Oregon: State seeks to protect state election system from Russia | Associated Press

The state office in charge of Oregon’s elections was granted funding from the Legislature for an Internet security position to protect against Russian government interference and hacking by others, officials said Tuesday. While Adm. Mike Rogers, director of the U.S. Cyber Command and the National Security Agency, said Tuesday in Washington that the U.S. response to Russian meddling and disinformation campaigns has not been strong enough, Oregon has been taking steps to bolster its cyberdefenses. A letter signed by Oregon Deputy Secretary of State Leslie Cummings asked for $166,348 to cover the cost of the new IT security position, saying “Oregon was one of 21 states targeted by Russian government cyberactivities.”

Texas: Officials deny election hack, Democrats raise questions | Austin American-Statesman

Texas officials pushed back against a report that Russian-supported hackers compromised the state’s electoral data system prior to the 2016 election. NBC News, citing classified material, reported that state websites or voter registration systems in seven states — Texas, Alaska, Arizona, California, Florida, Illinois and Wisconsin — were breached by Russian-backed covert operatives. With early voting underway for the March 6 primary, Texas Secretary of State Rolando Pablos said in a statement: “Our agency has seen no evidence that any voting or voter registration systems in Texas were compromised before the 2016 elections, contrary to the suggestions contained in the alleged classified intelligence assessment described, but not shown, to us by NBC News.”

Australia: Electoral Commission ‘satisfied’ with security risks absorbed ahead of the 2016 election | ZDNet

A report from the Australian National Audit Office (ANAO) last month called out the Australian Electoral Commission (AEC) for ditching compliance with Australian government IT security frameworks. In particular, the ANAO said insufficient attention was paid to assuring the security and integrity of the data generated both during and after operation, as the focus was on delivering a Senate scanning system by polling day. Facing Senate Estimates on Tuesday night, Electoral Commissioner Tom Rogers said he was satisfied with the risks that the AEC accepted ahead of its go-live. “They were not untreated risks — we were aware of them,” Rogers clarified.

National: Senate intelligence panel may miss target for election security recommendations | Politico

The Senate Intelligence Committee may miss its target for making election security recommendations to states facing potential Russian disruption during the midterms — but its GOP chairman is eyeing a contingency plan. Sen. Richard Burr (R-N.C.) and the panel’s Democratic vice chairman, Sen. Mark Warner of Virginia, have long eyed next week’s first congressional primaries as their ideal date to release election-protection recommendations. The intelligence committee’s counsel to states would amount to the first formal fruits of their yearlong bipartisan investigation into Russian meddling in the 2016 election.

Maine: U.S. too passive, vulnerable to elections cyberthreat, Sen. King says | Portland Press Herald

U.S. Sen. Angus King is warning that not enough has been done to secure electoral systems across the country from cyberattacks by Russia or other foreign adversaries, and he says President Trump has been making the situation worse by dismissing the threat rather than marshaling a coordinated federal response. “This is such a major threat, and it takes presidential leadership to coordinate an all-of-government response,” said King, who sits on the Senate Intelligence Committee, which has been investigating Russian interference in the 2016 election and beyond. “The CIA, the director of national intelligence, the secretaries of state – these are all pieces, and it takes executive leadership to pull the pieces together and do it. He hasn’t done that.”

New Hampshire: New Hampshire Not Among States Seeking Cybersecurity Help Ahead of 2018 Elections | NHPR

With its paper ballots and in-person registration requirements, New Hampshire’s voting system is less digitally wired — and therefore somewhat less susceptible to cyberattacks — than many of its peers. But this state, like all others, also maintains an online database with personal information on all of its registered voters. Federal security officials have offered to scan these systems for possible vulnerabilities as part of a broader package of “cyber-hygiene” efforts ahead of the 2018 elections, but New Hampshire election officials have said no thanks. More than 30 states have reportedly partnered with the U.S. Department of Homeland Security to safeguard their systems against hacking in advance of this year’s midterm elections. At this point, New Hampshire isn’t one of them — and the state’s elections officials remain wary of allowing the federal government to in any way encroach on their autonomy when it comes to voting procedures.

