Tennessee: Hack Shows Election Websites Are Vulnerable | NPR

When a WWE wrestler, especially one known for his demonic antics and a move called the “tombstone piledriver,” runs for mayor of your county, you know your election is going to get more attention than usual. But in Knox County, Tenn., it wasn’t the fact that Glenn Jacobs, also known to wrestling fans as Kane, was running for mayor that gained national attention on the county primary day, May 1. It was that the county’s election website, at the time the site was supposed to begin posting election results, came under attack. Malicious cyber actors shut down the county website and broke into the web server, according to county officials and a report done by the cyber security firm Sword and Shield. …”Any web server by definition, is connected to the internet, so it’s directly vulnerable to attacks from the internet,” said Doug Jones, an elections cyber security expert at the University of Iowa.

International: Former U.S. and European Leaders Start Group to Fight Election Hacking | Bloomberg

U.S. and European governments have failed to effectively respond to growing threats from Russia and elsewhere to meddle in elections, according to former officials including former Vice President Joe Biden who say they’re going to help close that gap. More than 20 elections in North America and Europe over the next two years will provide ‘’fertile ground’’ for interference like that seen during the U.S. presidential election in 2016, former U.S. Homeland Security Secretary Michael Chertoff told reporters Friday in Washington. “We’re at a stage now that it’s important to make sure we have a well-rounded exploration of the ups and downs of various policy choices, but that we also treat this with some urgency — we have elections this year,” said Chertoff, who’s co-chairman of the new Transatlantic Commission on Election Integrity with Anders Fogh Rasmussen, the former NATO Secretary General and Danish prime minister.

National: Jigsaw’s Project Shield Will Protect Campaigns From Online Attacks | WIRED

With midterm elections looming and primaries already underway in many states, anxiety has been building over the possibility of cyberattacks that could impact voting. Though officials and election security researchers alike are adamant that voters can trust the United States election system, they also acknowledge shortcomings of the current security setup. Little time remains to meaningfully improve election security before the midterms. But Google parent company Alphabet’s experimental incubator Jigsaw announced on Tuesday that it will start offering free protection from distributed denial of service attacks to US political campaigns. DDoS attacks overload a site or service with junk traffic so that legitimate users can’t access it. For the last two years, Jigsaw’s Project Shield has focused on fighting DDoS where it might be used for censorship around the world, offering free defenses to journalists, small publications, human rights groups, and election board sites. Now, those tremendous resources and that technical expertise will extend to political campaigns.

National: Ryan to delay election security briefing, make it classified | The Hill

Speaker Paul Ryan (R-Wis.) has postponed a briefing for members of Congress on the security of U.S. voting systems so that it can be classified. The move comes after Democrats, including House Minority Leader Nancy Pelosi (D-Calif.), pressed GOP leadership to make the briefing classified so that officials could go into sufficient detail about the scope of the threat and the Trump administration’s efforts to protect digital election systems from hackers.  Sources told The Hill that the briefing, originally scheduled for Thursday evening, has been pushed back as a result of logistical issues that prevented it from being classified. GOP leadership is now working to reschedule the briefing.

Florida: UWF Center for Cybersecurity partners with FDLE to enhance cybersecurity | UWF Newsroom

On the heels of a cyberattack that grounded city services in Atlanta, employees entrusted with protecting their agencies trained on how to thwart attacks during two courses at the University of West Florida. The UWF Center for Cybersecurity partnered with the Florida Department of Law Enforcement and Texas A&M Engineering Extension Services to host the courses on May 10-11 at the UWF Conference Center. Employees from the FDLE, Escambia County Board of County Commissioners, Escambia County School District, Okaloosa County Board of County Commissioners and First Judicial Circuit of Florida, among others, participated in the training sessions less than two months after the ransomware attack in Atlanta. “I think the best solutions are always the collaborative ones, so that we can combine efforts to bring more cybersecurity knowledge and awareness to the community and enhance the resiliency of our region and state,” said Dr. Eman El-Sheikh, UWF Center for Cybersecurity director.

