Editorials: Russia will try again this fall. Congress doesn’t seem to care. | Karen Tumulty/The Washington Post

When top intelligence officials went to Capitol Hill one morning this week to give House members a classified briefing on the security of the upcoming elections, only 40 or so bothered to show up. In other words, 9 out of 10 lawmakers thought they had better things to do than listen to an assessment of threats to the integrity of a closely contested midterm that is less than six months away. “Well, it was at 8 o’clock,” Homeland Security Committee Chairman Michael McCaul (R-Tex.) said.

Florida: Is Florida’s elections system safe from a cyber-attack? | Tampa Bay Times

The people who run Florida’s elections used to fret about having enough poll workers and voting machines. Now they talk about incident response teams and threat detectors. They buy expensive sensors that can detect malicious intruders bent on creating havoc. They field sales pitches from election vendors selling cyber-insurance. It may be a matter of time before elections workers have to pass a Level 2 criminal background check — just to be on the safe side. Absentee ballots are important, but so are “hacktivists,” computer hackers on a social or political mission. “A cyber attack is like a hurricane,” said Klint Walker, a U.S. Department of Homeland Security cyber expert. “It’s always brewing out there.”

Florida: Sixteen states apply for election security money. Florida? Not yet. | Tampa Bay Times

Sixteen states have formally applied for federal money to improve their election security in advance of the 2018 vote. Florida is not yet one of them. The state’s chief elections officer, Secretary of State Ken Detzner, says: “We’ve been working on it daily.” The state hasn’t specifically said why up until this week it hasn’t sought the money. Gov. Rick Scott on Wednesday ordered Detzner to seek Florida’s $19 million share of a $380 million fund, part of a spending bill that President Donald J. Trump signed in March. Scott also directed Detzner to hire five cyber-security experts.

New Jersey: Poor Security of New Jersey Election System and Russian Hackers Prompt Move to Revamp | NJ Spotlight

Voting in New Jersey would go retro, using paper, pens and scanning machines, under legislation designed to increase the security of the ballot in the state. Not everyone who testified at the Assembly’s first hearing Wednesday on a new bill (A3991), called the New Jersey Elections Security Act could agree on what voting machines would be best. But all did agree that the state needs new voting machines with a paper trail to allow audits of election results to ensure their accuracy. “We must have an assurance that our votes are accurate and legitimate,” said Assemblyman Vincent Mazzeo (D-Atlantic), both chair of the committee and co-sponsor of the bill. “Where is our democracy without our votes being valid?”

Wisconsin: Elections Commission Outlines Security Spending Plan | Associated Press

Wisconsin Elections Commission staff plan to hire a half-dozen new employees and upgrade software to bolster election security. The commission received a $7 million federal grant in March to upgrade security after Russian actors tried to access a state Department of Workforce Development system before the 2016 election. Staff told the commission Thursday that the Department of Administration has approved hiring six new four-year security positions, including an information technology project manager, an elections security trainer and a voting systems specialist.

Europe: Russian Election Interference: Europe’s Counter to Fake News and Cyber Attacks | Carnegie Endowment for International Peace

In 2016, Moscow brought a threat that has long plagued many Central and Eastern European capitals to the heart of Washington, DC. Russia hacked the U.S. Democratic National Committee’s system and subsequently released the confidential material to the public in a clear attempt to influence the outcome of the 2016 U.S. presidential election.1 The cyber attack was paired with a disinformation campaign whose scope and reach is still being assessed more than a year later. The administration of then president Barack Obama was certainly concerned about potential hacking—especially given the malware attack during Ukraine’s 2014 presidential election—but all evidence to date suggests that the Russian government achieved significant success without actually hacking election infrastructure. The U.S. government was essentially caught off guard.

National: Remember the Age of Paper Ballots? It’s Back | Wall Street Journal

In an era rife with concerns about cybersecurity, election officials are increasingly turning to a decidedly low-tech solution: paper. While security advocates have long considered use of paper a best practice for election integrity, the pace of its adoption has accelerated in the wake of Russian meddling in the U.S. election in 2016. City and county governments around the country and a handful oif states, so far, have moved to replace electronic voting methods with paper ballots or to adopt electronic voting machines that generate paper receipts. Virginia last year, just two months before its state election, phased out all its old electronic touch-screen machines after a demonstration at a hacking conference spotlighted vulnerabvilities in its electronic voting machines. Voters across the state cast paper ballots on election day. In Kentucky and Pennsylvania, meanwhile, state officials have ordered that all new voting equipment have a paper trail.