Wisconsin: For state officials, election security a concern heading into 2018 elections | Wisconsin State Journal

Amid warnings that Russia will again try to meddle in U.S. elections in 2018, state officials are sizing up Wisconsin’s defenses — and saying past missteps must be avoided in working with national-security officials who can spot such threats. The state Elections Commission also hopes lawmakers will act on a request for more funding to hire three more staffers, including at least one position dedicated to election security. Russian government cyberactors unsuccessfully targeted Wisconsin election systems in July 2016 as part of a broader effort to interfere in U.S. elections, federal intelligence officials have concluded. The commission said Homeland Security didn’t notify it until September 2017, about 14 months later, that it believed the attempted cyberattacks came from hackers tied to the Russian government.

National: US mobilises to counter Russian interference in midterm elections | Financial Times

US intelligence and election officials have stepped up efforts to protect this year’s midterm elections over fears that Russia is seeking to influence the public vote and tamper with voting systems. State election officials gathered for two “unprecedented” briefings from intelligence officials last week. “Advanced persistent threats are out there,” said Matthew Masterson, outgoing chairman of the bipartisan US Election Assistance Commission who attended the briefing. Those familiar with the briefing said it focused on the threat from Russia and encouraged states to back up voter databases, regularly patch cyber security lesions and alert authorities of anything suspicious.

National: Homeland Security’s tall order: A hacker-free election | CNET

As lawmakers and federal investigators continue to try to understand the chaos foreign actors were able to create during the 2016 election, the US Department of Homeland Security has taken a central role in helping secure the next election. The agency declared the US election system, which is run by a fragmented group of officials in all 50 states as well as dozens of smaller local governments, to be a part of the nation’s “critical infrastructure” in January 2017. The agency doesn’t have any legal authority over election officials, but it offers programs to help them keep hackers out of voting machines, voter registration databases and public-facing election websites.

Editorials: Safeguarding Elections in the Digital Age | Jimmy Carter/New Europe

New media, including social media, are fueling political polarization as people communicate with general audiences and narrowly focused groups, without the deliberation typical of traditional forms of communication. Hacking, misinformation, “fake news” and cybersecurity threats are expanding the power of a few while undermining public confidence in the accuracy of mass media and information. Politicians are using detailed voter information to play to their bases, allowing them to ignore the rest of their constituents. Democratization, which had advanced steadily for decades, is now threatened by the rise of authoritarian governments and the closing of the political space to civil society, journalists and others. Advances in election technology are also bringing new opportunities and new fears — founded and unfounded — about the security of the election process. Technology is being introduced into electoral processes to promote efficiency, but it also moves voting and counting into the unobservable digital realm.

Legislation: Election Security a High Priority – Until It Comes to Paying for New Voting Machines | ProPublica

“Today’s voting systems are not going to last 70 years, they’re going to last 10,” says U.S. Elections Assistance Commission Commissioner Matt Masterson. While previous generations of voting equipment, lever machines and punch cards, had hardware that could be relied on for decades, today’s technology becomes outdated a lot faster. While election equipment needs to be replaced more often, election administration remains a low funding priority, a ProPublica review of state and local budgets nationwide found. In 2017, Utah appropriated $275,000 to aid counties in purchasing new voting equipment, but $500,000 to help sponsor the Sundance Film Festival. A few years earlier, Missouri allocated $2 million in grants to localities to replace voting equipment the state, while increasing the Division of Tourism budget by $10 million to $24 million.

National: The Myth of the Hacker-Proof Voting Machine | The New York Times

In 2011, the election board in Pennsylvania’s Venango County — a largely rural county in the northwest part of the state — asked David A. Eckhardt, a computer science professor at Carnegie Mellon University, to examine its voting systems. In municipal and state primaries that year, a few voters had reported problems with machines ‘‘flipping’’ votes; that is, when these voters touched the screen to choose a candidate, the screen showed a different candidate selected. Errors like this are especially troubling in counties like Venango, which uses touch-screen voting machines that have no backup paper trail; once a voter casts a digital ballot, if the machine misrecords the vote because of error or maliciousness, there’s little chance the mistake will be detected. Eckhardt and his colleagues concluded that the problem with the machines, made by Election Systems & Software (ES&S), was likely a simple calibration error. But the experts were alarmed by something else they discovered. Examining the election-management computer at the county’s office — the machine used to tally official election results and, in many counties, to program voting machines — they found that remote-access software had been installed on it.

