National: Mueller report highlights scope of election security challenge | The Washington Post

Special counsel Robert S. Mueller III’s investigation of the “sweeping and systematic fashion” in which Russia interfered in the 2016 election highlights the breadth and complexity of the U.S. voting infrastructure that needs protecting. From voter registration to the vote itself to election night tabulation, there are countless computers and databases that offer avenues for foreign adversaries to try to create havoc and undermine trust in the democratic process. In addition to targeting the Democratic Party and Clinton campaign in 2016, Mueller noted in his report, Russian hackers also went after election technology firms and county officials who administer the vote — officials often without the resources to hire information technology staffs. [Through email leaks and propaganda, Russians sought to elect Trump, Mueller finds] “The Mueller report makes clear that there’s a much larger infrastructure that we have to protect,” said Lawrence Norden, an election security expert at New York University Law School’s Brennan Center for Justice. “There’s clearly a lot to do before 2020.”

National: Cyber aspects of Mueller report tread familiar ground on ’16 election hacks | InsideCyberSecurity

The redacted Mueller report on Russia and the 2016 elections contains politically contentious elements on collusion and obstruction of justice, but the aspects directly related to cybersecurity largely have been released and absorbed through earlier reports and indictments. The document released Thursday by the Justice Department is in a format that’s not searchable, but there are parts on cyber issues such as botnets, which is heavily redacted, and lengthy discussion of what Russian agents did to hack into computers associated with the presidential campaign of Democrat Hillary Clinton. The basic cybersecurity issues involved have been known for some time and were reflected in the Senate Intelligence Committee’s election-security recommendations issued in March 2018. Intelligence Chairman Richard Burr (R-NC) said Thursday that final reports from his committee’s Russia probe will begin coming out in a matter of “weeks.”

National: Mueller Report: Russia Funded US Election Snooping, Manipulation with Bitcoin | GCN

It is no news by now that the long-awaited Mueller Report has revealed extensive Russian efforts to interfere with the 2016 U.S. presidential election. While much attention has been focused on whether or not president Donald Trump was in any way complicit with these efforts, what is less reported is that the report showed that state-backed Russian operatives used bitcoin extensively in their attempts to impede Hilary Clinton and help Donald Trump’s campaign. According to the report, agents working on behalf of Russian military intelligence used bitcoin to do everything from purchasing VPNs to buying domains hosting political propaganda. This was part of a wide-reaching and apparently successful attempt to hack the 2016 election that saw Trump emerge victorious against all expectations. While this may not be news to anyone familiar with cryptocurrencies, the Russian agents apparently worked under the mistaken assumption that the mere fact of their transactions being carried out using cryptocurrency made them anonymous and untraceable. In fact, as has been demonstrated several times, bitcoin transactions are not that difficult to trace, given the presence of some key data.

National: 2020 Campaigns Are Still Vulnerable to Cyber Attacks | Time

Most Americans aren’t yet paying a lot of attention to the 2020 presidential campaign. The same can’t be said for Russian spies. Aides and advisers to the vast field of Democratic hopefuls are ringing alarm bells, telling their bosses they should assume that Moscow is laying the groundwork to disrupt, if not derail, their campaigns, just as Russian intelligence did to Hillary Clinton’s in 2016. But interviews with the campaigns show cyber security is a secondary concern, with most of the campaigns contacted by TIME say they have not “finalized” their tech plan or hired a security chief. The biggest problem is money. Every campaign focuses vast amounts of effort raising money to compete on ground troops, ads and campaign offices in key locations. Spending precious cash on cyber tools, whose successful deployment results in a non-event, is hard to defend. “There’s nothing sexy about it,” says Mike Sager, the chief technology officer at EMILY’s List, a group that works to elect women who support abortion rights. But, he says, “the folks who have been through it, who know what happens when you don’t do this, get it.” Nobody disputes the threat. Russia’s larger goals remain the same as they were in 2016: making American democracy look bad. “It is about the legitimacy of democracy and about the trust people have in their democracy,” said Eric Rosenbach, a former Pentagon chief of staff who now heads Harvard’s Defending Digital Democracy program. “Unfortunately, there are a lot of different ways in the information age that bad actors and nefarious nation-states can undermine that.”

