election assistance commission

Federal election agency adopts updated voting security standards. Not everyone is happy.

Posted on February 10, 2021 by Tim Starks

The Election Assistance Commission on Wednesday voted to adopt the first comprehensive update to its voting system security guidelines in more than 15 years, concluding a lengthy process that ended with a mixed reception from some election security experts. The security community largely greeted the update as a security upgrade to standards that most states rely upon at least partially for their own equipment testing and certification. A significant number of academics, activists and even some in Congress, though, voiced displeasure in particular for how the so-called Voluntary Voting System Guidelines 2.0 would handle wireless connections on voting systems. The update stands to shape the next generation of voting systems that election vendors produce for use around the country during a period of sinking trust in the electoral process. Regardless, the more than five-year drafting process and resulting EAC vote won’t immediately transform election security because states, equipment manufacturers and […]

The post Federal election agency adopts updated voting security standards. Not everyone is happy. appeared first on CyberScoop.

Continue reading Federal election agency adopts updated voting security standards. Not everyone is happy.→

Bill Barr: No, we won’t be seizing voting machines

Posted on December 21, 2020 by Sean Lyngaas

Attorney General William Barr declined to endorse a desperate effort by President Donald Trump’s personal lawyer, Rudy Giuliani, to overturn Trump’s electoral defeat by seizing voting machines. Barr said at a press conference Monday that he had not seen evidence of widespread fraud that could change the result of the election, and that there was “no basis now for seizing machines by the federal government.” He also rejected the idea of naming a special counsel to investigate voter fraud allegations. States have certified their results in the election, which saw Joe Biden win by more than 7 million in the popular vote. Election security officials have declared the election secure. Claims of widespread voting irregularities made by Trump’s lawyers have been roundly rejected in court. Giuliani nonetheless last week pushed Ken Cuccinelli, a senior Department of Homeland Security official, to confiscate voting machines, the New York Times and Wall Street […]

The post Bill Barr: No, we won’t be seizing voting machines appeared first on CyberScoop.

Continue reading Bill Barr: No, we won’t be seizing voting machines→

How the pandemic helped election officials prepare for a flood of misinformation

Posted on November 5, 2020 by Sean Lyngaas

As Americans await the results of a heated presidential contest, election officials are in the spotlight in a country on edge. They are trying to sift through a fog of domestic misinformation, and their methodical process for counting and verifying ballots is belying demands to hurry up, or stop. Now, security experts say months of extraordinary preparation during the coronavirus are paying off. After months of explaining how elections would work during a pandemic, state and local officials are projecting confidence to the public by being open about their work. Election officials have “transformed some of the challenges associated with COVID into opportunities to increase transparency and election administration education,” said Liz Howard, senior counsel at the Democracy Program at New York University’s Brennan Center for Justice. “Before the election, when many election officials received calls and questions from voters about their absentee ballot security measures, many offered to provide tours of their offices to the […]

The post How the pandemic helped election officials prepare for a flood of misinformation appeared first on CyberScoop.

Continue reading How the pandemic helped election officials prepare for a flood of misinformation→

Election security pros focus on effective partnerships

Posted on November 2, 2020 by CyberScoop Staff

Trust the process. That’s the message from a group of election security experts who, during a virtual panel discussion at CyberTalks, said they are working to safeguard the 2020 election from an array of cybersecurity threats. Benjamin Hovland, a commissioner on the U.S. Election Assistance Commission, Jack Cable, an election security technical adviser at the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, and Matt Masterson, a senior cybersecurity adviser at CISA, explained that the goal isn’t only to protect the Nov. 3 election, but also to ensure that the American people can trust the results. The CyberTalks panel was led by John DeSimone, vice president of cybersecurity, training and services at Raytheon Intelligence and Space. In a series of questions, DeSimone, probed the election security experts on the ways that U.S. government entities and the defense industrial base are working together “from a mission assurance perspective” to protect […]

The post Election security pros focus on effective partnerships appeared first on CyberScoop.

Continue reading Election security pros focus on effective partnerships→

Feds, states unveil pilot program meant to secure voter databases and other election systems

Posted on June 17, 2020 by Sean Lyngaas

Election officials and nonprofit security advocates on Wednesday announced a pilot program for testing and verifying voter registration databases, election night reporting and other systems meant to support voting. The pilot program will focus on making the software that’s used in election systems more secure as it is developed, and before it is deployed. The aim is to close a gap in security testing for the broad set of election infrastructure outside of voting machines, which are already the subject of voluntary federal security guidelines. “There is no standard process for verifying that non-voting election technology is secure, reliable, and usable,” said the nonprofit Center for Internet Security, which is spearheading the pilot program. “Existing election technology verification processes are costly, slow, and disincentivize updating products at the same pace as technology changes and security threats.” Under the pilot program, election systems vendors will submit their products to CIS for testing. […]

The post Feds, states unveil pilot program meant to secure voter databases and other election systems appeared first on CyberScoop.