Voting Blogs: Are voting-machine modems truly divorced from the Internet? | Andrew Appel/Freedom to Tinker

The ES&S model DS200 optical-scan voting machine has a cell-phone modem that it uses to upload election-night results from the voting machine to the “county central” canvassing computer.  We know it’s a bad idea to connect voting machines (and canvassing computers) to the Internet, because this allows their vulnerabilities to be exploited by hackers anywhere in the world.  (In fact, a judge in New Jersey ruled in 2009 that the state must not connect its voting machines and canvassing computers to the internet, for that very reason.)  So the question is, does DS200’s cell-phone modem, in effect, connect the voting machine to the Internet? The vendor (ES&S) and the counties that bought the machine say, “no, it’s an analog modem.”  That’s not true; it appears to be a Multitech MTSMC-C2-N3-R.1 (Verizon C2 series modem), a fairly complex digital device.  But maybe what they mean is “it’s just a phone call, not really the Internet.”  So let’s review how phone calls work.

Georgia: Kemp faces new voter security questions amid Russia probe | Atlanta Journal-Constitution

As evidence mounts that Russia is again trying to interfere in U.S. votes, Georgia’s top elections official faces new scrutiny of his oversight of the state’s voting system. Secretary of State Brian Kemp, a Republican candidate for governor, tells voters the state’s elections system is secure and that he doesn’t need additional help from Washington to defend against hackers. But he’s also open to a paper-based voting system, which his critics from both parties say is essential to ensuring the state’s touch-screen voting machines can’t be undermined. And he’s come under fire for past lapses that have left confidential voter data vulnerable. For Kemp, who launched a statewide bus tour Monday, the fears about the state’s voting network are misguided. He said in an interview he’s “completely confident” in the integrity of Georgia’s election system, and brushed aside concerns the state isn’t doing enough to protect the ballots.

Maryland: Officials look to shore up election defenses after Russian tampering | Baltimore Sun

As details emerge of the Russian campaign to influence the 2016 election, officials in Maryland are working to protect the state’s voting system for this year and beyond. State elections officials are working with federal authorities to shore up Maryland’s defenses against tampering with electronic voting systems and electoral rolls. Lawmakers have introduced proposals to fix perceived flaws, audit results more rigorously and to compel greater disclosures about advertising on social media. … Poorvi Vora, a professor of computer science at George Washington University, says Maryland is among the worst of the 50 states in securing absentee ballots. The state allows voters to request absentee ballots through its web site and mark them online before mailing them in. That function is part of the system that allows voters to register online. It’s also the system that hackers probed in August 2016. Charlson said they did not breach it.

Illinois: In the aftermath of Russian interference, local election officials say security efforts are crucial | Chicago Tribune

Protecting the integrity of American elections against foreign hackers is a more difficult job than preventing voter fraud, but election officials in Lake and Cook counties say they are working to to do both. U.S. Rep. Brad Schneider (D-Deerfield) met with local election officials Wednesday at the Northbrook Public Library to discuss the steps that have been taken to prevent or minimize interference since the 2016 election and to look for ways to prevent it in the upcoming primary and general elections. Joining Schneider was Cook County Clerk David Orr, Lake County Clerk Carla Wyckoff, Noah Praetz, the director of elections for Cook County, and Debra Nieto, chief deputy Lake County clerk.

Editorials: Election cybersecurity is a race with no finish line | Steve Simon/Pioneer Press

When people ask me to name my biggest challenge since becoming Minnesota secretary of state, I talk about the intense demands of cybersecurity. Just a few years ago, overseeing electronic defenses was merely an important part of the job. Now, it’s essential. Recently, CIA Director Mike Pompeo said publicly that he has “every expectation” that Russia will try to influence the 2018 midterm elections in November. We have a strong election system in Minnesota, and we have to protect it from cyberattack. That requires focus, time and resources. With less than a year until the next statewide general election, we owe it to all eligible voters to safeguard our system as best we can.