National: Democrats Urge Judge Not to Dismiss Russian Hacking Suit | Bloomberg

While much of the U.S. was poring over the Mueller Report, the Democratic National Committee argued Thursday that its civil suit against President Donald Trump, the Russian Federation, WikiLeaks and members of the Trump campaign and White House should go forward. The DNC claims the defendants violated U.S. racketeering, computer fraud and other laws by conspiring to hack emails from DNC computers and leak them in advance of the 2016 election in a “brazen attack on American democracy.” The conspiracy sought to help Trump become president and continued into his presidency, according to the DNC. “After securing Trump’s grip on power, defendants worked tirelessly to keep it, lying to the American public, Congress, the Justice Department and the FBI to conceal any misconduct that jeopardized Trump’s presidency,” the DNC said in court papers filed late Thursday in Manhattan federal court.

Editorials: It’s up to Congress to prevent Russian interference from happening again | The Washington Post

Whether President Trump obstructed justice is a crucial question, the answer to which special counsel Robert S. Mueller III implied but did not state clearly. What is crystal clear in his 448-page report is a conclusion that Mr. Trump, charged with making the highest-level national security decisions, has routinely denied: “The Russian government interfered in the 2016 presidential election in sweeping and systematic fashion.” One reaction from Congress must be to weigh the evidence of obstruction. The other must be to ensure that Russia — and any other hostile actor — does not succeed in interfering again. Mr. Mueller, confirming the long-standing conclusions of the U.S. intelligence community, found that the Kremlin ran a social media campaign that evolved from a program “to provoke and amplify political and social discord in the United States” and “to sow discord in the U.S. political system through what it termed ‘information warfare’” into one “that favored presidential candidate Donald J. Trump and disparaged presidential candidate Hillary Clinton.” Meanwhile, Russian military intelligence hacked the Democratic National Committee’s servers and the Clinton campaign, then released damaging material at strategic times. It remains outrageous that Mr. Trump, having benefited from the Kremlin’s meddling, continually plays down Russia’s election-year activities — and, indeed, has pursued a closer relationship with Russian President Vladimir Putin — even while the leaders he picked to run the U.S. intelligence community repeat that Russia is culpable and likely to try again.

Editorials: Russia’s next election hack | Alan Berger/The Boston Globe

It is hardly surprising that coverage of the Mueller report centers on the domestic political effects of the special counsel’s findings. But we Americans would be making a serious mistake if we overlook the international repercussions of a Kremlin influence operation that historians may recognize as Vladimir Putin’s American putsch. It may be that Putin’s troll farms did not need the polling data that Trump backers provided. The hackers employed by Russia’s military intelligence service might have had their own means of determining how to target Bernie Sanders supporters who could be persuaded to stay home or vote for Jill Stein; black voters who could be reminded about Hillary Clinton’s allusions to “super predators”;’ or industrial workers in Michigan, Wisconsin, and western Pennsylvania who voted twice for Barack Obama but were persuaded to vote for Donald Trump to protect their jobs from an imaginary tidal wave of immigrants. However much these operational details might bedevil investigators and the American public, the crucial lesson for autocrats and spy chiefs around the world is that a cheap hacking operation by Putin’s hired temps could shape the political destiny of the most powerful country in the world. And if Trump could be elevated to the White House by Putin’s spooks, maybe he could be replaced by a candidate who would be even more convenient — for Russia and for select friends of the Kremlin.

