Securing Elections

Minimalist · Oct 30, 2018

Millions of Voter Records Up for Sale Ahead of the US Midterm Elections

As the US midterm elections close in, the underground markets appear to be flush with voter databases available for affordable prices.

Voter information is rich with details that could help an attacker learn enough about the victim to steal their identity.
Click to expand...

https://www.bleepingcomputer.com/ne...p-for-sale-ahead-of-the-us-midterm-elections/

guest · Oct 31, 2018

mood said: ↑

Microsoft AccountGuard Service Offers Protection for Political and Election Orgs
August 1, 2018
https://www.bleepingcomputer.com/ne...s-protection-for-political-and-election-orgs/
Click to expand...

Microsoft expands AccountGuard to U.K. to safeguard elections from cyberthreats
October 31, 2018
https://venturebeat.com/2018/10/31/...u-k-to-safeguard-elections-from-cyberthreats/

Microsoft is expanding its AccountGuard security initiative to the U.K., as the computing giant looks to “defend democracy” through giving additional protections to politicians and related organizations.

Representing part of Microsoft’s broader so-called “defending democracy” program that launched in April, AccountGuard is designed to protect “organizations that underpin democracy” from cyberattacks.

As you would perhaps expect, AccountGuard is available (for free) to those using Microsoft Office 365, and includes automated notifications in the event that a threat or compromise is detected by a “known nation-state actor,” [...]
Click to expand...

guest · Oct 31, 2018

Many States Reject DHS Offer to Check Election Systems for Flaws, Saying They’re Safe from Hackers
October 31, 2018
https://labs.bitdefender.com/2018/1...ms-for-flaws-saying-theyre-safe-from-hackers/

For its part, the Department of Homeland Security is doing everything in its power to prevent further meddling with the country’s elections by reviewing election machines and processes ahead of the Nov. 6 deadline. And, according to an ABC News report, many states are failing to carry out the proper assessments ahead of the elections.

Fewer than half of US states have reportedly undergone federal election security reviews, an optional service offered free of charge by the DHS. This is because elections are managed by state and local officials.
Click to expand...

Minimalist · Nov 1, 2018

Bolton confirms offensive cyber-operations conducted to protect midterms

Days before the midterm elections, the United States is undertaking offensive cyber-operations to protect against foreign interference, White House national security adviser John Bolton said Wednesday.

“We are right now undertaking offensive cyber-operations in connection with defending the integrity of our electoral process,” Bolton said at an event hosted by the Alexander Hamilton Society.
Click to expand...

https://www.cyberscoop.com/john-bolton-offensive-cyber-operations/

guest · Nov 2, 2018

EAC standards don’t fully protect voting systems, pen tests show
November 1, 2018
https://www.scmagazine.com/home/sec...-fully-protect-voting-systems-pen-tests-show/

Pen tests on voting systems in 10 statements revealed a number of vulnerabilities and pen testers at Coalfire were able to reverse engineer voting media and replace voting system software with an emulation program that adds malicious logic to record malicious votes, the company said.

“The U.S. voting system is peppered with vulnerabilities, and voters are losing confidence,” said Coalfire CEO Tom McAndrew. “Our voting systems require significant improvement from the hardware and software that run voting machines, the networks that connect the votes and databases, and the policies and standards that oversee their operations.”

Company Vice President Mike Weber said the EAC standards, used to certify voting machines, “cover the essentials of security, but adherence to the standards doesn’t prevent them from being subverted.”
Click to expand...

