This is what an end game would be for Russian influencers. Polls do show we are caught in a unending skepticism about the validity of our upcoming elections.

What happens next…fewer voters perhaps?

I know the midterms are galvanizing many to urgently get to the polls, but the underlying mistrust of how safe our voting systems are is now at an all time low. (31%)

Significant quote
the intense focus by the media and the federal government on Russia’s election interference efforts could be eroding voters’ confidence in democratic institutions.

About 1 out of every 3 American adults thinks a foreign country is likely to change vote tallies and results in the upcoming midterm elections, according to a new NPR/Marist poll released Monday.

The finding comes even as there is no evidence Russia or any other country manipulated or tried to manipulate the vote count in 2016 or at any other point in American history.

The results give credence to what election officials have been worried about since at least the summer of 2016: that the intense focus by the media and the federal government on Russia’s election interference efforts could be eroding voters’ confidence in democratic institutions.

The U.S. intelligence community agrees Russia used a number of different strategies to influence the minds of voters leading up to the 2016 election: posing as Americans to spread false and misleading information on social media, hacking into campaign and political party servers to release narrative-shifting emails, and targeting voting infrastructure like registration databases.

But there’s been no indication any ballots were ever manipulated, as 31 percent of Americans think is likely to happen in November.

U.S. Cyber Command operation disrupted Internet access of Russian troll factory on day of 2018 midterms

The U.S. military blocked Internet access to an infamous Russian entity seeking to sow discord among Americans during the 2018 midterms, several U.S. officials said, a warning that the group’s operations against the United States are not cost-free.

The strike on the Internet Research Agency in St. Petersburg, a company underwritten by an oligarch close to President Vladi­mir Putin, was part of the first offensive cyber campaign against Russia designed to thwart attempts to interfere with a U.S. election, the officials said.

“They basically took the IRA offline,” according to one individual familiar with the matter who, like others, spoke on the condition of anonymity to discuss classified information. “They shut ‘em down.”

The operation marked the first muscle-flexing by U.S. Cyber Command, with intelligence from the National Security Agency, under new authorities it was granted by President Trump and Congress last year to bolster offensive capabilities.

Whether the impact of the St. Petersburg action will be long-lasting remains to be seen. Russia’s tactics are evolving, and some analysts were skeptical of the deterrent value on either the Russian troll factory or on Putin, who, according to U.S. intelligence officials, ordered an “influence” campaign in 2016 to undermine faith in U.S. democracy. U.S. officials have also assessed that the Internet Research Agency works on behalf of the Kremlin.

Very little has been done to shore up the election process. #FixIsIn

State election officials opt for 2020 voting machines vulnerable to hacking

The new machines still pose unacceptable risks in an election that U.S. intelligence officials expect to be a prime target for disruption by countries such as Russia and China.

The machines that Georgia, Delaware, Philadelphia and perhaps many other jurisdictions will buy before 2020 are an improvement over the totally paperless devices that have generated controversy for more than 15 years, election security experts and voting integrity advocates say. But they warn that these new machines still pose unacceptable risks in an election that U.S. intelligence officials expect to be a prime target for disruption by countries such as Russia and China.

A 23-page report is downloadable here discussing the prospect of getting accurate vote counting which is nearly impossible, including paper ballots.

It is up to the States to determine their own voting ‘platform’ and there are very few regulations nor guidance about this. In other words, nothing has changed since 2016…

Abstract

Computers, including all modern voting systems, can be hacked and misprogrammed. The scale and complexity of U.S. elections may require the use of computers to count ballots, but election integrity requires a paper-ballot voting system in which, regardless of how they are initially counted, ballots can be re- counted by hand to check whether election outcomes have been altered by buggy or hacked software. Furthermore, secure voting systems must be able to recover from any errors that might have occurred.

However, paper ballots provide no assurance unless they accurately record the vote as the voter expresses it. Voters can express their intent by hand-marking a ballot with a pen, or using a computer called a ballot-marking device (BMD), which generally has a touchscreen and assistive interfaces. Voters can make mistakes in expressing their intent in either technology, but only the BMD is also subject to systematic error from computer hacking or bugs in the process of recording the vote on paper, after the voter has expressed it. A hacked BMD can print a vote on the paper ballot that differs from what the voter expressed, or can omit a vote that the voter expressed.