Arizona: Mueller report says Russian hacking once went through Arizona server | Cronkite News

The road from Washington to St. Petersburg apparently passes through Arizona – at least the cyber-road does. That’s according to the long-awaited Mueller report on the two-year investigation into possible Russian meddling in the 2016 presidential election. Buried in the 448-page report is a little more than a page that said Russian intelligence officers used a “leased computer” in Arizona to help funnel information that was stolen from hacked Democratic Party computers. About half of the page on the Arizona server is redacted because the information relates to an “investigative technique” – one of the areas blacked out from the report, along with information about grand jury testimony, ongoing investigation and privacy concerns. The unredacted portions do not reveal where in Arizona the leased computer was located or which company might have leased it.

Florida: Scott demands FBI information on Russian hacking | Politico

Sen. Rick Scott today demanded that the FBI release information about a suspected Russian hack of at least one Florida county, a revelation that came to light in Thursday’s report from special counsel Robert Mueller. The Florida Republican, in a letter to FBI Director Christopher Wray, asked the agency to provide information to both Congress and the Florida Department of State. He asked the FBI to identify which Florida county had been compromised and gave the agency seven days to comply. “It is my goal to have free and fair elections with zero fraud,” wrote Scott, who noted his push to spend money on election cybersecurity ahead of the 2018 elections. “This is a very serious issue that needs the immediate attention of the FBI.” The FBI did not immediately reply to a request for comment.

Minnesota: While hackers threaten 2020 election systems, politics intruding on security fixes | Minneapolis Star Tribune

Despite broad agreement that foreign hackers will again target American voting systems in 2020, partisan friction in St. Paul and Washington has stalled efforts to bolster election security, with less than a year to go before Minnesotans cast presidential primary ballots. The delay has alarmed elections officials and cybersecurity experts who warn of a repeat of 2016, when Russians targeted Minnesota and 20 other states in what special counsel Robert Mueller’s report, released Thursday, called a “sweeping and systematic fashion.” “Hackers learn from hackers: The question becomes if [Russia] can do it, why wouldn’t any hacker around the world do it?” said Clint Watts, a former FBI agent and cybersecurity scholar. “We can talk Russia all day, but everybody knows this can be done now.” Amid the warnings of Russian interference, Minnesota lawmakers remain at odds over using more than $6 million in federal funds approved by Congress more than a year ago to shore up election security. Minnesota is the only state that has yet to touch its share of the $380 million federal appropriation. At the same time, a measure co-sponsored by Minnesota U.S. Sen. Amy Klobuchar to improve cybersecurity information sharing between federal agencies and local election workers also is at a standstill. Local officials warn that time is running out.

New Jersey: Who will pay to upgrade New Jersey’s voting technology? | WKXW

Counties are preparing to adopt the latest in election technology – but progress could depend on whether and when the state pays for the upgrade. As part of their effort to get lawmakers, freeholders and others familiar with what’s available, the New Jersey Association of Election Officials recently held a trade show at the Trenton War Memorial showing off the current state of technology – items common in some states but rare, for now, in New Jersey. Cape May County Clerk Rita Fulginiti said the pace for the updates will depend on state law and state funding. “It will cost a lot to upgrade to better equipment, but it’s all about the voter and making voting systems accessible to the voter,” Fulginiti said. New Jersey would need to spend $64 million to upgrade all the voting machines in the state, New York University’s Brennan Center for Justice estimates.

North Carolina: Mueller report: Did Russian government hack 2016 North Carolina voting? | Raleigh News & Observer

The Mueller report released Thursday found that Russian spies successfully hacked into a U.S. voting software company during the 2016 elections, and North Carolina officials think there’s a chance it was software that’s in use here. The N.C. Board of Elections now has sent a letter to VR Systems, whose voting software was used by 21 North Carolina counties in 2016. The letter, which was first reported by WRAL, asks the company to “provide immediate, written insurance regarding the security of your network.” The Mueller report didn’t specifically name the company. But VR Systems confirmed in a written statement that it’s the company in question. The company’s software can’t be used to count or change votes. Instead, it manages the electronic polling books used to check in voters, to make sure people don’t vote twice. The Mueller report found that “Russian cyber actors in 2016 targeted” the company, and “installed malware on the company network.” Durham County, which had numerous problems and delays in the 2016 elections, was using the company’s check-in software at the time. The Mueller report does not go into the full extent of the hacking, and while it does say at least one Florida county was hacked, the report does not name any North Carolina successes for the hackers.