Minimalist · Nov 3, 2018

State of security: Indiana

While states like Maine hope taking a low-tech approach to voting will help keep it secure from hackers, Indiana is taking the opposite route with Secretary of State Connie Lawson proudly hyping all the cybersecurity measures that have been implemented, although one outside organization rating voting security gave the state a failing grade.
Click to expand...

https://www.scmagazine.com/home/security-news/state-of-security-indiana/

Minimalist · Nov 3, 2018

State of Security: Kentucky

Kentucky’s reliance on electronic vote-recording devices with no voter-verified paper audit trail (VVPAT) capabilities makes little horse sense, according to security experts.
Click to expand...

https://www.scmagazine.com/home/security-news/state-of-security-kentucky/

Minimalist · Nov 3, 2018

State of security: Georgia

Secretary of State Brian Kemp famously said that Georgia didn’t have to worry about its voting systems because they were secure. That was before U.S. District Judge Amy Totenberg admonished Georgia officials in September for sticking their “head in the sand” in the face of evidence that showed the state’s election systems had obvious security holes.
Click to expand...

https://www.scmagazine.com/home/security-news/state-of-security-georgia/

EDIT
Reports for other states can be found here: https://www.scmagazine.com/home/security-news/government-and-defense/election-coverage/

hawki · Nov 5, 2018

"Hackers targeting election networks across country prior to midterms

Hackers have ramped up their efforts to meddle with the country’s election infrastructure in the weeks leading up to Tuesday’s midterms, sparking a raft of investigations into election interference, internal intelligence documents show.

The hackers have targeted voter registration databases, election officials, and networks across the country, from counties in the Southwest to a city government in the Midwest, according to Department of Homeland Security election threat reports reviewed by the Globe. The agency says publicly all the recent attempts have been prevented or mitigated, but internal documents show hackers have had'“limited success.'

The recent incidents, ranging from injections of malicious computer code to a massive number of bogus requests for voter registration forms, have not been publicly disclosed until now..."

https://www.bostonglobe.com/metro/2...ad-midterms/d0EzG4Cmh2jeMqllhXo4WP/story.html

guest · Nov 6, 2018

Nat’l Guard cybersecurity units on election duty in three states
November 5, 2018
https://www.scmagazine.com/home/sec...urity-units-on-election-duty-in-three-states/

National Guard cybersecurity units in three U.S. states have been summoned up to provide support for the midterm elections in case of a cybersecurity event.

“Wisconsin voters should feel confident that the Wisconsin National Guard’s team is ready if needed to provide assistance on Election Day,” Maj. Gen. Donald Dunbar, adjutant general of Wisconsin, said in a release.

It is unclear how many other states, if any, are using the Guard to potentially fend off cybersecurity incidents.

“The activation of these National Guard cyber security units begs the question, if we have such defenses available and they are effective, why don’t we deploy them more widely?” asked Paul Bischoff, privacy advocate at Comparitech.com.
Click to expand...

Minimalist · Nov 6, 2018

Tech companies offered free products to help secure the election. Now what?

Over the past few months, about a dozen technology companies have announced programs offering state and local election offices or political organizations free services to help them fend off looming threats, including email protection, extra security for cloud applications, basic antivirus coverage, multi-factor authentication tools and several other types of products. As elections in the U.S. are run by the states, securing a federal election requires a massive coordinated effort. The federal government has been playing a greater role to this end since 2016, but can only do so much without overstepping its bounds. In this gap, some companies saw a role they could play, and some of them decided to step in for free.
Click to expand...

https://www.cyberscoop.com/2018-midterm-elections-private-sector-cybersecurity-tools/

Minimalist · Nov 6, 2018

Blockchain-based elections would be a disaster for democracy

If you talk to experts on election security (I studied with several of them in graduate school) they'll tell you that we're nowhere close to being ready for online voting. "Mobile voting is a horrific idea," said election security expert Joe Hall when I asked him about a West Virginia experiment with blockchain-based mobile voting back in August.
Click to expand...

https://arstechnica.com/tech-policy...-elections-would-be-a-disaster-for-democracy/

Minimalist · Nov 7, 2018

DHS on Election Day: No malicious cyber-activity observed

As midterm election results are tallied, officials said Tuesday that they have not seen any malicious cyber-activity targeting election infrastructure.
Click to expand...

https://www.cyberscoop.com/dhs-on-election-day-no-malicious-cyber-activity-observed/

Minimalist · Nov 27, 2018

EU Voters Worried About Election Hacking and Disinformation

UK voters are among the most concerned in Europe that elections could be sabotaged by cyber-attacks, according to a new European Commission study.

