democrats warned in a cryptic letter they released on Monday that a foreign power was using disinformation to try to interfere in the presidential election and the activities of Congress, and demanded a prompt briefing by the F.B.I. to warn every member of Congress. While the letter writers, led by Speaker Nancy Pelosi, did not specify the threat, officials familiar with a classified addendum attached to it said the Democrats’ concerns touched on intelligence related to a possible Russian-backed attempt to smear the presidential campaign of former Vice President Joseph R. Biden Jr. They contend that the Russian-linked information is being funneled to a committee headed by Senator Ron Johnson, the Wisconsin Republican who is investigating Mr. Biden and his son, who was once paid as a board member of a Ukrainian energy company. While neither Mr. Johnson’s inquiry nor much of the information in question is new, the Democrats’ letter is an attempt to call attention to their concern that the accusations are not only unfounded but may further Russia’s efforts to interfere again in the American presidential election. The warning had echoes of the 2016 campaign. In August of that year, after receiving briefings from the head of the C.I.A. at the time, John O. Brennan, the Senate minority leader at the time, Harry Reid, Democrat of Nevada, publicly warned of a Russian effort to undermine the 2016 elections. Those efforts accelerated as Election Day approached, and this year Ms. Pelosi and other Democrats, including Representative Adam B. Schiff of California, the chairman of the House Intelligence Committee, have vowed to highlight any similar efforts.

National: Democratic Lawmakers Seek FBI Briefing on Election Interference | Dustin Volz and Andrew Duehren/Wall Street Journal

Democratic congressional leaders asked the FBI to brief lawmakers on foreign interference operations targeting the November elections, saying they were alarmed by what they described as an attempt to influence the workings of Congress. In a letter Monday, House Speaker Nancy Pelosi and Chuck Schumer, the Democratic leader in the Senate, asked Federal Bureau of Investigation Director Christopher Wray for a briefing as soon as possible and no later than the start of the August congressional recess, citing the “seriousness and specificity of these threats.” The letter said the threats were ongoing. “We are gravely concerned, in particular, that Congress appears to be the target of a concerted foreign interference campaign, which seeks to launder and amplify disinformation in order to influence congressional activity, public debate, and the presidential election in November,” the letter said. The request stems from Democrats’ concerns that a Republican investigation into work that presumptive Democratic presidential nominee Joe Biden’s son, Hunter, did for a Ukrainian natural-gas company was being amplified, and possibly driven, by a foreign interference operation likely tied to Russia, a person familiar with the matter said. The written request included a “classified addendum” drawn largely from the executive branch’s own reporting and analysis, a congressional official familiar with the matter said.

National: Inside the Biden campaign’s pushback against foreign interference | Natasha Bertrand/Politico

Joe Biden has released his most comprehensive statement yet warning against foreign election interference and threatening to hold the Kremlin and other foreign governments accountable for any meddling if he is elected president. In the 700-word statement, first obtained by POLITICO, the presumptive Democratic nominee said he “will treat foreign interference in our election as an adversarial act that significantly affects the relationship between the United States and the interfering nation’s government,” and plans to “direct the U.S. Intelligence Community to report publicly and in a timely manner on any efforts by foreign governments that have interfered, or attempted to interfere, with U.S. elections.” He added that he would direct his administration “to leverage all appropriate instruments of national power and make full use of my executive authority to impose substantial and lasting costs on state perpetrators”—including potential sanctions and cyber responses—and will call on the the Pentagon, DHS, the FBI, and the State Department “to develop plans for disrupting foreign threats to our elections process.” Biden’s remarks came on the same day that Democratic lawmakers raised new concerns about foreign influence operations in a letter to the FBI requesting fresh counterintelligence briefings ahead of the election. And they come as Biden’s campaign advisers have begun speaking out with fresh urgency about what they fear could become a serious threat.

National: Spy chief sees 2020 election security as ‘number one goal’ | Lauren C. Williams/FCW

One of America’s top spies said that checking foreign interference in the November vote is a primary concern. “Our number one goal, our number one objective at the National Security Agency and U.S. Cyber Command — a safe, secure and legitimate 2020 elections,” said Gen. Paul Nakasone, who leads both agencies, during an Association of the U.S. Army (AUSA) virtual event on July 20. Nakasone said the goal is to build on lessons learned from 2018 midterm elections for 2020 so the U.S. will, “know our adversaries better than they know themselves.” Nakasone said that to shore up election security efforts, NSA and CyberCom will look to “broaden partnerships” with academia, which have ongoing research efforts that look at social media and influence operations, and respond accordingly when adversaries attempt to interfere with elections. “2018 was a really remarkable year because at that point we had well-trained and well-led forces at U.S. Cyber Command and NSA come together with the right authorities and policies and also match with this idea of having an organizational construct,” Nakasone said.