Pennsylvania: Pennsylvania is spending millions on election security, but the effort has its critics | PennLive

The release of special counsel Robert Mueller’s redacted report on Russian meddling in the 2016 presidential election brings the issue of election security back into the spotlight. Protecting the integrity of elections is of particular concern to Pennsylvania after escaping an unsuccessful hacking attempt of the statewide voter registration database by Russian operatives in 2016. With the next presidential election now just a year away, county and state election officials are scrambling to make sure they have done everything they possibly can to avoid foreign actors creating chaos when voters go to the polls to elect the nation’s chief executive. Under an order by Gov. Tom Wolf, Pennsylvania is moving to voting machines that leave a paper trail that can be audited. Other efforts include securing the voter registration data. Election officials maintain they are ferreting out potential vulnerabilities that could cast doubt on the integrity of election results and making changes to address them before next year’s primary. That’s why Acting Secretary of the Commonwealth Kathy Boockvar says with certainty, “Pennsylvania voters can be completely confident that when they vote in the presidential primary their vote will be counted accurately.” With those efforts, though, come some resistance from county officials along with concerns, particularly about the cost of new voting systems. Replacing those machines alone is expected to cost between $93 million and $150 million, depending on which system the counties choose, according to Boockvar’s department.

National: Mueller report is a reminder that Russian hack hit House races, too | Roll Call

Special counsel Robert S. Mueller III’s report provided new details Thursday about how Russian agents hacked into Democratic Congressional Campaign Committee computers in 2016, renewing the question of whether the two parties would agree not to use stolen material in future political attacks. Leaders of the DCCC and the National Republican Congressional Committee came close to such an an agreement in late 2018, but talks broke down. The two committees, which have new leaders for the 2020 cycle, have not restarted discussions. The DCCC is interested in re-engaging in talks, according to a source familiar with the committee’s thinking. The NRCC declined to comment. The group’s new chairman, Minnesota Rep. Tom Emmer, was more focused Thursday on attacking the politics of investigating President Donald Trump. “It is time for the emotional, socialist Democrats to knock it off with their childish temper tantrums, accept reality and get back to work,” he said in a statement. DCCC Chairwoman Cheri Bustos could not be reached immediately for comment.

National: Mueller Report Raises New Questions About Russia’s Hacking Targets In 2016 | NPR

While the headlines about special counsel Robert Mueller’s report have focused on the question of whether President Trump obstructed justice, the report also gave fresh details about Russian efforts to hack into U.S. election systems. In particular, the report said, “We understand the FBI believes that this operation enabled [Russian military intelligence] to gain access to the network of at least one Florida county government” during the 2016 campaign. That came as news to Paul Lux, president of the Florida State Association of Supervisors of Elections — which has been working closely with federal authorities to protect their election systems against such attacks. “I haven’t heard even a whisper” about such a breach, Lux told NPR, noting that the report referred to a county “government” office network, not specifically to an “elections” office, although the two are frequently connected. It’s unusual that such a breach would occur and Florida officials would not know about it. For the past two years, election officials around the country have been working with both the Department of Homeland Security and the FBI to share information about potential security threats. They have set up several national communications networks specifically for that purpose.

