Ohio becomes first state to release vulnerability policy for election-related websites August 7, 2020 https://www.cyberscoop.com/ohio-vulnerabiility-disclosure-2020-election/
Gov't election security struggles to reach some counties August 17, 2020 https://www.nbcnews.com/tech/security/gov-t-election-security-struggles-reach-some-counties-n1236973
"Hackers test defenses of Trump campaign websites ahead of U.S. election... LONDON (Reuters) - Hackers have stepped up efforts to knock Trump campaign and business websites offline ahead of the U.S. election, in what [Cloudflare] a security firm working for the campaign said could be preparation for a larger digital assault, according to emails seen by Reuters... Cloudflare’s security team did not comment on the identity of the hackers... The increasing number and sophistication of attempts suggested the attackers were “probing” the website defenses to establish what would be needed to take them fully offline, the security assessment said..." https://www.reuters.com/article/us-...-s-election-security-staff-warn-idUSKBN25S4SF
State voter registration systems have not been hacked, officials say September 1, 2020 https://www.nbcnews.com/tech/securi...s-have-not-been-hacked-officials-say-n1239028
"Facebook takes down Russian operation that recruited U.S. journalists, amid rising concerns about election misinformation The Russian group that interfered in the 2016 presidential election is at it again, using a network of fake accounts and a website set up to look like a left-wing news site, Facebook said on Tuesday. The Russians hired real Americans to write for the website. The fake site, called PeaceData, also used personas with computer-generated images to create what looked like a legitimate news organization. The disinformation campaign by the group, known as the Internet Research Agency, is the first public evidence that the agency is attempting to repeat its efforts from four years ago and push voters away from the Democratic presidential candidate.... Facebook said it was warned by the Federal Bureau of Investigation about the Russian effort. https://www.nytimes.com/2020/09/01/technology/facebook-russia-disinformation-election.html
"Facebook will block new political advertising the week before Election Day Facebook plans to block new advertising the week before the presidential election — the first time the company has taken action to limit political advertising in the United States, the company said Thursday... The company also said that it would label posts by any candidate or campaign that tries to declare victory before the final results are in, directing people to the official results from Reuters. It will do the same for any posts that try to delegitimize the outcome of the election — for example, a claim that voting by mail could lead to fraud. It has also started to limit users’ ability to forward articles on its Messenger platform to large groups of people..." https://www.washingtonpost.com/technology/2020/09/03/facebook-political-ads/
"Russian state hackers suspected in targeting Biden campaign firm... WASHINGTON (Reuters) - Microsoft Corp recently alerted one of Democratic presidential candidate Joe Biden’s main election campaign advisory firms [SKDK] that it had been targeted by suspected Russian state-backed hackers... A person familiar with SKDK’s response to the attempts said the hackers failed to gain access to the firm’s networks. 'They are well-defended, so there has been no breach,' the person said..." https://www.reuters.com/article/us-...BN2610I4?utm_medium=Social&utm_source=Twitter
"The military is providing an unexpected and powerful line of defense against Russian interference... The U.S. Cyber Command is quietly pushing ahead with the effort it began two years ago to “defend forward” against Russian influence operations — which means getting inside Russian cybernetworks to detect and disrupt attacks... Cyber Command has expanded the “hunt forward” strategy that 'disrupted a concerted effort to undermine the midterm elections' in 2018.' They pledged: 'Together with its partners, Cyber Command is doing all of this and more for the 2020 elections.' Cyber Command’s operations against Russia in recent months have been 'very aggressive and very effective,' said one defense official — to the point that they’ve disoriented some Russian operations planners. Thanks to these efforts, it will be 'virtually impossible' for the Russians or anyone else to penetrate voting systems in the roughly 8,000 jurisdictions around the country, the defense official said..." https://www.washingtonpost.com/opin...t-4-0_opinion-card-c-right:homepage/story-ans
"Ransomware Attacks Take On New Urgency Ahead of Vote... A Texas company that sells software that cities and states use to display results on election night was hit by ransomware last week...the attack on Tyler Technologies, which continued on Friday night with efforts by outsiders to log into its clients’ systems around the country, was particularly rattling less than 40 days before the election... While Tyler does not actually tally votes, it is used by election officials to aggregate and report them in at least 20 places around the country — making it exactly the kind of soft target that the Department of Homeland Security, the F.B.I. and United States Cyber Command worry could be struck by anyone trying to sow chaos and uncertainty on election night... ...the fear haunting federal officials for a year now: that in the days leading up to the election, or in its aftermath, ransomware groups will try to freeze voter registration data, election poll books or the computer systems of the secretaries of the state who certify election results..." Long Read: https://www.nytimes.com/2020/09/27/technology/2020-election-security-threats.html