Tennessee: Knox County election cyberattack was smokescreen for another attack | Knox News

Knox County IT director Dick Moran and county IT staff were ready for Election Day and the higher amounts of traffic that would undoubtedly come to the county election commission website with former WWE wrestler, Glenn Jacobs, on the Republican ballot. At 7:50 p.m. Moran instructed the website be checked to make sure the early voting results could be posted when the polls closed 10 minutes later. Everything checked out. Everything was working. Sign Up: Get breaking news headlines in your inbox. Seven minutes after his request, Knox County’s election commission website was attacked and the results, although not impacted by the attack, wouldn’t be displayed until nearly 9 p.m., sowing more chaos into an already energetic and unpredictable night. All of the disruption, it has been determined since, was an effort to distract the county while another, simultaneous attack was happening behind the scenes accessing county information, according to Moran and Deputy IT Director David Ball.

National: Homeland Security unveils new cyber security strategy amid threats | Reuters

The U.S. Department of Homeland Security on Tuesday unveiled a new national strategy for addressing the growing number of cyber security risks as it works to assess them and reduce vulnerabilities. “The cyber threat landscape is shifting in real-time, and we have reached a historic turning point,” DHS chief Kirstjen Nielsen said in a statement. “It is clear that our cyber adversaries can now threaten the very fabric of our republic itself.” The announcement comes amid concerns about the security of the 2018 U.S. midterm congressional elections and numerous high-profile hacking of U.S. companies.

National: Legislation would force Trump to fill vacant cyber post | Federal Times

Reps. Jim Langevin, D-R.I., and Ted Lieu. D-Calif., aim to mandate that the Trump administration fill its cyber coordinator position left vacant in the wake of Rob Joyce’s departurein early May 2018. The two congressmen introduced the Executive Cyberspace Coordination Act May 15, 2018, which would create a National Office for Cyberspace in the Executive Office of the President, cementing a new cyber advisory role within the White House into law. “We have had three excellent cybersecurity coordinators since the late Howard Schmidt originated the position. It is an enormous step backwards to deemphasize the importance of this growing domain within the White House,” Langevin said in a news release on the bill. “We need a designated expert to harmonize cyber policy across the many agencies in government with responsibility in this space. We also need clear communication of administration positions on cybersecurity challenges, whether during major incidents or when establishing norms of responsible state behavior in cyberspace.”

National: Google rolls out free cyberattack shield for elections and campaigns | CNET

For about an hour on the night of a primary election in May, residents in Knox County, Tennessee, couldn’t tell who was winning. Hackers had taken down the county’s election tracking website, crashing the page at 8 p.m., right as polls were closing. The county’s IT director, Dick Moran, said the website had seen “extremely heavy and abnormal network traffic.” Its mayor called for an investigation into the cyberattack. The incident showed all the signs of a distributed denial-of-service attack — when attackers flood a website’s servers with traffic until they can’t handle the incoming requests and crash. And it was just the kind of thing that Jigsaw, a tech incubator owned by Google’s parent company, Alphabet, wants to prevent. The company is already expecting even more DDoS attacks as Election Day in the US, on Nov. 6, draws closer. “We have seen that attacks spike in election cycles in different parts of the world,” said George Conard, a product manager for Jigsaw’s Project Shield.

Netherlands: Dutch goverment dropping Kaspersky software over spying fears | phys.org

The Dutch government is phasing out the use of anti-virus software made by Russian firm Kaspersky Lab amid fears of possible spying, despite vehement denials by the Moscow-based cyber security company. The Dutch Justice and Security ministry said in a statement late Monday the decision had been taken as a “precautionary measure” in order “to guarantee national security”. But Kaspersky Lab, whose anti-virus software is installed on some 400 million computers worldwide, said Tuesday it was “very disappointed” by the move. The firm, which is suspected by US authorities of helping the Kremlin’s espionage efforts, also announced Tuesday that it was moving its core infrastructure and operations to Switzerland.

National: Homeland Security unveils new cyber security strategy amid threats | Reuters

The U.S. Department of Homeland Security on Tuesday unveiled a new national strategy for addressing the growing number of cyber security risks as it works to assess them and reduce vulnerabilities. “The cyber threat landscape is shifting in real-time, and we have reached a historic turning point,” DHS chief Kirstjen Nielsen said in a statement. “It is clear that our cyber adversaries can now threaten the very fabric of our republic itself.” The announcement comes amid concerns about the security of the 2018 U.S. midterm congressional elections and numerous high-profile hacking of U.S. companies.