National: Lawmakers look to fortify federal cyber defenses ahead of 2018 midterms | CyberScoop

A bipartisan pair of House lawmakers have introduced legislation aimed at strengthening U.S. infrastructure ahead of midterm elections this fall. The bill from Reps. Elise Stefanik, R-N.Y., and Val Demings, D-Fla., is an effort to shore up U.S. cyber defenses by, among other measures, urging agencies to fully implement an executive order on cybersecurity that President Donald Trump issued last year. The president’s directive makes agency heads accountable for cyber risk – such as nation-state hacking – that can affect the entire government. Within 60 days of the legislation’s enactment, Trump would owe a report to Congress on what steps agencies had taken to “better detect, monitor, and mitigate cyberattacks.” Stefanik and Demings’s “Defend Against Russian Disinformation Act,” would also boost U.S. military cooperation with NATO. Cybersecurity analysts have held up Estonia, a neighbor of Russia and NATO member, as a model of cyber resiliency.

National: Department of Homeland Security chief Kirstjen Nielsen did not read the official report on Russian interference | Quartz

As the new head of the US Department of Homeland Security, Kirstjen Nielsen took an oath last December to protect the US from all enemies, foreign and domestic. To do that, she runs a 200,000 employee agency tasked with fighting terrorism, handling immigration, and keeping elections secure. But her responsibilities apparently do not include staying up to date on key findings about Russia’s interference in the 2016 presidential election. Nielsen told reporters today that she has never read the publicly available 25-page report on election meddling written by the FBI, CIA, and NSA, and distributed by the Director of National Intelligence last January. … “I do not believe that I’ve seen that conclusion that the specific intent was to help President Trump win,” Nielsen said today. “I’m not aware of that.”

Editorials: America’s elections are vulnerable to manipulation. And Trump is making it worse. | Brian Klaas and Nic Cheeseman/The Washington Post

In 166 days, Americans will go to the polls to elect the next Congress. It will be one of the most consequential votes in modern history. If Republicans retain control of the House and Senate, President Trump will feel vindicated and emboldened, while reluctant “Never Trump” Republicans will be tempted to hold their noses and embrace a winner. But if Democrats take back at least one congressional chamber, Republicans may begin to stand up to a president who promised endless “winning” — but lost instead. Regardless of which party you’re rooting for, all Americans should be able to agree on one thing: The vote must be clean and free of manipulation. In a democracy, citizens must never accept rigged elections. In our new book, “How to Rig an Election,” we showcase striking findings from our research: A large number of elections across the globe are heavily manipulated. Increasingly, elections are becoming contests that are designed so that only the incumbent can win. Across the world, the opposition wins elections only about 30 percent of the time – and the figures are much, much lower in Africa, Southeast Asia, the Middle East and post-Soviet Eastern Europe. Elections without democracy has become the new normal. Nonetheless, don’t make the mistake of thinking that American elections, or those in Britain, are perfect. They aren’t.

Florida: Yesterday money wasn’t there for election cybersecurity. Now it is. What changed? | Miami Herald

Gov. Rick Scott on Wednesday overruled his chief elections official and ordered him to seek $19.2 million in federal money to help counties defend their voting systems against possible cyberattacks in the 2018 election. Scott’s intervention came hours after the Herald/Times quoted the official, Secretary of State Ken Detzner, as saying the federal money would not be available before November because accepting it requires approval by the Legislature — even though that step is a formality that could be done at a brief meeting. “The answer is no,” Detzner said earlier this week when asked if the aid money could be used to improve election systems this year. “We don’t have the authority to spend that money without legislative approval.” That was unwelcome news for county elections officials, who are desperate for money.

Minnesota: Veto Leaves Election Security Money in Limbo | Associated Press

Gov. Mark Dayton’s veto of a massive budget bill means Minnesota can’t tap $6 million in federal funds for election cybersecurity until after the November elections. The federal government allocated the money earlier, but the Secretary of State’s office can’t spend it without legislative authorization. That authorization was in the budget bill Dayton vetoed Wednesday.Secretary of State Steve Simon says he repeatedly asked lawmakers to put the language in a non-controversial, stand-alone bill that Dayton would sign. But he says lawmakers chose the “riskiest path” by putting it instead in a bill Dayton repeatedly promised to veto.