"US Cyber Command has sought to disrupt the world's largest botnet, hoping to reduce its potential impact on the election In recent weeks, the U.S. military has mounted an operation to temporarily disrupt what is described as the world's largest botnet - one used also to drop ransomware, which officials say is one of the top threats to the 2020 election. U.S. Cyber Command's campaign against the Trickbot botnet, an army of at least 1 million hijacked computers run by Russian-speaking criminals, is not expected to permanently dismantle the network,... But it is one way to distract them at least for a while as they seek to restore operations. The effort is part of what Gen. Paul Nakasone, the head of Cyber Command, calls "persistent engagement," or the imposition of cumulative costs on an adversary by keeping them constantly engaged..." https://www.chron.com/news/article/Cyber-Command-has-sought-to-disrupt-the-world-s-15635373.php
"Microsoft disrupts Russian criminal botnet it fears could seek to sow confusion in the presidential election The software giant won a court order to seize servers used by the Trickbot botnet, a network of infected computers that Microsoft says might have been used to lock up voter-registration systems... SEATTLE — Microsoft has taken legal steps to dismantle one of the world’s largest botnets, an effort it says is aimed at thwarting criminal hackers who might seek to snarl up state and local computer systems used to maintain voter rolls or report on election results. The company obtained an order from a federal judge in the Eastern District of Virginia last week that gave Microsoft control of the Trickbot botnet..." https://www.washingtonpost.com/technology/2020/10/12/microsoft-trickbot-ransomware/
620 applicants file joint case against IT firm which exposed voter data Joint lawsuit filed in civil courts against C-Planet IT Solutions October 12, 2020 https://timesofmalta.com/articles/v...se-against-it-firm-which-exposed-voter.824158
"Ransomware hits election infrastructure in Georgia county A Georgia county is ground zero for what may be the first ransomware attack to hit election infrastructure this political season. The attack on Hall County — home to Gainesville and located roughly an hour north of Atlanta — was disclosed on Oct. 7, but the impact to election infrastructure is only now coming to light. Among the county's affected systems were a voter signature database, as well as a voting precinct map hosted on the county's website...The initial disclosure by county officials said that the attack had hit 'critical systems within the Hall County Government networks'..." https://www.cnn.com/2020/10/22/tech/ransomware-election-georgia/index.html
Georgia county voter information leaked by ransomware gang October 29, 2020 https://www.bleepingcomputer.com/ne...-voter-information-leaked-by-ransomware-gang/
"Department of Homeland Security [DHS] plans largest operation to secure U.S. election against hacking On Election Day, DHS’s Cybersecurity and Infrastructure Security Agency will launch a 24/7 virtual war room, to which election officials across the nation can dial in at any time to share notes about suspicious activity and work together to respond. The agency will also pass along classified information from intelligence agencies about efforts they detect from adversaries seeking to undermine the election and advise states on how to protect against such attacks... The operation will run for days or weeks until winners are clear in most races... If there are concerning signs of interference, teams of CISA employees stationed in different regions across the country stand ready to deploy to polling places or election offices to help assess..." https://www.washingtonpost.com/nati...operation-secure-us-election-against-hacking/
Election (in)security: What you may have missed October 30, 2020 https://www.welivesecurity.com/2020/10/30/election-insecurity-what-you-may-have-missed/
Robocalls urging voters to skip Election Day are subject of FBI investigation, DHS official says https://www.cyberscoop.com/fbi-investigates-michigan-robocalls-cisa-election-day/
Georgia Democrats sue governor over unfounded 2018 hacking claims November 5, 2020 https://statescoop.com/georgia-democrats-sue-governor-over-unfounded-2018-hacking-claims/
Three voters demand €10m fine for IT firm behind huge data breach Complaint filed with Data Protection Authority against C-Planet IT Solutions November 13, 2020 https://timesofmalta.com/articles/v...ne-for-it-firm-behind-huge-data-breach.831487
Harris County, Texas, ditches paperless voting machines January 27, 2021 https://statescoop.com/harris-county-texas-ditches-paperless-voting-machines/
Man Accused Of Hacking DeSantis' Voter Records Reaches Plea Deal June 24, 2021 https://news.wjct.org/post/man-accused-hacking-desantis-voter-records-reaches-plea-deal
Cyber leader calls for nonpartisan path to securing the vote August 14, 2021 https://apnews.com/article/election...sinformation-c9878bf50e3c72c720f7928979f162d7