National: Can Government Protect Our Elections From Cyber-Hacking? | The National Memo

For five days in late March, the computers running most of Atlanta city government were frozen—shut down and held hostage by hackers who used ransomware, a pernicious way of extorting money. The attackers breached networks and hard drives. They locked up and encrypted the data. They changed file names to “I’m sorry” and gave its targets a week to pay with cyber currency. “We are dealing with a hostage situation,” Atlanta Mayor Keisha Lance Bottoms said at the time. That nightmarish scenario is exactly what the officials who run state and local elections are seeking to prevent in spring primaries and especially next fall’s general election: a widespread disruption of voting in key locales and races, where the process is held hostage as the press, candidates, supporters and public impatiently demand results.

Pennsylvania: Federal, state agencies monitor voting system for election fraud | WITF

With the Pennsylvania primary underway, state officials are working with the federal Department of Homeland Security to protect voting systems from hacking. Senior Department of Homeland Security official Chris Krebs visited Harrisburg and spoke at a press briefing on election security. In his current role, Krebs is performing the duties of the undersecretary for DHS’s National Protection and Programs Directorate. Krebs said there’s never been successful election hacking in Pennsylvania, and he’s working with the Pennsylvania Department of State to keep it that way. His agency has been helping to identify and fix weaknesses in Pennsylvania’s voting system.

Europe: European spy chiefs warn of hybrid threats from Russia, ISIS | Associated Press

European intelligence chiefs warned Monday that Russia is actively seeking to undermine their democracies by disinformation, cyberattacks and more traditional means of espionage. The heads of Britain and Germany’s domestic intelligence agencies, as well as the European Union and NATO’s top security officials, pinpointed Moscow as the prime source of hybrid threats to Europe, citing attempts to manipulate elections, steal sensitive data and spark a coup in Montenegro. They also cited the nerve agent attack against a former Russian spy in Britain this year that Britain has blamed on Russia. “Our respect for Russia’s people … cannot and must not stop us from calling out and pushing back on the Kremlin’s flagrant breaches of international rules,” the head of Britain’s MI5 spy agency, Andrew Parker, told an intelligence gathering in Berlin.

Pennsylvania: State Waiting For Security Review Of Election Systems | KDKA

As midterm votes are being cast in Pennsylvania and across the country, the U.S. Department of Homeland Security is playing catch-up. Pennsylvania is one of at least 17 states where election officials have requested on-site risk assessments of their election systems. Nearly half those reviews had not been completed by mid-May, including the one for Pennsylvania, which holds its primary election on Tuesday, May 15. A spokesperson for the Pennsylvania Department of State told KDKA-TV the security review will not be completed until June at the earliest. A security review by DHS typically takes two weeks to complete.

India: Facebook is offering a ‘cyber threat crisis’ hotline to Indian politicians | Business Insider

Facebook, on Friday, introduced a “cyber threat crisis” email hotline for politicians and political parties in India. A top company official told TOI that the company is also working on an “election integrity” microsite for the country. With the new hotline, the compromised account and even the Computer Emergency Response Team (CERT), can write to “indiacyberthreats@fb.com”. A cybersecurity guide with basic security do’s and don’ts has also been released by the company. Facebook announced the efforts a day after submitting its responses to the Indian government over the Cambridge Analytica debacle.

Tennessee: Cyberattack on Knox County Election Website Preceded Outage | Associated Press

An intentional cyberattack and suspicious activity by foreign computers preceded the crash of a website that was reporting results in a Tennessee county’s primary elections, a cyber-security firm said Friday. The Knox County elections website suffered the attack, and “a suspiciously large number of foreign countries” accessed the site on May 1, according to the report by Sword & Shield Enterprise Security. The firm hired by the county said those actions were among the likely causes of the crash, which also included a large increase in errors and in overall traffic. Officials have said no voting data was affected, but the site was down for an hour after the polls closed – causing confusion among voters – before technicians fixed the problem.