Florida: Mueller report: Russians gained access to Florida county through spear phishing | Tampa Bay Times

Russian hackers gained access to at least one Florida county’s election computer network during the 2016 campaign, according to Special Counsel Robert Mueller’s report released on Thursday. Mueller’s report said the FBI concluded that the GRU, Russia’s foreign military intelligence agency, sent spear phishing emails to over 120 email accounts used by Florida county officials responsible for overseeing the 2016 election. The emails contained an attached Word document that included malicious software that gave the GRU access to the infected computer. While the hacking attempts were previously reported, the spear phishing effort’s apparent success in at least one Florida county was newly revealed on Thursday. The county was unnamed. “We understand the FBI believes that this operation enabled the GRU to gain access to the network of at least one Florida county government,” the report said. Mueller’s office “did not independently verify that belief.” Paul Lux, president of the Florida State Association of Supervisors of Elections, said he wasn’t aware that any county-level election systems were compromised in Florida. “It is not information that I am aware of,” Lux said in an interview Thursday. “To my knowledge, no counties were compromised. So, my presumption is that. I don’t know which county would have been compromised, and that’s nothing I’ve ever heard of.” The Florida Department of State said they have no knowledge of any successful hacking attempt during the 2016 election.

Illinois: Mueller report confirms Russians ‘compromised’ Illinois State Board of Elections | Chicago Sun-Times

The Mueller Report confirms the Russians tried to hack the Illinois Board of Elections website in 2016. “In one instance in approximately June 2016, the GRU compromised the computer network of the Illinois State Board of Elections by exploiting a vulnerability in the SBOE’s website. The GRU then gained access to a database containing information on millions of registered Illinois voters and extracted data related to thousands of U.S. voters before the malicious activity was identified,” the report states. This was part of an effort of the Russian intelligence agency — the GRU — to determine “vulnerabilities” on websites of more than two dozen states, including Illinois. The Chicago Sun-Times reported on the hacking attempt in 2017. The hack had nothing to do with counting votes in elections in Illinois. The hackers looked at voting registration data: name, address, date of birth, gender and the last four digits in the Social Security number. In all, hackers searched through about 80,000 records, with the elections board confirming the records of just under 3,000 voters were viewed by the hackers.

North Carolina: In wake of Mueller report, North Carolina elections officials want answers from electronic pollbook vendor | WRAL

North Carolina elections officials want to know whether an unnamed voting technology company that Robert Mueller’s report says was compromised by Russian hackers is the same firm that supplies poll book software to more than a dozen counties across the state. In a letter to VR Systems sent Thursday afternoon, State Board of Elections General Counsel Josh Lawson asked the company to provide “immediate, written assurance” about the security of its products, which came under fire two years ago when a leaked intelligence report named the company as the target of a Russian hacking attempt known as “spearphishing.” Mueller’s report, released in a redacted form Thursday morning, notes that, in August 2016, Russian intelligence officers targeted a “voting technology company that developed software used by numerous U.S. counties to manage voter rolls,” installing malicious code on the company’s network. The name of the firm is blacked out due to “personal privacy” exemptions. Lawson said, based on the leaked intelligence report and a separate 2017 federal indictment, that VR Systems was a target of the GRU, the Russian military intelligence agency.

Australia: Electoral Commission spins up cyber ops centre | iTnews

With the date of next month’s federal ballot now set, the agency in charge of Australia’s electoral systems has switched on its new security operations centre to protect against external interference. The short-term SOC capability was established late last month in preparation for Prime Minister Scott Morrison calling the election last week. It will be used it to detect any compromises – or compromise attempts – made against the Australian Electoral Commission’s systems in the lead up to, during and following the May 18 election. The resilience of Australia’s core electoral systems – the age of which remains an ongoing concern for the agency – is particularly acute in this year’s election following Russia’s alleged cyber interference in the 2016 US election. Monitoring services will be provided by Technical Security Services (TSS), which was established by Defence Signals Directorate (now Australian Signals Directorate) alumni Richard Byfield. For up to the next ten weeks or until the results of the election are declared, the company will provide a real-time alerting system for significant cyber security events, as well as at least daily review of log files.