It is not easy to check whether BMD output accurately reflects how one voted in every contest. Research shows that most voters do not review paper ballots printed by BMDs, even when clearly instructed to check for errors. Furthermore, most voters who do review their ballots do not check carefully enough to notice errors that would change how their votes were counted. Finally, voters who detect BMD errors before casting their ballots, can correct only their own ballots, not systematic errors, bugs, or hacking. There is no action that a voter can take to demonstrate to election officials that a BMD altered their expressed votes, and thus no way voters can help deter, detect, contain, and correct computer hacking in elections. That is, not only is it inappropriate to rely on voters to check whether BMDs alter expressed votes, it doesn’t work.

Risk-limiting audits of a trustworthy paper trail can check whether errors in tabulating the votes as recorded altered election outcomes, but there is no way to check whether errors in how BMDs record expressed votes altered election out- comes. The outcomes of elections conducted on current BMDs therefore cannot be confirmed by audits. This paper identifies two properties of voting systems, contestability and defensibility, that are necessary conditions for any audit to con- firm election outcomes. No commercially available EAC-certified BMD is contestable or defensible.

To reduce the risk that computers undetectably alter election results by printing erroneous votes on the official paper audit trail, the use of BMDs should be limited to voters who require assistive technology to vote independently.

FBI to shed some light on FL hacking…link to article inside tweet.

The briefing is in response to a request that House Representatives Stephanie Murphy, Democrat of Florida, and Michael Waltz, Republican of Florida, made in a letter to Attorney General William Barr and FBI Director Christopher Wray on May 2.

Florida’s governor and secretary of state have also said that they were unfamiliar with the 2016 hack, and have requested answers. Gov. Ron DeSantis has also requested an FBI briefing on the subject, but does not have a date set, though his office says it wants it to take place before DeSantis visits Israel on May 25.

You wonder how vulnerable we are…and who’s doing what? Here’s a US friendly cybersecurity hacking contest…and see what they can do.

Are there threats? Well, look below…

https://www.washingtonpost.com/news/powerpost/paloma/the-cybersecurity-202/2019/10/17/the-cybersecurity-202-cyber-command-hacking-contest-aims-to-prep-election-day-first-responders/5da7463288e0fa3155a711a6/

It also marks a novel team-up between U.S. Cyber Command, which is sponsoring the AvengerCon conference today and tomorrow, and the ethical hacking community, which has sounded alarm bells about vulnerabilities in U.S. voting systems but gotten blowback from state and local election officials and voting machine companies saying they’re overhyping the threat.

“The idea is to bring up the skill level and the knowledge level of individuals that, if all hell breaks loose, are going to be responsible for defending or eradicating a potential impact [on Election Day]. You can’t do that if you don’t practice,” Armando Seay, director of Dreamport, a Cybercom offshoot running the conference, told me.

Cybercom launched Dreamport about 18 months ago with a mission of forging stronger relationships between the super-secret work being done by the military command’s offensive and defensive hackers and private-sector cybersecurity researchers.

And with the public anxious that Russia will try to repeat or one-up its 2016 election interference operation, protecting elections seemed like an obvious priority, Seay told me.

OH, wait…of course there are THREATS…WTFery

Cybersecurity warning: This sophisticated Russian hacking group is back in action again

Researchers detail how Cozy Bear - the hacking group behind the DNC attacks - has been working under the radar in attacks against Foreign Ministries across Europe.

A Russian cyber espionage operation which was one of the groups which hacked into Democratic National Committee in the run-up to the 2016 US Presidential election has been busy with attacks against government departments across Europe and beyond.

The Cozy Bear hacking group – also known as APT29 – is believed to be associated with the Russian intelligence service and, alongside Russian military hacking group Fancy Bear, was involved in a number of high profile attacks between 2014 and 2017.

In the time since then, Cozy Bear appeared to go quiet, but now cyber security analysts at ESET have detailed how the group – which they refer to as Dukes – have continued their activity while attempting to staying under the radar.