Florida: Voting officials fire back at Marco Rubio’s criticism over cyber-threats | Miami Herald

As the threat of another attempted cyberattack hovers ominously over Florida’s 2018 election, voting officials in the state are livid at U.S. Sen. Marco Rubio for claiming they are “overconfident” and not taking the possibility seriously enough. “That’s just not the case,” said Clay County Supervisor of Elections Chris Chambless. “We are all deeply concerned about the threat and are taking steps to limit the exposure. I thought that his comments were very inaccurate.” Rubio made his remarks in mid-April at a Florida Association of Counties meeting in Washington. “I don’t think they fully understand the nature of the threat,” Rubio said. Taken aback by Rubio’s criticism, Chambless and a second supervisor, Dana Southerland of Taylor County, separately tried to speak to Rubio. Both told the Times/Herald they got no response from his office.

Idaho: State Legislature website hacked by Italian hacktivist group | East Idaho News

The websites for the Idaho Legislature and Idaho’s iCourt portal were hacked Friday morning by a hacktivist group called AnonPlus Italia. From about 11 to 11:10 a.m., both websites were replaced with a black screen, and a manifesto written in Italian about government and media slavery. (The entirety of the text is posted at the end of this article.) AnonPlus is a sporadically active branch of Anonymous, a loosely connected group of hackers, which claim responsibility for online hacks that take place around the globe. AnonPlus was originally associated with a social network for Anonymous, but that network was later hacked by another group and ultimately abandoned. The name “AnonPlus” has been used occasionally in association with others hacks since then. It appears the most recent iteration of the group began activity this year. Italian media reported this week that AnonPlus had performed a seemingly identical hack — with the same message — on the K-9 Web Protection website, which is part of the Symantec antivirus company. K-9 Web Protection filters internet content.

Tennessee: Global cyberassault caused Knox County election night server crash | Knox News

A surge of traffic from 65 foreign countries – including Albania, Taiwan, Ukraine and New Zealand – helped crash the Knox County Election Commission website in a “direct attack,” according to a security firm’s report made public Friday. Such an attack – which struck the night of the May 1 primary as voters, candidates and reporters watched for results – could only have been deliberate, aimed at a specific weak point on the web server, investigators for Sword & Shield Enterprise Security found. Sword & Shield recommended further testing to determine whether such an assault could crash the server again. Knox County Information and Technology Department staffers performed the tests this week and believe they’ve plugged the hole, Deputy IT Director David Ball said. “We essentially re-enacted the attack and believe we have fixed it,” he said.

Download the Sword & Shield Report on the Knox County Cyberattack

National: Senate report on Russian hacking highlights threats to election tech vendors | CyberScoop

Lawmakers are concerned about a major blind spot in the government’s ongoing effort to protect U.S. elections from hackers. Agencies like the Homeland Security Department have little insight into the cybersecurity practices of election technology vendors. This lack of visibility opens the door to supply chain attacks, according to the Senate Intelligence Committee, which could be otherwise potentially detected or stopped by government cybersecurity experts. The Senate committee’s first installment of a larger report on Russian targeting of the 2016 presidential election was released late Tuesday night. It focuses on assessing the federal government’s response to security threats and provides recommendations for future elections.

National: U.S. Voting System Still Vulnerable To Cyberattacks 6 Months Before Election Day | NPR

As America heads toward the 2018 midterms, there is an 800-pound gorilla in the voting booth. Despite improvements since Russia’s attack on the 2016 presidential race, the U.S. elections infrastructure is vulnerable — and will remain so in November. Cybersecurity expert Bruce Schneier laid out the problem to an overflowing room full of election directors and secretaries of state — people charged with running and securing elections — at a conference at Harvard University this spring. “Computers are basically insecure,” said Schneier. “Voting systems are not magical in any way. They are computers.” Even though most states have moved away from voting equipment that does not produce a paper trail, when experts talk about “voting systems,” that phrase encompasses the entire process of voting: how citizens register, how they find their polling places, how they check in, how they cast their ballots and, ultimately, how they find out who won. Much of that process is digital.

National: States Await Election Security Reviews as Primaries Heat Up | Associated Press

With the midterm congressional primaries about to go into full swing, the Department of Homeland Security has completed security reviews of election systems in only about half the states that have requested them so far. The government’s slow pace in conducting the reviews has raised concerns that the nation’s voting systems could be vulnerable to hacking, especially after U.S. intelligence agencies warned that Russia plans to continue meddling in the country’s elections. Among those still waiting for Homeland Security to conduct a risk assessment is Indiana, one of four states with primaries on Tuesday. Its ballot includes several hotly contested races, including a Republican primary for U.S. Senate. Indiana Secretary of State Connie Lawson said she is confident state officials have done what they can to safeguard Tuesday’s voting, but acknowledged: “I’ll probably be chewing my fingernails during the entire day on Election Day.”

