election security – Page 19

Securing voter registration databases takes on added importance in pandemic, DHS official says

Posted on June 24, 2020 by Sean Lyngaas

The expansion of voting by mail during the coronavirus pandemic makes it all the more important that election officials secure voter registration databases from hacking, according to a senior Department of Homeland Security official. The greater amount of absentee voting and mail-in ballots “shifts the risk towards voter registration data security,” Matt Masterson, senior adviser at DHS’s Cybersecurity and Infrastructure Security Agency, said Wednesday during a virtual conference. People voting by mail generally won’t have access to the same provisional-balloting process that those voting in person can use if they’ve been left off of voter rolls due to an administrative error. That makes the integrity of voter registration data all the more important in the era of COVID-19, Masterson said. The novel coronavirus, which has killed more than 120,000 people in the U.S., has forced many states to postpone presidential primaries and ramp up voting-by-mail options. Forty-six states currently offer all of their voters some form […]

The post Securing voter registration databases takes on added importance in pandemic, DHS official says appeared first on CyberScoop.

Continue reading Securing voter registration databases takes on added importance in pandemic, DHS official says→

Feds, states unveil pilot program meant to secure voter databases and other election systems

Posted on June 17, 2020 by Sean Lyngaas

Election officials and nonprofit security advocates on Wednesday announced a pilot program for testing and verifying voter registration databases, election night reporting and other systems meant to support voting. The pilot program will focus on making the software that’s used in election systems more secure as it is developed, and before it is deployed. The aim is to close a gap in security testing for the broad set of election infrastructure outside of voting machines, which are already the subject of voluntary federal security guidelines. “There is no standard process for verifying that non-voting election technology is secure, reliable, and usable,” said the nonprofit Center for Internet Security, which is spearheading the pilot program. “Existing election technology verification processes are costly, slow, and disincentivize updating products at the same pace as technology changes and security threats.” Under the pilot program, election systems vendors will submit their products to CIS for testing. […]

The post Feds, states unveil pilot program meant to secure voter databases and other election systems appeared first on CyberScoop.

Continue reading Feds, states unveil pilot program meant to secure voter databases and other election systems→

Can we safeguard the election infrastructure from cyber attacks?

Posted on June 15, 2020 by Help Net Security

70 percent of security professionals believe their local governments cannot adequately safeguard the election infrastructure against domestic and international cyber attacks. In addition, 75 percent believe that the spread of disinformation is the grea… Continue reading Can we safeguard the election infrastructure from cyber attacks?→

Pandemic Serves Up Security Woes for Election

Posted on May 20, 2020 by Joan Goodchild

As if the issue of election security were not complex enough before 2020, the current concerns about standing in crowds of voters amid the pandemic have only further ramped up concerns about November’s election. Issues such as how to potentially imple… Continue reading Pandemic Serves Up Security Woes for Election→

Review: Kill Chain: The Cyber War on America’s Elections

Posted on May 19, 2020 by Help Net Security

Kill Chain is an HBO documentary made and produced by Simon Arizzone, Russell Michaels and Sarah Teale. Kill Chain: Inside the documentary Arizzone and Michaels already worked on a documentary in 2006 called Hacking Democracy, which was about uncoverin… Continue reading Review: Kill Chain: The Cyber War on America’s Elections→

DHS memo: ‘Significant’ security risks presented by online voting

Posted on May 11, 2020 by Sean Lyngaas

The Department of Homeland Security has told election officials and voting vendors that internet-connected voting is risky to the point that ballots returned online “could be manipulated at scale” by a malicious attacker. The advisory that DHS’s Cybersecurity and Infrastructure Security Agency sent states on Friday is perhaps the federal government’s sternest warning yet against online voting. It comes as officials weigh their options for conducting elections during a pandemic and as digital voting vendors see an opportunity to hawk their products. While the risk of election officials delivering ballots to voters via the internet can be managed, the return of those ballots by voters “faces significant security risks to the confidentiality, integrity, and availability of voted ballots,” CISA said in the guidance, which CyberScoop reviewed. “These risks can ultimately affect the tabulation and results and, can occur at scale.” The guidance, which is marked “For Official Use Only” and […]

The post DHS memo: ‘Significant’ security risks presented by online voting appeared first on CyberScoop.