North Macedonia: Who hacked the website of North Macedonia’s state election commission on election day? | Valentina Dimitrievska/bne IntelliNews

The website of North Macedonia’s State Election Commission (SEC), or to be more exact the site’s election section, was targeted by hackers immediately after polls closed in the snap general election on July 15, leaving the question of who stands behind the attack? Even though the elections passed in a free and democratic manner and were among the most peaceful in the country so far, the denial-of-service (DDoS) attack left a big stain on the election — the first since the country changed its name to North Macedonia and become a Nato member. The election ended with a narrow lead for the ruling Social Democrats (SDSM) ahead of the opposition VMRO-DPMNE. Some VMRO-DPMNE supporters have already indicated they will not accept a new SDSM-led government. The SEC was hacked immediately after voting ended at 9pm on Wednesday. The election section then recovered for few minutes but the results disappeared again, preventing journalists and other interested people from monitoring the election results, which were announced with a huge delay a day after the election. At the same time as the SEC site was brought down, the local news aggregator Time.mk was also hacked, but it recovered more quickly. “We are under DDoS attack,” owner of Time.mk, Igor Trajkovski, said in a tweet at the time of the cyber attack. It was reported that Time.mk was attacked with more than 20mn IP addresses on July 15.

Texas: Judge denies Harris County request to allow email voting for those infected with COVID-19 | Zach Despart/Houston Chronicle

A state district judge on Friday denied a request by Harris County Clerk Christopher Hollins to allow thousands of voters who recently tested positive for coronavirus, and now are quarantined, to vote online in the primary runoff election. The novel voting method never has been used in Harris County, but was permitted for the small-scale North Texas Ebola outbreak in 2014. Judge Larry Weiman, however, said he shared concerns raised by the Harris County Republican Party that online voting was not secure. Weiman, a Democrat, also said at the emergency telephone hearing that the county clerk had not produced an example of a voter being disenfranchised by exposure to coronavirus. “The plaintiff hasn’t shown any injured party,” Weiman said. Hollins sought to allow the estimated 10,000 residents who have tested positive for COVID-19 after the July 2 deadline to apply for a mail ballot. Forcing infected residents to vote in person would put “thousands of other voters at risk,” County Attorney Vince Ryan wrote in the clerk’s court filing.

Malaysia: Government looking into internet voting, Law Minister says | The Straits Times

The Malaysian government is engaging various stakeholders to look into the feasibility of introducing e-voting for the next general election, says Minister in the Prime Minister’s Department Takiyuddin Hassan. Datuk Takiyuddin, who is the de-facto Law Minister, said electronic voting would involve several issues pertaining to data confidentiality, security, cost and voter education. He said the Election Commission (EC) is still not satisfied with the confidentiality and security issues involving e-voting. “Therefore, the EC will continue to engage with the relevant quarters before any decision is put forward to the government,” he said during question time in Parliament on Thursday (July 16). The issue of e-voting has been raised amid talk that the four-month old Perikatan Nasional (PN) government might call for snap elections amid the coronavirus pandemic. The 15th general election isn’t due until 2023 but might be called soon due to the thin parliamentary majority held by PN.

North Macedonia: Election Commission ‘Cyber-Attacked During Polls’ | Bojan Stojkovski/Balkan Insight

The website of North Macedonia’s State Electoral Commission, SEC, suffered an alleged denial-of-service, DDoS, attack for more than three hours during the parliamentary elections on Wednesday. The attack delayed the SEC’s announcement of the official results of the tightly-contested vote on its website and it had to improvise by releasing partial results through YouTube clips instead. SEC officials insisted that the alleged attack did not affect the data that they had been collecting throughout the day. “From what I know so far, this was an attempted external attack. But until this is confirmed, I cannot speculate, we will know more about it tomorrow [Thursday]. The data wasn’t attacked and no damage was caused in the process,” SEC President Oliver Derkovski told a press conference. At the same time as the SEC suffered the alleged attack, the country’s most popular news aggregator TIME.mk was also targeted by a heavy DDoS attack, which took the website down for a couple of hours. The site’s founder, Igor Trajkovski, said that Cloudflare, a US-based website security company, had to block millions of IP addresses involved in the attack.