Editorials: Cybersecurity doesn’t stop at the federal level — our states need help | John DeSimone/The Hill

This week, Congress reintroduced the State Cyber Resiliency Act, which encourages state and local governments to strengthen their defenses against cybersecurity threats and vulnerabilities. The bill, originally introduced in 2017, would create and authorize the Department of Homeland Security to run a grant program for states to develop, revise or implement cyber resiliency measures — including efforts to detect, protect, respond to, and recover from cyber threats. This legislation is good news for local government leaders, businesses and civilians who have been victims of ransomware and other forms of cyberattacks targeted at major cities. Local governments are an attractive target for malicious actors, including the massive cyberattack on the city of Atlanta last year and the recent ransomware attack in Albany, NY. As attacks increase in frequency and sophistication, increased funding at the local level is needed for cyber training and enhancing recruitment and retention efforts, ultimately helping ensure public safety. Just because a cyberattack is focused on one city — or even smaller, one sector of infrastructure within a city — does not mean the consequences are minor. In the example of the SamSam ransomware attack in Atlanta, the more than week-long event caused major disruption in five of the city’s 13 local government departments and ultimately cost the city $17 million. Impacting citizens, the system shutdown crippled the court system, limited vital communications involving critical infrastructure requests and forced the Atlanta Police Department to file paper reports. Empowering officials at the state and local level to easily detect and deter such preventable breaches like ransomware could save millions of dollars in damages. 

National: House Homeland Committee wants more cyber funding for DHS | FCW

Twenty-eight members of the House Homeland Security Committee are urging appropriators to boost cyber funding at the Department of Homeland Security above what the White House has requested. In a letter sent to the House Appropriations Committee, the signatories — including Chairman Bennie Thompson (D-Miss.) and ranking member Mike Rogers (R-Ala.) — asked for a raise in the spending cap for DHS cyber spending, saying years of flat funding levels at the department will not be enough to “properly resource” the newly established Cybersecurity and Infrastructure Security Agency and its mission. “We urge the committee to break from the status quo and increase the Homeland Security Subcommittee’s 302(b) allocation commensurate with the threat,” the members wrote. “It is imperative that [the allocation] enable CISA to mature and grow the services it provides to secure federal and critical infrastructure networks.” The letter cited increasing threats to federal data, election infrastructure, critical infrastructure sectors and “long-standing threats from nation-states, terrorists, transnational criminal organizations and other malicious actors” to justify an elevation in funding. Members highlighted how past funding increases have helped DHS and CISA expand their services to state and local governments to secure election and voting systems and incorporate additional federal agencies into cybersecurity programs like Einstein and Continuous Diagnostics and Mitigation.

National: How Will Cybersecurity Influence the 2020 US Election Cycle? | HeadStuff

The air is undeniably tense surrounding the next United States presidential race. Not only does the Land of the Free currently have one of the most controversial commanders-in-chief in its history, but the issues at stake are being approached from more partisan, polarised angles than ever before. Whether it’s women’s rights, the tax plan, or guns and public health, you cannot deny the stiff atmosphere in politics today. There’s a topic that’s become a bigger issue than it was four years ago, however: data protection. Cybersecurity is already a hot topic in the media. Of course, data security was previously a concern to the people who knew a thing or two about it, but the public was largely focused on other issues. But now, cybersecurity has become a public cause of concern. With the emerging news in the last few years about Russia’s attempts to tamper with the 2016 election, the American people are skeptical like never before. This begs a few questions: What role is cybersecurity going to play in our upcoming presidential debates? How will it be discussed in the media? And how will the public come down on these important issues?