National: U.S. officials warn Congress on election hacking threats | Reuters

Senior Trump administration officials warned Congress on Tuesday of ongoing efforts by Russia to interfere in the 2018 midterm congressional elections as the federal government prepares to hand out $380 million in election security funding to states. At a briefing attended by about 40 or 50 members of the 435-member U.S. House of Representatives, the heads of FBI, Homeland Security Department and the director of National Intelligence told members to urge states and cities overseeing elections to be prepared for threats. DHS Secretary Kirstjen Nielsen told reporters she agreed Russia was trying to influence the 2018 elections. “We see them continuing to conduct foreign influence campaigns,” Nielsen said, but added there is no evidence of Russia targeting specific races.

National: Partisan Split Over Election Security Widens as 2018 Midterms Inch Closer | Roll Call

Democrats and Republicans struck drastically different tones about their confidence in federal agencies’ efforts to secure voting systems and stamp out foreign state-sponsored influence campaigns ahead of the 2018 midterms after a classified meeting on the subject for House members Tuesday. Secretary of Homeland Security Kirstjen Nielsen, Director of National Intelligence Daniel Coats, and FBI Director Christopher Wray were among the officials who briefed lawmakers and answered their questions about what their agencies are doing to combat potential Russian, Iranian, Chinese, and other nations’ attempts to undermine the midterms. Roughly 40 to 50 lawmakers showed up to the meeting, which House Speaker Paul D. Ryan organized for all House members. Democrats who attended left largely unsatisfied.

Florida: State wont tap into $19 million of federal election money in time for 2018 elections | Sun Sentinel

Florida doesn’t plan to tap its $19.2 million allocation from the federal government to enhance election cybersecurity in time for this year’s primary election in August or general election in November. A total of $380 million was allocated for the states to improve election security and technology. The money was contained in the massive federal budget deal passed in March. Florida’s top election official, Secretary of State Ken Detzner, said Tuesday the state wouldn’t be spending the money for this year’s elections. “The answer is no,” he said during a break at the spring conference of the Florida State Association of Supervisors of Elections in Fort Lauderdale.

Minnesota: Dayton Has Yet To Sign Omnibus Bill That Includes Money for Election Cyber Security | KSTP

The massive omnibus spending bill Gov. Mark Dayton has suggested he may possibly veto includes federal money Minnesota could use for election cybersecurity. President Donald Trump signed the Consolidated Appropriations Act of 2018 in March. It authorized funding to states for elections under the Help America Vote Act of 2002. But in order for the money to come to Minnesota for cyber security, it must be approved by the legislature and governor. Minnesota’s share of the federal funds is $6,595,610, according to the Secretary of State’s office.

Mississippi: Bennie Thompson and Delbert Hosemann spar on status of grant paperwork to U.S. EAC | Y’all Politics

On Monday, Congressman Bennie Thompson sent a letter to Mississippi’s Secretary of State Delbert Hosemann asking him to submit paperwork on behalf of the state so that grant funding from the U.S. Election Assistance Commission would be eligible to the state. … “Russian interference in the 2016 election was a watershed moment for our democracy,” Thompson wrote in the letter. “Russia’s efforts have affected public confidence in elections and its efforts have shown no signs of cooling. Mississippi currently uses a combination of paper ballots and direct recording electronic voting machines (DREs) without a voter verified paper audit trail (VVPAT).” … Just yesterday the Chairman for the U.S. Election Assistance Commission, Thomas Hicks, sent a letter to the editor of POLITICO in response to a letter published on May 17, “So far, few states have sought federal money to secure elections.”

Colombia: Days before vote, Santos calls emergency meeting over election fraud claims | Colombia Reports

Colombia’s President Juan Manuel Santos on Monday agreed to investigate piling election fraud accusations a day after rejecting the fraud claims as “extreme left” inventions. Santos said he would organize a top-level meeting with ministers, judicial authorities and the military on Wednesday to discuss the piling fraud allegations. The meeting will take place just four days ahead of presidential elections after leftist candidate Gustavo Petro, a staunch anti-corruption crusader, called on his supporters to take to the streets when polls close on Sunday.

United Kingdom: US elections are under threat from cyberattacks — and so are yours | Matt Rhoades/Politico.eu

When we talk about the integrity of elections, we tend to think about voter registration, transparency of donations, or the secrecy of our ballots. But on both sides of the Atlantic, the most disturbing new threat is the specter of cyberattacks against our campaign infrastructure. Whether in the wake of the U.K.’s EU referendum in June 2016, the U.S. presidential election that November, or the 2017 British general election, newspapers have been filled with endless speculation about foreign governments attempting to influence the outcome of elections. Unfortunately, much of the debate on the topic has become a partisan political tool used by both sides to make accusations against each other — creating chaos, just as cyberattacks are intended to do. What is deadly serious is the prospect of a malicious actor — who could be a foreign government, domestic extremist group or a single individual — acting to degrade the integrity of elections in the U.K.