National: Can Our Ballots Be Both Secret and Secure? | Sue Halpern/The New Yorker

Near the end of last year, I met Josh Benaloh, a senior cryptographer at Microsoft, in a conference room in Building 99 on the company’s sprawling campus, in Redmond, Washington, to talk about a fundamental problem with American elections. When we vote, we take it on faith that our ballots have been recorded—and recorded correctly. This is not always the case. In 2015, in Shelby County, Tennessee, hundreds of votes that were cast in predominantly African-American precincts disappeared somewhere between the polling place and the final tally. Where they had gone, and why, remains a mystery, because the ballots were cast on a touch-screen voting machine that did not provide a paper record. In 2018, three thousand votes went missing during a Florida recount. The next year, eight hundred uncounted ballots were found in a storage closet in Midland, Texas, after a hotly contested school-bond vote. To prevent these types of errors, Benaloh said, “You could, in theory, sign your name on your ballot and watch it go through the system.” In actual elections, however, that is precisely what is not supposed to happen. Our ballots are secret; after we drop them in the ballot box, they are, literally, out of our hands.

National: States Step Up Cybersecurity Efforts Ahead of the 2020 Election | Adam Stone/StateTech Magazine

In the Buckeye State, officials are doing more than just keeping an eye on the upcoming national election. As the threat of cyber tampering looms large, state and local leaders are working diligently to ensure voting is secure. “We want to set the tone for the rest of the nation,” says Ohio Secretary of State Frank LaRose, who last year issued a 34-point directive to guide state, county and local efforts on election cyber strategies. It calls for the use of event logging and intrusion detection tools, along with segmentation — disconnecting voting apparatus from external networks. “We want to make sure our boards of elections aren’t leaving a door open by being attached to other, less secure assets,” LaRose says. Ohio may be out in front, but it is hardly alone. Authorities in all 50 states are taking steps not only to secure the vote but also to ensure that the public perceives that vote as valid. They are getting help from the federal government, including the Cybersecurity and Infrastructure Security Agency, an operational component under the U.S. Department of Homeland Security. Experts say the aggressive action is justified, given the high likelihood that adversarial nations and other bad actors could try to tamper with the ­general election.

Ohio: Cybersecurity experts already see threats to voters in November elections | Larry Seward/WCPO

Ohio cybersecurity experts believe voters are vulnerable to threats as they prepare to cast their ballots in the November election. The Ohio Cyber Range Institute, based at the University of Cincinnati, is working on fighting those threats and protecting critical election infrastructure. As November approaches, Ohio Cyber Range researchers said they see two types of threats on the horizon: Voter manipulation through social media and efforts to fuel doubt in election results. “What we see behind the scenes are actors who are making certain things viral,” said Richard Harknett, the institute’s co-director and head of UC’s political science department. “They use ‘bot nets’ to drive likes and dislikes to get things in front of us that, really, the majority of people are not clicking on.” Harknett said he also believes Russia, China, North Korea and Iran are trying to leverage the coronavirus pandemic to create skepticism of election results by exploiting changes in vote-by-mail processes and delays. He said there is already evidence of this as results came in during May primaries.

National: Language to boost election security removed from Senate intelligence legislation | Maggie Miller/The Hill

A measure that would require presidential campaigns to report attempts by foreign nationals to interfere in elections was removed from the Senate’s bipartisan Intelligence Authorization Act, Sen. Mark Warner (D-Va.) said Tuesday. The clause was based on Warner’s Foreign Influence Reporting in Elections (FIRE) Act, which requires presidential campaigns to report all contacts with foreign nationals seeking to interfere in the election process to both the FBI and the Federal Election Commission. The Intelligence Authorization Act will be included in the Senate version of the 2021 National Defense Authorization Act (NDAA), but according to Warner, the FIRE Act clause was taken out as part of a “backroom deal” in order to get the intelligence legislation included in the must-pass defense funding bill. Warner announced he was proposing the legislation as a separate amendment to the NDAA in order to force members of the Senate to vote on the record about where they stood on election security. The Senate this week is debating its version of the 2021 NDAA. Warner criticized President Trump and Republicans for removing the clause, noting that the Senate had not voted on any standalone election security legislation since Russian agents interfered in the 2016 presidential election.