The survey polled over 27,000 citizens across the EU with face-to-face interviews to better understand their concerns ahead of upcoming European elections in May 2019.
Click to expand...

https://www.infosecurity-magazine.com/news/eu-voters-worried-election-hacking/

guest · Nov 28, 2018

South Korea to develop blockchain voting system
November 28, 2018
https://www.zdnet.com/article/south-korea-to-develop-blockchain-voting-system/

South Korea plans to develop a blockchain voting system, with trials starting next month in the private sector.

The latest system to be developed will apply blockchain in voter authentication and result saving, which will increase transparency and security, the government said.
Voting will be conducted via mobile and personal computers. Data will be saved on a distributed network and all voters will be able to view voting results as they progress.

It will later add artificial intelligence, big data, and IoT technology to further upgrade voting systems, the NEC said.
Click to expand...

guest · Dec 1, 2018

New bipartisan bill proposes international election security cooperation
November 30, 2018
https://www.cyberscoop.com/global-electoral-exchange-act-klobuchar-sullivan-senate/

Under the Global Electoral Exchange Act, U.S. election officials would more closely collaborate with their foreign counterparts, and the State Department would have new authority to share information.

“Election security is national security. Our intelligence community continues to warn that our elections—and those of our allies—are a target for adversaries,” Klobuchar said in a statement.

“This legislation takes important steps to enhance collaboration between the United States and our allies to examine best practices and ensure future elections remain fair, free and absent of foreign interference.”
You can read the new bill in its entirety below.
Click to expand...

hawki · Dec 4, 2018

"Emails of top National Republican Campaign Committee officials stolen in major 2018 hack

The House GOP campaign arm suffered a major hack during the 2018 election, exposing thousands of sensitive emails to an outside intruder, according to three senior party officials.

The email accounts of four senior aides at the National Republican Congressional Committee (NRCC) were surveilled for several months, the party officials said. The intrusion was detected in April by an NRCC vendor, who alerted the committee and its cybersecurity contractor. An internal investigation was initiated and the FBI was alerted to the attack, said the officials, who requested anonymity to discuss the incident...

Party officials would not say when the hack began or who was behind it, although they privately believe it was a foreign agent due to the nature of the attack...

The hack was first detected by an MSSP, a managed security services provider that monitors the NRCC’s network. The MSSP informed NRCC officials and they, in turn, alerted Crowdstrike, a well-known cybersecurity firm that had already been retained by the NRCC..."

https://www.politico.com/story/2018...c-officials-stolen-in-major-2018-hack-1043309

guest · Dec 13, 2018

US elections watchdog says it's OK to spend surplus campaign cash on cybersecurity gear
December 13, 2018
https://www.theregister.co.uk/2018/12/13/us_elections_campaign_cybersecurity/

The US Federal Election Commission has officially voted to allow members of Congress to use their campaign funds on cybersecurity protection.
The ruling means that senators and House reps will be able to purchase things like anti-malware subscriptions, two-factor authentication tokens and secure home routers with leftover campaign money after they take office.

"Yes, you may use campaign funds to pay for cybersecurity protection for your personal devices and accounts," the FEC said.
"Effectively defending against these threats imposes prohibitive costs and should not be the sole personal financial responsibility of members," Wyden argued.

"We need to ask whether cybersecurity should have to rely on unpredictable leftover funds or if it should be a key component to candidates’ campaign machinery."
Click to expand...

