14 states' voting machines are highly vulnerable. How’d that happen?

BY GREG GORDON

Star Telegram.com

ggordon@mcclatchydc.com

Updated April 04, 2018 12:59 PM

WASHINGTON 

Texas counties have doled out millions of dollars in recent months to replace thousands of old touch-screen voting machines that lack a paper record – a weakness security experts warn could allow Russians or other hackers to rig U.S. elections without detection.

The problem is, many of the new machines have the same vulnerability. So do similar machines in more than a dozen states across the country.

We need to hack-proof our elections. An old technology can help.

By Michael Chertoff and Grover Norquist
Washington Post, February 14, 2018

The nation’s top intelligence officers warned Congress this week that Russia is continuing its efforts to target the 2018 elections.

This should come as no surprise: A few months ago, the Department of Homeland Security notified 21 states that hackers had targeted their election systems in 2016. Yet Congress still has not passed legislation to meaningfully address election cybersecurity.

Time is running out. Lawmakers need to act immediately if we are to protect the 2018 and 2020 elections.

New Bill Could Finally Get Rid of Paperless Voting Machines

The bill reads like a computer security expert’s wish list.

TIMOTHY B. LEE -  Ars Technica
1/2/2018

A bipartisan group of six senators has introduced legislation that would take a huge step toward securing elections in the United States. Called the Secure Elections Act, the bill aims to eliminate insecure paperless voting machines from American elections while promoting routine audits that would dramatically reduce the danger of interference from foreign governments.

America’s voting systems need security upgrades: It’s time to beef up cybersecurity

By R. James Woolsey, Tony Shaffer
Fox News, May 12, 2017

There’s no evidence that hacking had any impact whatsoever on the results of the 2016 election.

But—in an age of rapidly rising cybersecurity threats and quickly aging voting infrastructure—there’s no guarantee that elections in 2018, 2020, and beyond will be safe.  While alleged Russian hacking has received huge attention this year, the cyber-threat to American electoral democracy could come in the future from Russia, China, North Korea, ISIS, Anonymous, or any of a number of potential players with cyber capacities.

Senators unveil bipartisan push to deter future election interference

By Morgan Chalfant
The Hill, January 16, 2018

A pair of senators from each party is introducing legislation meant to deter foreign governments from interfering in future American elections. 

The bill represents the latest push on Capitol Hill to address Russia’s meddling in the 2016 presidential election and counter potential threats ahead of the 2018 midterms. 

Sens. Marco Rubio (R-Fla.) and Chris Van Hollen (D-Md.) on Tuesday introduced the “Defending Elections from Threats by Establishing Redlines (DETER) Act,” which lays out specific foreign actions against U.S. elections that would warrant penalties from the federal government. 

Van Hollen said in a statement to The Hill that the bill would send “an unequivocal message to Russia and any other foreign actor who may follow its example: if you attack us, the consequences will be severe.” 

Elections security is national security

The Washington Times
By Bruce Fein - - Monday, August 28, 2017

The U.S. Senate should enthusiastically pass the Graham-Klobuchar amendment to H.R. 2810, the National Defense Authorization Act for fiscal 2018.

The amendment would enormously strengthen defenses against cyber attacks that could compromise the integrity of elections in the United States and undermine legitimacy of government.  Public confidence in the reliability of elections is a cornerstone of national security—the willingness of the people to fight and die for their country.  Experts agree that the Vietnam War was lost because the South Vietnamese Army would not risk that last full measure of devotion on behalf of a corrupt, fraudulently elected government.   To the extent citizens lose confidence in electoral results, to that extent military morale diminishes.

Here’s how to keep Russian hackers from attacking the 2018 elections

By J. Alex Halderman and Justin Talbot-Zorn

Washington Post, June 21, 2017

“They’re coming after America,” former FBI director James B. Comey told the Senate intelligence committee this month. “They will be back.”

In a highly politicized hearing, this bold statement drew strikingly little partisan disagreement. Senators on both sides of the aisle have seemingly reached consensus that foreign agents did try to tamper with the 2016 election and that they are extremely likely to do so again.

The question is: What do we do about it?

The Conservative Case for Election Security Reform

BY LT. COL. TONY SHAFFER (RET.), OPINION CONTRIBUTOR
The Hill,  March 7, 2017

Good news: Most Americans still have at least some degree of confidence in our voting system. We have not devolved to the level of a third-world banana republic — yet.

But Americans' faith in elections has diminished considerably, and I believe justifiably. Now, only four in 10 citizens have "strong confidence" that their votes are counted as cast. Among Republicans, the proportion of people with faith in voting has fallen to just about a third.

Just the mere perception of a rigged system undermines the most basic foundations of our republic. America's incoming government has an obligation — and an opportunity — to restore the faith in our voting systems.

Report: Russia Launched Cyberattack On Voting Vendor Ahead Of Election

June 5, 2017

Heard on All Things Considered

Russia's military intelligence agency launched an attack days before Election Day on a U.S. company that provides election services and systems, including voter registration, according to a top-secret report posted Monday by The Intercept.

The news site published a report, with redactions, by the National Security Agency that described the Russian spear-phishing scheme, one it described as perpetrated by the same intelligence agency — the GRU — that the Obama administration imposed sanctions on for the 2016 cyber mischief.

Advocates Call for Paper Ballots in Georgia Amid FBI Review

By KATHLEEN FOODY, Associated Press
March 14, 2017

ATLANTA (AP) — A group of technology experts said Tuesday that Georgia's top elections officials should stop using electronic voting machines as the FBI reviews a suspected data breach.

Secretary of State Brian Kemp and Kennesaw State University this month confirmed a federal investigation focused on the school's Center for Election Systems. The center tests and certifies Georgia's voting machines and electronic polling books used to check in voters at polling locations. Employees also format ballots for every election held in the state.

There's No Way to Know How Compromised U.S. Elections Are

By VANN R. NEWKIRK II

Atlantic Magazine, June 16, 2017

It’s not really all that hard to hack American democracy.

That fact should be driven home by a recent article from The Intercept detailing the contents of a highly classified NSA report that found evidence of a massive Russian cyberattack on voting software and against over 100 election officials. While the NSA concluded the attack was carried out by the most sophisticated of hackers—the Russian military—their entry methods were relatively vanilla. They gained access to the credentials and documents of a voting system vendor via a spear-phishing attack, and then used those credentials and documents to launch a second spear-phishing attack on local elections officials, which if successful could have compromised election officials’ systems and whatever voter data they possessed.