Collaborate Disseminate
The company insists its equipment is safe, and nobody has proof of the vulnerabilities having been used, CISA says.
The post CISA issues vulnerability advisory for select Dominion voting equipment, urges updates appeared first on CyberScoop.
The ElectionGuard technology that Microsoft touts as a way to make elections more secure and verifiable is taking its biggest step yet: Hart InterCivic, one of the big three election vendors, says it will incorporate ElectionGuard into one of its voting systems. The ElectionGuard open-source software development kit gives voters a unique code to track their encrypted vote and confirm it wasn’t manipulated, and it offers a way for third parties to validate election results, according to Microsoft. The two companies jointly announced the partnership on Thursday. Hart InterCivic is the biggest partner to date for ElectionGuard, as one of three vendors — alongside Election Systems & Software and Dominion Voting Systems — that dominate the marketplace for voting machine technology. “We believe we must constantly re-imagine how technology can make voting more secure and also more transparent, and this partnership with Microsoft is a strong step in that direction,” […]
The post First major voting vendor, Hart InterCivic, partners with Microsoft on ambitious software security tool ElectionGuard appeared first on CyberScoop.
Voting equipment maker Dominion Voting Systems on Monday sued former President Donald Trump’s personal lawyer, Rudy Giuliani, for $1.3 billion for spreading election-related conspiracy theories that the vendor says amount to defamation. It’s the latest in a series of high-value lawsuits that Dominion has leveled at Trump allies who have promoted false conspiracy theories about the voting machine vendor flipping votes for Joe Biden during the 2020 election. Dominion employees have received a barrage of death threats, and the company says it has “suffered unprecedented and irreparable harm,” because of conspiracy theories stoked by Giuliani, the lawyer Sidney Powell and other pro-Trump public figures. “Dominion brings this action to set the record straight…and to stand up for itself, its employees, and the electoral process,” reads the suit filed Monday in the U.S. District Court for the District Columbia. It follows a $1.3 billion defamation suit that Dominion filed against […]
The post Dominion files $1.3 billion defamation suit against Giuliani over election security claims appeared first on CyberScoop.
After years of getting pummeled by critics for not embracing ethical hacking, the country’s biggest voting equipment vendors took a big step in that direction in September. They asked the cybersecurity community for ideas on how to set up a process through which researchers could flag software flaws for vendors to fix. Companies that specialize in coordinated vulnerability disclosure (CVD) programs like Bugcrowd and Synack responded to the request for information. But the usual suspects weren’t the only entities to submit ideas. A Democratic presidential candidate and one of the most outspoken voices in the Senate on election security also chimed in. In a four-page letter to the industry association establishing the CVD program, Sen. Amy Klobuchar, D-Minn., advised the voting-gear vendors to ditch their reservations about working with unvetted researchers, pay close attention to their supply chains, and set a timeline for getting software bugs fixed. “[V]oting system manufacturers […]
The post Klobuchar to voting vendors: Don’t turn your back on good hackers when setting up a CVD program appeared first on CyberScoop.
A year from the 2020 election and with a new round of election security funding stalled in Congress, the DEF CON Voting Village organizers have again taken to Capitol Hill to raise awareness about software vulnerabilities in voting equipment. This time, they brought the equipment with them to drive home their point. “If we’re going to meaningfully introduce funding or introduce new technologies for 2020, time is rapidly running out to be able to do that,” Matt Blaze, a professor at Georgetown University and co-organizer of the Voting Village, told CyberScoop. “We need to act pretty fast.” A handful of House Democrats and their staffers sauntered up to equipment on display, including a ballot-marking device and an electronic voting machine, to ask the researchers about the software bugs they found. “This is really helpful in understanding that these aren’t just abstract problems, that these are real things,” Blaze, an expert […]
The post Voting Village brings equipment to lawmakers to boost urgency on election security appeared first on CyberScoop.