Alaska: Election officials respond to revealed hack attempt | Juneau Empire

As the Alaska Legislature held a Thursday hearing examining the security state’s election system, the Alaska Division of Elections responded to claims that a hacker penetrated its systems on Election Day 2016. Earlier this week, the Anchorage Daily News published details of a previously undisclosed penetration of the division’s computer systems. The division has previously said Alaska was among the 21 states identified by the Department of Homeland Security as targets of Russian vulnerability scans, but it had not discussed an event on the morning of Election Day itself. In that event, exposed by emails first obtained by the ADN (and subsequently obtained by the Associated Press and the Empire), a hacker identified on Twitter as @cyberzeist published pictures of the administrative tools the division uses to share election results with the public.

Colorado: How Colorado became the safest state to cast a vote | The Washington Post

As local officials across the country scramble to hack-proof their voting systems ahead of the midterm elections, there’s one state that is paving the way as a leader in election security. Colorado has done virtually everything election experts recommend states do to stave off a repeat of 2016, when Russian hackers targeted 21 states as part of the Russian government’s massive election interference campaign. The state records every vote on a paper ballot. It conducts rigorous post-election audits favored by voting researchers. Nearly every county is equipped with up-to-date voting machines. Election officials take part in security trainings and IT workers test computer networks for weaknesses. Secretary of State Wayne Williams told me the state benefited from having some of those measures in place before 2016. Once the extent of Russia’s digital campaign in the presidential election became clear, he made it a priority to invest more in them, he said. “If people perceive a risk, they’re less likely to participate in voting,” Williams said. “We want to protect people from that threat, and we want to people to perceive that they are protected from that threat.”

Tennessee: Ukraine computer involved in Tennessee elections attack | Associated Press

Investigators found evidence of a “malicious intrusion” into a Tennessee county’s elections website from a computer in Ukraine during a concerted cyberattack, which likely caused the site to crash just as it was reporting vote totals in this month’s primary. Cyber-security experts hired by Knox County to analyze the so-called “denial of service” cyberattack, said Friday that “a suspiciously large number of foreign countries” accessed the site as votes were being reported on May 1. That intense activity was among the likely causes of the crash, according to the report by Sword & Shield Enterprise Security. “Given the circumstantial evidence_especially the simultaneous proven malicious intrusion from a Ukraine IP address_I think it is reasonable to at least hypothesize that it was an intended event,” David Ball, the county’s deputy director of information technology, added in an email to The Associated Press.

National: Six States Hit Harder By Cyberattacks Than Previously Known, New Report Reveals | NPR

Two years after Russia’s wave of cyberattacks against American democracy, a Senate committee investigating election interference says those hackers hit more states harder than previously thought. The committee also added that it still doesn’t know with complete certainty exactly how much of U.S. voting infrastructure was compromised. The report summary released this week by the Senate intelligence committee gives an overview of initial findings focused specifically on how Russian government operatives affected U.S. elections systems. The full report is undergoing a review to check for classified information.

National: Bolton pushing to eliminate White House cybersecurity job | Politico

President Donald Trump’s national security team is weighing the elimination of the top White House cybersecurity job, multiple sources told POLITICO — a move that would come as the nation faces growing digital threats from adversaries such as Russia and Iran. John Bolton, Trump’s hawkish new national security adviser, is leading the push to abolish the role of special assistant to the president and cybersecurity coordinator, currently held by the departing Rob Joyce, according to one current and two former U.S. officials with direct knowledge of the discussions. The sources spoke on condition of anonymity because of the sensitive nature of deliberations about internal White House operations.

Editorials: It’s up to Trump to prepare for Kremlin cyberattacks. He’s falling short. | The Washington Post

The Obama administration was slow and ineffective in its response to Russian election interference in 2016. But it is now on President Trump and his team to prepare for a new round of Kremlin cyberattacks — and this White House, too, is falling short. That was the upshot of a bipartisan report on Russian election interference that the Senate Intelligence Committee released Tuesday, the first in a series that promises to provide a fairer picture of the Russian threat than what the highly partisan House Intelligence Committee offered following its brief and slanted investigation.