National: Congress to receive classified briefing on election security Tuesday | The Hill

House Speaker Paul Ryan (R-Wis.) has rescheduled a briefing for Congress on election security, which will now be classified, for Tuesday morning. Top U.S. officials are expected to brief lawmakers behind closed doors on current threats and risks to the election process and efforts by the Trump administration to help state officials secure their digital voting assets from hackers. The briefing will take place at 8 a.m. and will be classified, according to an aide for Ryan. The briefing was originally expected to take place last Thursday and be unclassified but closed to the public.

Connecticut: State Works To Fend Off Cybersecurity Attacks On Election | CT News Junkie

Two days after President Donald Trump eliminated the position of cybersecurity coordinator on the National Security Council, Secretary of the State Denise Merrill convened the second meeting of the Elections Cybersecurity Task Force. At the very beginning of the meeting, Merrill reminded the task force that the election system faces several threats, including natural ones, like the tornadoes that touched down in the state last week and caused more damage than some hurricanes in several towns. She said they have emergency protocols in place for what happens if a polling place loses power, but are still putting plans together for emergencies that might not be as easily detected. “This will be the first statewide election following Russia’s attempt to interfere with our election infrastructure right here in Connecticut,” Merrill said.

Florida: Supervisors Focus On Security Ahead Of Fall Elections | WLRN

Supervisors of elections throughout Florida are preparing for the upcoming election season, with the secruity of the voting process being a top priority. After the 2016 elections, such elements as voter registration rolls and machines were designated as “critical infrastructure.” That means more funding from the Department of Homeland Security has poured into local elections offices to help protect them. Hillsborough County Supervisor of Elections Craig Latimer said that money has allowed local elections officials like himself to check the security of registration information and the machines voters will use to cast their ballots.

National: We surveyed 100 security experts. Almost all said state election systems were vulnerable. | The Washington Post

We brought together a panel of more than 100 cybersecurity leaders from across government, the private sector, academia and the research community for a new feature called The Network — an ongoing, informal survey in which experts will weigh in on some of the most pressing issues of the field. (You can see the full list of experts here.) Our first survey revealed deep concerns that states aren’t prepared to defend themselves against the types of cyberattacks that disrupted the 2016 presidential election, when Russian hackers targeted election systems in 21 states.  “We are going to need more money and more guidance on how to effectively defend against the sophisticated adversaries we are facing to get our risk down to acceptable levels,” said one of the experts, Rep. Jim Langevin (D-R.I.), who co-chairs the Congressional Cybersecurity Caucus. Congress in March approved $380 million for all 50 states and five territories to secure their election systems, but Langevin says he wants more. He introduced legislation with Rep. Mark Meadows (R-N.C.) that would provide election security funding to states if they adhere to new federal guidelines for identifying weaknesses in their systems and auditing election results. “I hope Congress continues to work to address this vital national security issue,” Langevin said. 

National: Congress is offering millions in election security. States may not use it by November. | The Washington Post

States are now free to claim their shares of the hundreds of millions of dollars Congress set aside to secure election systems across the country. But for many states, getting their hands on the money – and deciding how to spend it – is easier said than done. In Minnesota, Secretary of State Steve Simon (D) told me he wants to use part of the $6.6 million in federal funds his state was awarded to hire three coders to immediately upgrade the state’s aging voter registration system. The clock is ticking: Minnesota was one of the 21 states that had election systems targeted by Russian hackers during the 2016 presidential race. With U.S. intelligence agencies warning the midterm elections are likely to be hit by another wave of cyberattacks, states are scrambling to secure their voting infrastructure by November. But Simon says he might not get the funds he needs in time. Under Minnesota law, only the Republican-controlled legislature can release that money — and local politics have left lawmakers in a stalemate over how to proceed. Right now, language to approve the funds is tucked in a spending bill the Democratic governor has threatened to veto for an array of unrelated issues. 

National: Just 13 States Have Requested Funds Congress Set Aside to Secure Election Systems | Gizmodo

Thirteen states have withdrawn a total of nearly $88 million from an election security fund established by Congress in March, but more than 75 percent of the funding has yet to be dispersed. The $380 million fund, established as part of Congress’ omnibus appropriations bill, is meant to aid state officials in securing and improving election systems, whether through technical upgrades, cybersecurity audits, or by replacing vulnerable paperless electronic voting machines with paper-based systems. Although it makes up only fraction of what some experts say is needed—the Center for American Progress, for example, has suggested $1.25 billion over a 10-year period, which is close to what Democrats pushed for in February—the funding will ostensibly go a long way toward ensuring the continuation of free and fair elections in the United States, namely by hardening certain systems against hackers who might seek to tamper with the results.