National: The cyber teams that helped stop Russian election interference | Fifth Domain

When Pentagon leaders tasked Air Force cyber teams with helping prevent Russian trolls from influencing the 2018 midterm elections, it marked the first time those forces were tasked with such a mission under new authorities. Department of Defense has openly discussed their success in keeping the midterm elections free from Russian interference, but officials have provided few details about which teams were tasked with doing so. During an April 11 event at Langley Air Force Base, Gen. James Holmes, commander of Air Combat Command, said Maj. Gen. Robert Skinner, the head of Air Forces Cyber, was ordered and given the authority to defeat Russian influence operations. “It’s the first time we’ve really had the authority to go operate and do that in the cyber environment,” Holmes said. Cyber authorities have typically been held at the highest levels of government making them difficult to be approved for rapid use, but over the last year the Trump administration has begun to loosen those restrictions in an attempt to make it easier for commanders to employ cyber tools faster and react more quickly to adversaries in a domain that is measured in milliseconds.

Minnesota: Simon: Federal election money shouldn’t be budget bargaining chip | Mankato Free Press

The Minnesota Legislature shouldn’t delay up to $6.6 million in federal election cybersecurity funding to use as potential end-of-session bargaining, according to Secretary of State Steve Simon. Simon made several stops in south-central Minnesota Monday to discuss the upcoming 2020 election with local officials. The secretary of state stopped at Gustavus Adolphus College to praise students’ efforts to increase voter turnout. He also shared concerns he has with lawmakers delaying discussions on federal funding. “Every state in the country has it,” Simon said after a meeting with Blue Earth County officials. “We’re the only state that doesn’t. And it’s inexcusable.” Congress approved $380 million in additional election cybersecurity money following the 2016 elections and numerous attacks on state election systems. While 45 states automatically received funding, Minnesota — which gets $6.6 million under the updated Help America Vote Act — is one of five states that needs lawmaker approval before the Secretary of State’s Office gets that money. Simon made a $1.5 million request from lawmakers last year to free up money before the 2018 election, as Minnesota was one of 21 states targeted by foreign hackers attempting to get access to voter information during the 2016 election. That request was rolled into a $1 billion supplemental budget bill then-Gov. Mark Dayton vetoed. The DFL-controlled House passed a new bill in February allowing election officials to get all $6.6 million. Yet the GOP-controlled Senate passed a bill that only freed up Simon’s original $1.5 million request.

Europe: The EU is not ready to deal with Russian influence in its elections. Here’s why | CNBC

The European Union is having a hard job building a sufficient firewall when it comes to election interference, experts have told CNBC. The European Parliament — the EU’s legislative arm — has launched a campaign to tackle online disinformation ahead of its elections in May. But there are certain loopholes that mean there could still be outside influence in the vote. “Russia will attempt to influence the parliamentary elections using its usual tool kit, including targeted propaganda, and the stealing and leaking of information,” Andrew Foxall, director of the Russia and Eurasia studies at the Henry Jackson Society, told CNBC via email. He added that there are a number of steps that European institutions should take to prevent such influence. EU countries could share information with each other on “fake news” stories or disinformation; make public any influence attempts — whether from Russia or elsewhere; pledge not to use stolen data in their campaigns and make campaign financing more transparent, Foxall said. The Russian government was not immediately available for comment when contacted by CNBC.

Israel: Can Israel’s election count be tampered with? An official explains the process | The Times of Israel

Last Thursday, two days after the elections, New Right party leader Naftali Bennett learned that his party was about 1,380 votes shy of earning any seats in the Knesset and demanded a recount, hinting at possible foul play. Sources in his party went so far as to allege that the elections were being “stolen” via a corrupted count. On Sunday, the Central Elections Committee granted Bennett access to the original “double-envelope” ballots — the “extra” votes from soldiers and diplomats on whose votes New Right had pinned its hopes of making it into the Knesset — so that he could confirm for himself that the count was honest. At the same time, the committee chastised his party for its insinuations of wrongdoing. In addition to New Right, several parties, including United Torah Judaism and Meretz, were in touch with the committee in the days immediately after the election over what they believed were mishandled ballot boxes. With the votes finalized on Tuesday — and UTJ bumped up a seat, Likud down a seat, and New Right still outside the Knesset — Bennett’s party remained insistent that it was the victim of fraud in the vote-counting process, asserting discrepancies in 8% of ballot boxes. The Central Elections Committee dismissed the claim as unfounded.