Texas: Weaknesses in Texas’ voting systems put under microscope | KXAN

Are Texas voting systems susceptible to a hack? Who polices wrongdoing at the polls? Should lawmakers make any changes to help Texas elections run more smoothly? State senators met Thursday to address concerns of fraud, irregularities and weaknesses in the system. Lt. Gov. Dan Patrick tasked a Senate select panel to address a handful of issues pertaining to election security. Sen. Bryan Hughes, R-Mineola, who chairs the committee, said there are few rights more precious than the right to vote. He said he expected the bipartisan group to take a “thorough look” at making possible changes to “ensure Texas is still leading on voting security.” 

National: Election officials face voting machine challenges ahead of 2018 midterms | CBS

Eight months out from the 2018 midterms, and over a year since the Russians allegedly tried to interfere in the 2016 elections, many state and and local election officials are still concerned about guarding their voting systems against breaches. One of the most basic safeguards is a paper record of each vote — a paper trail. But not every state incorporates paper in its polling place practices. In fact, five states only use electronic voting machines, known as direct-recording electronic (DRE) machines, that don’t have a paper trail, according to the Verified Voting Foundation. …  The lack of a paper trail makes auditing an election basically impossible.

National: States Rush to Defend 2018 Election From Russia After Late Start | Bloomberg

Weeks before the first U.S. primaries, 40 state election officials filed into a guarded Maryland office for a classified briefing about the threats they’re sure to face between now and the November vote. But they didn’t need much of a reminder about the menace from abroad. As they arrived, Special Counsel Robert Mueller charged 13 Russians with meddling in the 2016 presidential campaign in a conspiracy of bogus social-media postings. These state officials are the front-line defense against another assault on the elections this year — but many say they’re not getting much help from Washington, particularly with President Donald Trump downplaying or dismissing the threat of Russian meddling. With control of both chambers of Congress at stake, state officials admit they’re rushing to bolster security and overcome confusion about how to work with the federal government.

National: Homeland Security chief touts effort on election cybersecurity | The Hill

Homeland Security Secretary Kirstjen Nielsen on Tuesday touted the department’s effort to engage with state and local officials on guarding U.S. voting infrastructure from cyber threats, stressing that public trust in vote counts “relies on secure election infrastructure.” Nielsen issued the statement highlighting the Department of Homeland Security’s (DHS) recent meetings with state and local election officials, which included classified briefings from U.S. intelligence officials on cyber threats to U.S. voting infrastructure. “The American public’s confidence that their vote counts — and is counted correctly — relies on secure election infrastructure,” Nielsen said Tuesday.

National: State officials get classified briefings on election security | FCW

State election officials in the nation’s capital for a conference received classified briefings on the cybersecurity of election systems from officials from the Department of Homeland Security, the intelligence community and law enforcement, according to official readouts of the meetings. A DHS account of the briefings for members of the National Association for Secretaries of State (NASS) and the National Association of State Election Directors stated they “focused on increasing awareness of foreign adversary intent and capabilities against the states’ election infrastructure, as well as a discussion of threat mitigation efforts.” Not only did DHS talk with secretaries from all 50 states, the agency briefed the newly formed, private-sector, industry-centered Sector Coordinating Council for the Election Infrastructure Subsector. 

Massachusetts: Conscious of cyber threats, Galvin’s office focuses on election integrity | Lowell Sun

Amid talk of ongoing meddling in American elections by Russia or other adversaries, the head of Secretary of State William Galvin’s elections division met over the long weekend with U.S. Department of Homeland Security officials to discuss the security of state elections systems. Last week, the director of national intelligence told federal lawmakers that the intelligence community has already seen signs that Russia, among others, may be attempting to involve itself in the upcoming 2018 midterm elections and other future contests. “We expect Russia to continue using propaganda, social media, false-flag personas, sympathetic spokespeople and other means of influence to try to exacerbate social and political fissures in the United States,” Director of National Intelligence Dan Coats told the U.S. Senate Intelligence Committee last week. He added, “There should be no doubt that Russia perceives its past efforts as successful and views the 2018 U.S. midterm elections as a potential target for Russian influence operations.”