The newly uncovered campaign – dubbed Operation Ghost by researchers – started in 2013 and continued into 2019, meaning the group never stopped its espionage activity.

In attacks using four new families of malware, Cozy Bear has targeted at ministries of foreign affairs in at least three different countries in Europe, as well as the US embassy of a European Union country in Washington DC.

Researchers have attributed Operation Ghost to Cozy Bear because the attacks use backdoor malware associated with previous activity by the group – MiniDuke – although this version appears to have been updated. The group also appears to mostly active during working hours in Russia, with occasional activity at night-time.

Like other campaigns by Cozy Bear, attacks begin with targeted spear-phishing emails designed to lure victims into clicking a malicious link or downloading malware via an attachment – however the initial compromise emails haven’t yet been identified.

From there, the attackers, steal login details to roam across networks, often exploiting admin credentials to do so.

The campaigns also use three new families of malware to help conduct operations on compromised systems, which researchers have named PolyglotDuke, RegDuke and FatDuke.

PolyglotDuke uses Twitter, Reddit, Imgur and other websites to link to their command and control (C&C) infrastructure, enabling the attackers to avoid storing this information in the malware – something which can be helpful for avoiding detection.

“Automated systems will less likely flag an executable as malicious if it only contains URLs of legitimate websites. Moreover, if the malware is executed in a sandbox, without internet access, it won’t perform any malicious activity as it cannot reach the C&C server,” Matthieu Faou, ESET malware researcher and the author of the research told ZDNet.

“Finally, it allows attackers to easily update the C&C URL as they just need to replace the message,” he added.

Meanwhile, RegDuke contains the main payload and stores it on the Windows registry while also applying stenography to stay hidden. The third new malware family is FatDuke, something which researchers describe as a sophisticated backdoor with the ability to steal login credentials and other private data associated with espionage activities – especially against high ranking government departments.

“These organizations typically deal with highly-sensitive documents about national or worldwide policy. Thus, from an espionage perspective, they are very valuable targets,” said Faou.

The ESET report states that researchers will continue to monitor activity by Dukes and a list of Indicators of Compromise has been posted to GitHub to help potential victims detect attacks.

Researchers also warn that just because an APT threat group appears to have gone dark, it doesn’t mean they’ve stopped espionage activity – indeed, the very nature of spying means they’re doing all they can to avoid detection. And while groups like Cozy Bear might occasionally pause activity, it’s ultimately their job to conduct espionage at all times – so the group will return again in future.

“We can expect them to develop new tools to be able to re-start their attacks in the next weeks or months,” said Faou.

Thank you for reviving this thread! I’ve been too busy lately and this subject is important.

Cybersecurity and electorial safety should be at the forefront of people’s minds, not to mention Congress and well, our President. Last entry of course is in purposeful denial and flim flamming away without any true regard for election safety.

Article talks about how the States are now the front lines of voter fraud issues and voter safety.

SPRINGFIELD, Va. (AP) — Inside a hotel ballroom near the nation’s capital, a U.S. Army officer with battlefield experience told 120 state and local election officials that they may have more in common with military strategists than they might think.

These government officials are on the front lines of a different kind of battlefield — one in which they are helping to defend American democracy by ensuring free and fair elections.

“Everyone in this room is part of a bigger effort, and it’s only together are we going to get through this,” the officer said.

That officer and other past and present national security leaders had a message to convey to officials from 24 states gathered for a recent training held by a Harvard-affiliated democracy project: They are the linchpins in efforts to defend U.S. elections from an attack by Russia, China or other foreign threats, and developing a military mindset will help them protect the integrity of the vote.

The need for such training reflects how elections security worries have heightened in the aftermath of the 2016 election, when Russian military agents targeted voting systems across the country as part of a multi-pronged effort to influence the presidential election. Until then, the job of local election officials could had been described as akin to a wedding planner who keeps track of who will be showing up on Election Day and ensures all the equipment and supplies are in place.

Now, these officials are on the front lines. The federal government will be on high alert, gathering intelligence and scanning systems for suspicious cyber activity as they look to defend the nation’s elections. Meanwhile, it will be the state and county officials who will be on the ground charged with identifying and dealing with any hostile acts.