Editorials: Congress must act to restore the integrity of American elections | Donna Brazile/The Hill

Before the 2017 German election, Angela Merkel issued a loud call to build an election firewall. Everyone listened. By contrast, Eric Rosenbach, in charge of cybersecurity for the Defense Department from 2011 to 2017, told the Financial Times, “They [the states] are just not equipped to be fighting the pointy end of the spear of the Russian [intelligence agency] GRU.” He got that right. Are people listening? To some extent, they cannot hear through the constant distractions. It’s time to issue a loud call to protect our upcoming midterm elections from foreign interference. Where are we now? In April, 38 states took part in an election “cybersecurity bootcamp” conceived and directed by Rosenbach. A few weeks later on May 4, the White House issued a readout of President Trump’s meeting on election security: “The president received an update about current federal election security-related efforts, including…best practices like using paper ballots, issuing security clearances, and conducting security assessments.”

Florida: Russian hackers, long lines, voting data: What Florida elections officials are talking about this week | Tampa Bay Times

The people who count votes in Florida realize the eyes of the nation will be on them again as millions of people make their choices in the 2018 election. Supervisors of elections from the state’s 67 counties will meet this week at a Fort Lauderdale oceanfront resort hotel for three days of brainstorming. They’re preparing for a trouble-free midterm election in the nation’s premier battleground state, with its long history of close races and nail-biting election nights. Here are five specific issues they will deal with at their annual summer conference. The possibility of more malicious attempts, especially from Russian hackers, to disrupt Florida’s election is on every election supervisor’s mind. “It’s the No. 1 priority on every election supervisor’s preparation list,” said Pinellas Supervisor of Elections Deborah Clark. Supervisors will hear from a top official of the U.S. Department of Homeland Security on what more should be done to protect the integrity of voting systems. The conference comes just days after President Donald J. Trump eliminated the position of national cybersecurity coordinator.

National: Election hacking puts focus on paperless voting machines | Associated Press

As the midterm congressional primaries heat up amid fears of Russian hacking, an estimated 1 in 5 Americans will be casting their ballots on machines that do not produce a paper record of their votes. That worries voting and cybersecurity experts, who say the lack of a hard copy makes it difficult to double-check the results for signs of manipulation. “In the current system, after the election, if people worry it has been hacked, the best officials can do is say ‘Trust us,’” said Alex Halderman, a voting machine expert who is director of the University of Michigan’s Center for Computer Security and Society. Georgia, which holds its primary on Tuesday, and four other states — Delaware, Louisiana, New Jersey and South Carolina — exclusively use touch-screen machines that provide no paper records that allow voters to confirm their choices.

National: White House Eliminates Cybersecurity Coordinator Role | The New York Times

The White House eliminated the position of cybersecurity coordinator on the National Security Council on Tuesday, doing away with a post central to developing policy to defend against increasingly sophisticated digital attacks and the use of offensive cyber weapons. A memorandum circulated by an aide to the new national security adviser, John R. Bolton, said the post was no longer considered necessary because lower-level officials had already made cybersecurity issues a “core function” of the president’s national security team. Cybersecurity experts and members of Congress said they were mystified by the move, though some suggested Mr. Bolton did not want any competitive power centers emerging inside the national security apparatus. The decision was criticized by Mark R. Warner, a senator from Virginia and the ranking Democrat on the Senate Intelligence Committee. “I don’t see how getting rid of the top cyber official in the White House does anything to make our country safer from cyber threats,” he wrote on Twitter.

Florida: Amid election cyber-threats, counties plead with state: Send that money | Tampa Bay Times

Faced with cyber-security threats to their voting systems, Florida election supervisors are eager to get access to some of the $19 million in federal election security money Congress sent states nearly two months ago. But they say all they’re hearing from the state is crickets. “We sure wish the money was available. It’s frustrating,” said supervisor Mark Earley in Tallahassee’s Leon County. “This is a big deal. There’s certainly room for improvement, especially in smaller counties.” Congress included $380 million in a 2018 budget bill and in March directed the U.S. Election Assistance Commission to distribute the money to states. President Donald J. Trump signed the budget bill on March 23. “The EAC is releasing this money quickly so that the grants can have an immediate impact,” the commission said on March 29. The money will help counties “immediately begin system upgrades.”