Continue reading Feds, states unveil pilot program meant to secure voter databases and other election systems→

DHS memo: ‘Significant’ security risks presented by online voting

Posted on May 11, 2020 by Sean Lyngaas

The Department of Homeland Security has told election officials and voting vendors that internet-connected voting is risky to the point that ballots returned online “could be manipulated at scale” by a malicious attacker. The advisory that DHS’s Cybersecurity and Infrastructure Security Agency sent states on Friday is perhaps the federal government’s sternest warning yet against online voting. It comes as officials weigh their options for conducting elections during a pandemic and as digital voting vendors see an opportunity to hawk their products. While the risk of election officials delivering ballots to voters via the internet can be managed, the return of those ballots by voters “faces significant security risks to the confidentiality, integrity, and availability of voted ballots,” CISA said in the guidance, which CyberScoop reviewed. “These risks can ultimately affect the tabulation and results and, can occur at scale.” The guidance, which is marked “For Official Use Only” and […]

The post DHS memo: ‘Significant’ security risks presented by online voting appeared first on CyberScoop.

Continue reading DHS memo: ‘Significant’ security risks presented by online voting→

Why you can’t trust your vote to the internet

Posted on April 13, 2020 by cyber_admin

A common adage in information security is that most startups don’t hire their first full-time security engineer until they’ve got around 300 employees. If an app only stores public data and has no need to authenticate users, that might not present much of a problem. But when an app needs to be trusted to protect the confidentiality of a person’s political preference, it’s something else entirely. It’s why Tusk Philanthropies — an organization devoted to bringing mobile voting to the masses — is playing matchmaker between a half-dozen mobile voting startups and the security experts that can help bring them up to snuff. The team at Trail of Bits — a boutique software security firm based in New York — was commissioned by Tusk in late 2019 to conduct a thorough ‘white box’ security test of mobile voting app Voatz, an app used in five states. The testers would have […]

The post Why you can’t trust your vote to the internet appeared first on CyberScoop.

Continue reading Why you can’t trust your vote to the internet→

Experts: Internet voting isn’t ready for COVID-19 crisis

Posted on April 8, 2020 by cyber_admin

Internet technologies are set to play a critical role in the 2020 presidential election, but precisely which voting alternatives will be pursued – and whether they can adequately be secured – is now a $400 million question. COVID-19 doesn’t – at this point – present an excuse to postpone the general election in November. Chris Krebs, Director of the Cybersecurity and Infrastructure Security Agency told a recent Axios forum that 42 U.S. states have mechanisms in place that allow for alternatives to in-person voting, and the other eight have break-glass provisions for doing the same when emergencies require it. A global pandemic would most certainly meet that threshold. The $2.2 trillion coronavirus relief bill (CARES Act) signed into law last week included $400 million of grants the Election Assistance Commission can give to states to help them “prevent, prepare for and respond to Coronavirus.” Earlier versions of the bill stipulated […]

The post Experts: Internet voting isn’t ready for COVID-19 crisis appeared first on CyberScoop.

Continue reading Experts: Internet voting isn’t ready for COVID-19 crisis→

Election commission hires cyber-savvy adviser to support 2020 efforts

Posted on March 17, 2020 by Sean Lyngaas

The U.S. Election Assistance Commission is hiring a senior policy adviser to bolster its cybersecurity work with election officials and voting equipment vendors ahead of the 2020 presidential vote. Maurice Turner is set to join the federal commission at the end of the month as a senior adviser to the executive director, supporting the EAC’s internal operations and programing. Externally, he says he can help the commission with an update to important guidelines for voting systems security, and in supporting states as they set up programs to find and fix software vulnerabilities. “I want election officials to expect that EAC is a place that they can go for this type of information,” Turner told CyberScoop. “Whether it’s about security standards or new methods for election administration.” Turner has spent the last two years working on election security at the nonprofit Center for Democracy & Technology. He was previously a fellow […]

The post Election commission hires cyber-savvy adviser to support 2020 efforts appeared first on CyberScoop.

Continue reading Election commission hires cyber-savvy adviser to support 2020 efforts→

Election commission hires cybersecurity expert to help states with 2020 infrastructure

Posted on March 12, 2020 by Sean Lyngaas

The federal agency that oversees funding for states to secure their election equipment is hiring a cybersecurity expert versed in voting technology as it prepares for the 2020 election. Joshua Franklin will start in the coming weeks in a top cybersecurity position at the Election Assistance Commission, according to multiple people familiar with the matter. It is an effort by the EAC, a tiny agency with a big responsibility, to bolster the cybersecurity expertise it has on staff. Franklin, who spent six years as an engineer at the National Institute of Standards and Technology, is expected to protect EAC networks from hacking threats and support the commission’s cybersecurity work with state and local election officials. Franklin has been working as an election security advocate for years, drawing attention to the issue at hacking conferences. In 2018, Franklin presented research at DEF CON comparing the vulnerabilities in the websites of House and Senate candidates for the […]

The post Election commission hires cybersecurity expert to help states with 2020 infrastructure appeared first on CyberScoop.

Continue reading Election commission hires cybersecurity expert to help states with 2020 infrastructure→