Philippines: System reviewers: Automated election system tough to hack, but Comelec still has to keep close watch | BusinessWorld

Individuals who took part in reviewing the automated election system (AES) that will be used for the midterm elections in May assure its security, but said they will still keep track of the Commission on Elections (Comelec) in ensuring its integrity. Philippine Linux Users’ Group (PLUG) source code reviewer Pablo Manalastas Jr. said that while the system is taxing for those who plan to rig the automated elections, the Comelec still plays a part in upholding the 2019 National and Local Elections fairness. “It’s very difficult for outsiders to hack into the system but it’s not as difficult to hack into the system if you’re a Comelec or a group of Comelec or Smartmatic personnel who knows all the.. access, then you can hack the system,” he said on Monday during the Poll Body’s consultation with the Local Source Code Review Committee (LSCRC) for this year’s elections. “We have to have faith that the Comelec will do its job,” he added. NPC Source Code reviewer Gadburt Mercado, for his part, said, “This is the first time we have been given unprecedented access so we clearly see the commitment of the agency towards ensuring the elections is a really transparent one.”

International: Cyber security: This giant wargame is preparing for the next big election hack | ZDNet

A giant cyber-defence exercise has pitted teams from NATO nations against mysterious hackers trying to cause chaos during the elections of a small, fictional, country. The aim of the annual Locked Shields exercise is to give teams the chance to practice protection of national IT systems and critical infrastructure under the intense pressure of a severe cyberattack. The event organised by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), which describes the event as the largest and most advanced international live-fire cyber exercise in the world. According to the Locked Shields scenario, the fictional island country of Berylia finds itself under a cyber attack just as the country is conducting national elections. The coordinated attacks aim to disrupt water purification systems, the electric power grid, 4G public safety networks, and other critical infrastructure components. The cyber attacks also attempt to undermine the trust in the election result — leading to public unrest.

National: Feds say Russian 2016 election meddling spanned all US states | Naked Security

A multi-agency report has strengthened claims that Russia meddled with election systems in all 50 US states during the last presidential race. The report is called a joint intelligence bulletin (JIB), and it comes from the Department of Homeland Security and the FBI. It is an unclassified document intended for internal distribution to state and local authorities. Intelligence newsletter OODA Loop reports that the JIB reveals stronger evidence of Russian interference. Agencies believe that Russian agents targeted more than the 21 states initially suspected. According to the bulletin:

Russian cyber actors in the summer of 2016 conducted online research and reconnaissance to identify vulnerable databases, usernames, and passwords in webpages of a broader number of state and local websites than previously identified, bringing the number of states known to be researched by Russian actors to greater than 40.

Although there are some gaps in the data, the bulletin claims “moderate confidence” that Russia conducted “at least reconnaissance” against all US states because its research was so methodical, it added.

Ohio: Heading off hackers: Ohio weighs Cyber Force | Dayton Daily News

In January, Akron suffered a “ransomware” attack when hackers shut down the city’s 311 non-emergency phone call system just as city plows were being deployed during a snowstorm. To undo the damage, hackers gave the city a demand: A five-figure sum.Ohio lawmakers are considering legislation — Senate Bill 52 — to deal with that kind of scenario in what they say will be a quick and organized way: The legislation would create a civilian force of 50 to 100 professionals across the state who would work to prevent such attacks and respond when they happen.RELATED: Ohio looks to set up a cyber reserve to fight, prevent attacks The all-volunteer Ohio Cyber Reserve would operate under Maj. Gen. John Harris, the Ohio adjutant general who commands the Army National Guard and the Air National Guard.“There’s so much cyber talent working out there in industry, in business and quite frankly in some municipalities, but we have no way to orchestrate that or organize that,” Harris said in an interview.