National: State Officials Gather To Discuss How to Prevent Election Hacking | NPR

Top election officials from across the country grappled with a delicate question this weekend: How do you tackle the threat of election interference, and be transparent in doing so, without further eroding the public’s trust in the voting process? “I’m always trying to straddle the line between sounding the alarm on this issue and being alarmist,” said Steve Simon, Minnesota’s Secretary of State. The four-day annual meeting of the National Association of Secretaries of State, which featured a new classified briefing from national intelligence officials, came at the end of an extraordinary week. On Tuesday, the nation’s top intelligence officials told Congress to expect Russian interference in the upcoming midterm elections and beyond. Three days later, the Justice Department’s Special Counsel, Robert Mueller, filed an indictment against 13 Russians, which laid out in granular detail the size, scope, and complexity of a covert Russian disinformation campaign in 2016.

National: Russia looms large as U.S. election officials prep for 2018 | Reuters

Ten months before the United States votes in its first major election since the 2016 presidential contest, U.S. state election officials huddled in Washington this weekend to swap strategies on dealing with an uninvited guest: Russia. A pair of conferences usually devoted to staid topics about election administration were instead packed with sessions dedicated to fending off election cyber attacks from Russia or others, as federal authorities tried to portray confidence while pleading with some states to take the threat more seriously. “Everyone in this room understands that what we are facing from foreign adversaries, particularly Russia, is real,” Chris Krebs, a senior cybersecurity official at the Department of Homeland Security (DHS), told an audience of secretaries of state, who in many states oversee elections. Russia, he added, is “using a range of tools against us.”

National: State Officials Say They Are Told Too Little About Election Threats | The New York Times

More than 15 months after a general election that was stained by covert Russian interference, the chief election officials of some states say they are still not getting the information they need to safeguard the vote. They say the federal government is not sharing specifics about threats to registered voter databases, voting machines, communication networks and other systems that could be vulnerable to hacking and manipulation. In some cases, the election officials say they have no legal access to the information: After a year of effort, only 21 of them have received clearance to review classified federal information on election threats. Top federal officials have promised to do better. Still, some leaders worry that there will not be enough time to protect the integrity of the midterm election season, which will kick off in some states in the next few weeks. “It’s not about 2020, it’s not about November 2018 — it’s about primaries that are upon us now,” said Alex Padilla, California’s secretary of state.

National: States move to protect voting systems from Russia with little help from Congress | USA Today

With the first congressional primary less than three weeks away, state election officials are ramping up efforts to protect their voting systems from cyber attacks as the nation’s intelligence officials warn that Russia will once again try to meddle in U.S. elections. Some states are moving to protect election data by encrypting their systems to thwart hackers, while others are asking the Department of Homeland Security to check their systems for vulnerabilities. Their actions come in the wake of revelations by homeland security officials last year that Russian hackers tried to break into the election systems of 21 states in 2016. Although no actual votes were changed, hackers did breach Illinois’ voter registration database.

National: State elections officials fret over cybersecurity threats | The Washington Post

State elections officials said Saturday that they want more information from federal officials to ensure they are protected from cybersecurity threats in light of evidence that foreign operatives plan to try to interfere in the midterm elections. At a conference of state secretaries of state in Washington, several officials said the government was slow to share information about specific threats faced by states during the 2016 election. According to the Department of Homeland Security, Russian government hackers tried to gain access to voter registration files or public election sites in 21 states. Although the hackers are not believed to have manipulated or removed data from state systems, experts worry that the attackers might be more successful this year. And state officials say reticence on the part of Homeland Security to share sensitive information about the incidents could hamper efforts to prepare for the midterms.

National: Amidst Election Security Worries, Suddenly Paper Ballots Are Making a Comeback | The Intercept

The nations Secretaries of state gathered for a multi-day National Association of Secretaries of State (NASS) conference in Washington, D.C., this weekend, with cybersecurity on the mind. Panels and lectures centered around the integrity of America’s election process, with the federal probe into alleged Russian government attempts to penetrate voting systems a frequent topic of…

Editorials: The First Step to Hack-Proofing Our Elections | Michael Waldman/Politico

Top security and intelligence officials warned on Tuesday that Russia would try to interfere in the 2018 elections again, just as it did in 2016. “We need to inform the American public that this is real, that this is not going to be happening,” Director of National Intelligence Dan Coats told the Senate Intelligence Committee. They didn’t specify how we were going to stop it, but we know there is one place we know we can start: upgrading the ramshackle, out-of-date voting equipment that is more vulnerable to hacking than newer machines.