Voting Blogs: Russia scales up e-voting for key referendum – but misses security issues | Alex Hardy/openDemocracy

The delayed Russian referendum on constitutional reform goes ahead this week as the country emerges from many of the quarantine measures imposed over the past few months to control the spread of the Covid-19 virus. The referendum is being held to amend the Russian constitution, and was unveiled in January. The proposed changes most notably mean that President Putin can legally remain in power until 2036 by making him eligible to stand in a further two Presidential elections, should he wish to do so. Holding a referendum for these changes is not required by law. Such amendments can and have now been authorised by Russia’s regional legislative assemblies. However, the referendum is seen as a show of public legitimacy for these changes. As such, it is important for the authorities that the turnout is seen to be suitably high. Divided opposition movements have been in debate as to whether or not the vote should be boycotted. Meanwhile, the move towards online voting has been presented by the authorities as a move to protect public safety during the Covid-19 pandemic but it also represents an opportunity for the Kremlin to encourage higher voter turnout.

National: Securing voter registration databases takes on added importance in pandemic, DHS official says | Sean Lyngaas/CyberScoop

The expansion of voting by mail during the coronavirus pandemic makes it all the more important that election officials secure voter registration databases from hacking, according to a senior Department of Homeland Security official. The greater amount of absentee voting and mail-in ballots “shifts the risk towards voter registration data security,” Matt Masterson, senior adviser at DHS’s Cybersecurity and Infrastructure Security Agency, said Wednesday during a virtual conference. People voting by mail generally won’t have access to the same provisional-balloting process that those voting in person can use if they’ve been left off of voter rolls due to an administrative error. That makes the integrity of voter registration data all the more important in the era of COVID-19, Masterson said. The novel coronavirus, which has killed more than 120,000 people in the U.S., has forced many states to postpone presidential primaries and ramp up voting-by-mail options. Forty-six states currently offer all of their voters some form of by-mail voting, according to the nonprofit Open Source Election Technology Institute (OSET).

National: Security Flaws in US Online Voting System Raises Alarm Over Potential Vote Manipulation | Byron Muhlberg/CPO Magazine

As the 2020 US presidential election draws nearer, concern is beginning to mount over the potential threat of vote manipulation. Alarm over vote manipulation was once again raised after OmniBallot, an online voting system, was found to be riddled with a host of security risks according to the findings of a recent research paper by Massachusetts Institute of Technology (MIT) and the University of Michigan computer scientists. The research paper, which hit the press on June 7, revealed that OmniBallot’s designer Democracy Live leaves the ballots that it processes susceptible to vote manipulation. What’s more, the researchers found that Democracy Live actively collects sensitive voter information and does not ensure adequate protection of the information while online. As a result, according to the paper, the online voting system runs the risk of providing easy pickings for sophisticated cybercriminals—especially those using ransomware—one that is only exacerbated by the fact that no technology currently exists to mitigate the risks in question.

Indiana: Judge orders Secretary of State to produce documents on voting-machine security | John Russell/Indianapolis Business Journal

A Marion County Superior Court judge has ordered Indiana Secretary of State Connie Lawson to produce documents to back up her claim that the public should not see emails and other communications about the reliability and security of voting machines because they could jeopardize cyberterrorism security. Judge Heather Welch ruled Tuesday that Lawson did not provide adequate justification for withholding the materials and ordered her to produce some of the documents for inspection in chambers. In a 27-page ruling, the judge ordered Lawson to submit the materials that she had withheld based on the counterterrorism exception so that she may examine them in private. A spokesman for Lawson declined comment on Wednesday. The matter arose after a national group of cybersecurity experts sued Lawson last year, saying she has refused to turn over emails and other communications about the reliability and security of voting machines, despite numerous requests.

National: Why You Can’t Just Vote on Your Phone During the Pandemic | Sue Halpern/The New Yorker

When Alex Howard, a resident of Washington, D.C., failed to receive an absentee ballot for the city’s June 2nd primary, he assumed that he would have to vote in person. Then, by chance, on the day of the election, he saw a Twitter post alerting voters of the option to vote remotely over the Internet. Howard, a digital-governance expert at Demand Progress, an advocacy group for good governance, decided to give it a try. “I’m a poker and a prodder and a professional evaluator of government I.T. programs,” he told me. “I like to see how things work.” He was directed to a Web site typically reserved for members of the military, which sent him to a site where he confirmed his date of birth and address. He then logged on to another site to vote. A few minutes later, he e-mailed his completed ballot to the Board of Elections. “There were people who stood in line for hours and hours to vote, and here I was, voting at home on my laptop,” he said. “It was really good for my family from a health standpoint, but whether it’s a good idea at scale—I don’t think so.” He is still waiting to hear if his ballot was received.