Continue reading Voting Village brings equipment to lawmakers to boost urgency on election security
After finding security weaknesses in two ballot-marking devices at this year’s DEF CON Voting Village, researchers are calling for “more comprehensive studies” of equipment that is increasingly a part of the voter experience. The findings come as states consider the security advantages of election systems that create a paper trail. Ballot-marking devices, or BMDs for short, allow voters to mark their choices on a screen and then print them out. The paper ballots are then counted by hand or scanned by a separate machine. “The security implications of ballot marking devices should be studied more,” researchers said in the 2019 Voting Village report, which sums up more than two days of hacking and tinkering at a Las Vegas casino in August. “Current and proposed next-generation ballot marking devices have not been designed with security considerations in mind,” they argued. The researchers say that data stored by the two BMDs they studied could […]
The post DEF CON Voting Village report explores vulnerabilities in ballot-marking devices, calls for paper-based audits appeared first on CyberScoop.
The third annual Voting Village at the DEF CON hacking conference was a little different than years past. There were more machines to play with and more election personnel wandering around. And nobody publicly cursed out state officials or vendors. Attendees seemed buoyed by the fact that they were helping secure the 2020 election, which U.S. officials warn will again draw foreign interference attempts. “We have more people who are comfortable, immediately wanting to rip things apart and see how they work,” cryptologist Matt Blaze said with satisfaction. He was taking a rest in the corner of the village — a room in Las Vegas’ Planet Hollywood hotel littered with voting equipment — from the exertions of helping organize the gathering. “We don’t care if you break anything, as long as you’re doing it in an interesting way,” Blaze, a professor at Georgetown University, told CyberScoop. Across the room was Stephen Crane, […]
The post DEF CON Voting Village matures as industry keeps its distance appeared first on CyberScoop.
Continue reading DEF CON Voting Village matures as industry keeps its distance
The U.S. Election Assistance Commission has added two experienced hands to its voting system certification program amid concerns it had a shortage of technical experts overseeing election infrastructure. The agency is staffing up its crucial certification program by hiring Jessica Bowers, a former executive at Dominion Voting Systems, one of the country’s three largest voting system vendors, and Paul Aumayr, a former Maryland election official. Both new hires will work as senior election technology specialists. In an email announcement to staff obtained by CyberScoop, EAC Executive Director Brian Newby touted Bowers and Aumayr’s technical acumen. Bowers has “over 18 years of software development and product support experience,” while Aumayr is a “Microsoft-certified systems engineer,” Newby wrote. Both will begin work May 28 and report to Jerome Lovato, a former Colorado state election official. Earlier this month, Lovato was tapped to head the EAC’s program for testing and certifying voting systems. He replaced Ryan Macias, whose departure […]
The post Election commission hires 2 tech experts for testing and certification program appeared first on CyberScoop.
Continue reading Election commission hires 2 tech experts for testing and certification program
Election officials around the U.S. could soon have access to an open-source software development kit from Microsoft that is intended to make voting more secure and transparent. The software kit, called ElectionGuard, will allow third parties to validate election results and voters to ensure their ballots were correctly counted, according to Microsoft. Each voter would get a unique code to track the encrypted version of his or her vote to confirm that it was not altered. “It will not be possible to ‘hack’ the vote without detection,” Tom Burt, a Microsoft corporate vice president, asserted in a blog post Monday. He touted the kit’s use of homomorphic encryption, which will allow votes to be counted without decrypting the data, as a feature that will protect votes individually and collectively. The software, which will be available starting this summer to election agencies and vendors, is meant to supplement, rather than replace, paper ballots. Its code […]
The post Microsoft pushes open-source software kit to election agencies, voting-tech vendors appeared first on CyberScoop.
Continue reading Microsoft pushes open-source software kit to election agencies, voting-tech vendors
The last few years have been an awakening for Election Systems & Software. Before 2016, very few people were publicly pressing the company to change the way it handled its cybersecurity practices. Now, the nation’s leading manufacturer of election technology has become a lightning rod for critics. Security experts say the small number of companies that dominate the nation’s election technology market, including ES&S, have failed to acknowledge and remedy vulnerabilities that lie in systems used to hold elections across the country. Once left to obscurity, the entire ecosystem has been called into question since the Russian government was found to have interfered with the 2016 presidential campaign. While there has never been any evidence to suggest that any voting machines were compromised, the Department of Homeland Security and FBI recently issued a memo that all 50 states were at least targeted by Russian intelligence. The peak of the criticism came after the Voting Village exhibition […]
The post Election tech vendors say they’re securing their systems. Does anyone believe them? appeared first on CyberScoop.
Continue reading Election tech vendors say they’re securing their systems. Does anyone believe them?