Minimalist · Jan 5, 2019

Here are the big election security measures in the House Democrats' massive new bill

A giant bill House Democrats proposed on Friday includes a number of measures aimed at improving election security and voter confidence. The measures in H.R. 1 draw on provisions from several bills that were proposed but failed since the 2016 election, which experts and officials concluded was targeted by a Russian-led influence operation.
Click to expand...

https://www.cyberscoop.com/house-democrat-bill-election-security-measures-2019-hr-1/

Minimalist · Jan 10, 2019

Netanyahu Says Israel Ready to Thwart Election Cyber Meddling

Israeli Prime Minister Benjamin Netanyahu said Wednesday that his country led the world in cyber defence, after a report that an unnamed nation planned to meddle in its upcoming general election.
Click to expand...

https://www.securityweek.com/netanyahu-says-israel-ready-thwart-election-cyber-meddling

ronjor · Jan 10, 2019

Election Security Isn't as Bad as People Think

Suzanne Spaulding 1/10/2019
Make no mistake, however: We'll always have to be on guard. And we can take some lessons from the world of industrial cybersecurity.
Click to expand...

ronjor · Jan 12, 2019

Georgia board endorses more electronic voting machines

Written by Benjamin Freed Jan 11, 2019
The Secure, Accessible & Fair Elections — or SAFE — Commission voted 13-3 on Thursday to support a replacement of the state’s 16-year-old voting machines that could cost the state more than $100 million, which the Georgia state legislature will consider when it begins its new session next week.
Click to expand...

Minimalist · Jan 18, 2019

DNC officials say Russians unsuccessfully tried to hack them after 2018 midterms

Hackers linked with the Russian government were likely behind an attempt to breach email accounts of Democratic National Committee officials just days after the 2018 midterm elections, the committee alleged late Thursday.

Dozens of DNC officials were targeted with spearphishing emails on Nov. 14, eight days after the elections, the committee said in an updated court filing that is part of its lawsuit against the Russian government. The DNC is the Democratic Party’s top governing body.
Click to expand...

https://www.cyberscoop.com/dnc-russian-hackers-2018-midterms/

Minimalist · Jan 25, 2019

Ukraine Sees Surge in Election-Targeted Cyberattacks

As reported by Reuters, officials in Ukraine say hackers, likely controlled or sponsored by Russia, are targeting government and political party servers in an attempt to disrupt the presidential election scheduled for March.
Click to expand...

https://www.darkreading.com/attacks...election-targeted-cyberattacks/d/d-id/1333738

Minimalist · Jan 28, 2019

Facebook has 'new tools' against EU election meddling

Facebook unveiled Monday new tools to counter online political meddling in the European elections, part of a campaign to answer growing pressure to rein in disinformation.

The US tech giant's vice president, former British deputy prime minister Nick Clegg, said in a speech the methods would become available in late March and help "make political advertising on Facebook more transparent".
Click to expand...

https://phys.org/news/2019-01-facebook-tools-eu-election.html

Log in or Sign up

Securing Elections

Minimalist Registered Member

guest Guest

guest Guest

Minimalist Registered Member

guest Guest

Minimalist Registered Member

Minimalist Registered Member

Minimalist Registered Member

hawki Registered Member

guest Guest

Minimalist Registered Member

Minimalist Registered Member

Minimalist Registered Member

Minimalist Registered Member

guest Guest

guest Guest

hawki Registered Member

guest Guest

Minimalist Registered Member

Minimalist Registered Member

ronjor Global Moderator

ronjor Global Moderator

Minimalist Registered Member

Minimalist Registered Member

Minimalist Registered Member

Log in or Sign up

Securing Elections

Minimalist Registered Member

guest Guest

guest Guest

Minimalist Registered Member

guest Guest

Minimalist Registered Member

Minimalist Registered Member

Minimalist Registered Member

hawki Registered Member

guest Guest

Minimalist Registered Member

Minimalist Registered Member

Minimalist Registered Member

Minimalist Registered Member

guest Guest

guest Guest

hawki Registered Member

guest Guest

Minimalist Registered Member

Minimalist Registered Member

ronjor Global Moderator

ronjor Global Moderator

Minimalist Registered Member

Minimalist Registered Member

Minimalist Registered Member

Useful Searches