Continue reading DHS memo: ‘Significant’ security risks presented by online voting→

The Election Is Six Months Away. Now Is the Time to Instrument Election Infrastructure.

Posted on May 7, 2020 by Richard Bejtlich

By Richard Bejtlich, Principal Security Strategist, Corelight Elections have two critical components. The first is the conduct of the election as visible to the participants. The second is the hidden aspect, that which is not visible to the participant… Continue reading The Election Is Six Months Away. Now Is the Time to Instrument Election Infrastructure.→

Why you can’t trust your vote to the internet

Posted on April 13, 2020 by cyber_admin

A common adage in information security is that most startups don’t hire their first full-time security engineer until they’ve got around 300 employees. If an app only stores public data and has no need to authenticate users, that might not present much of a problem. But when an app needs to be trusted to protect the confidentiality of a person’s political preference, it’s something else entirely. It’s why Tusk Philanthropies — an organization devoted to bringing mobile voting to the masses — is playing matchmaker between a half-dozen mobile voting startups and the security experts that can help bring them up to snuff. The team at Trail of Bits — a boutique software security firm based in New York — was commissioned by Tusk in late 2019 to conduct a thorough ‘white box’ security test of mobile voting app Voatz, an app used in five states. The testers would have […]

The post Why you can’t trust your vote to the internet appeared first on CyberScoop.

Continue reading Why you can’t trust your vote to the internet→

Experts: Internet voting isn’t ready for COVID-19 crisis

Posted on April 8, 2020 by cyber_admin

Internet technologies are set to play a critical role in the 2020 presidential election, but precisely which voting alternatives will be pursued – and whether they can adequately be secured – is now a $400 million question. COVID-19 doesn’t – at this point – present an excuse to postpone the general election in November. Chris Krebs, Director of the Cybersecurity and Infrastructure Security Agency told a recent Axios forum that 42 U.S. states have mechanisms in place that allow for alternatives to in-person voting, and the other eight have break-glass provisions for doing the same when emergencies require it. A global pandemic would most certainly meet that threshold. The $2.2 trillion coronavirus relief bill (CARES Act) signed into law last week included $400 million of grants the Election Assistance Commission can give to states to help them “prevent, prepare for and respond to Coronavirus.” Earlier versions of the bill stipulated […]

The post Experts: Internet voting isn’t ready for COVID-19 crisis appeared first on CyberScoop.

Continue reading Experts: Internet voting isn’t ready for COVID-19 crisis→

Schiff wants ODNI to scrub out politics from election security briefs

Posted on April 7, 2020 by Shannon Vavra

Rep. Adam Schiff, the House Intelligence Committee chairman, wrote to Acting Director of National Intelligence Richard Grenell on Monday asking him to share communications about an intelligence briefing on election security provided to lawmakers last month over concerns that some of the information may have been politicized, according to the letter. During the intelligence briefing in question, which took place behind closed doors March 10, intelligence officials told lawmakers that Russia was not directly supporting any presidential candidates in the buildup to the 2020 presidential election, according to The New York Times. Just days earlier, U.S. intelligence officials told the House Intelligence Committee that Russia had a preference for President Donald Trump’s candidacy, as CyberScoop reported. The discrepancy in the two briefings raised concerns that the Office of the Director of National Intelligence began politicizing possible election interference information shared with Congress just after a new acting DNI took the reins. Just days before […]

The post Schiff wants ODNI to scrub out politics from election security briefs appeared first on CyberScoop.

Continue reading Schiff wants ODNI to scrub out politics from election security briefs→