“It’s another level of war, said Jesse Salinas, the chief elections official in Yolo County, California, who attended the training. “You only attack things that you feel are a threat to you, and our democracy is a threat to a lot of these nation-states that are getting involved trying to undermine it. We have to fight back, and we have to prepare.”

Salinas brought four of his employees with him to the training, which was part of the Defending Digital Democracy Project based at the Belfer Center for Science and International Affairs at the Harvard Kennedy School. The group has been working actively with former and current military, national security, political and communications experts — many of whom dedicate their time after work and on weekends — to develop training and manuals for state and local election officials. Those involved with leading the training asked for anonymity because of their sensitive positions.

This is an in-depth investigative report about VR Systems, a company that handles election and voter registration software in several states. We still don’t know what really happened when their software malfunctioned on election day 2016 in Durham County, N.C., following a phishing attack on the company by the Russians.

… To this day, no one knows definitively what happened with Durham’s poll books. And one important fact about the incident still worries election integrity activists three years later: VR Systems had been targeted by Russian hackers in a phishing campaign three months before the election. The hackers had sent malicious emails both to VR Systems and to some of its election customers, attempting to trick the recipients into revealing usernames and passwords for their email accounts. The Russians had also visited VR Systems’ website, presumably looking for vulnerabilities they could use to get into the company’s network, as the hackers had done with Illinois’ state voter registration system months earlier.
…
The uncertainty around what happened in Durham and to VR Systems has attracted concern in the U.S. Senate. Senator Ron Wyden (D-Ore.), who believes the Russians may have successfully breached VR Systems, has been trying to resolve the unknowns. “The American people have a right to know whether the Russian government’s hack of VR Systems played any role in the failure of VR Systems’ products in Durham, North Carolina, on Election Day in 2016,” Wyden told POLITICO.

Public confidence in the integrity of the 2016 election outcome rests largely on the belief that the Russian hackers—who did, in fact, attempt to meddle in the election, according to the U.S. intelligence community—were blocked before they could alter votes or have a direct effect on the results by manipulating voter records. It has been publicly reported, for example, that those hackers superficially probed election-related websites in 21 states and breached a few voter-registration databases, but did not alter or delete voter records. And accounts of the Russian interference laid out in a recent Senate Intelligence Committee report and in Robert Mueller’s lengthy investigative summary released earlier this year assert that there’s no evidence the Russian actors altered vote tallies or even attempted to do so.

But the government has also suggested in one report and asserted outright in others—among them a 2017 National Security Agency document leaked to the press, a 2018 indictment of Russian intelligence officers, and the Senate Intelligence Committee report and Mueller report—that the hackers successfully breached (or very likely breached) at least one company that makes software for managing voter rolls, and installed malware on that company’s network.

… a successful hack of any of these companies—even a small firm—could have far-flung implications. In the case of VR Systems, more than 14,000 of the company’s electronic poll books were used in the 2016 elections—in Florida, Illinois, Indiana, North Carolina, Virginia and West Virginia and other states. The company’s poll book software—known as EViD, short for Electronic Voter Identification—was used in 23 of North Carolina’s 100 counties and in 64 of Florida’s 67 counties. The latter include Miami-Dade, the state’s most populous county.

But VR Systems doesn’t just make poll book software. It also makes voter-registration software, which, in addition to processing and managing new and existing voter records, helps direct voters to their proper precinct and do other tasks. And it hosts websites for counties to post their election results. VR Systems software is so instrumental to elections in some counties that a former Florida election official said that 90 percent of what his staff did on a daily basis to manage voters and voter data was done through VR Systems software.
…
The fact that so many significant questions about VR Systems remain unanswered three years after the 2016 election undermines the government’s assertions that it’s committed to providing election officials with all of the timely information they need to secure their systems in 2020. It also raises concerns that the public may never really know what occurred in 2016.

Sen Angus King’s digital director aims to keep the staff on their toes, ever reminding them that clicking on links can open up a campaign to serious hacking.

The goal was to keep staff members on their toes so they wouldn’t fall for emails from real hackers intent on damaging the campaign.

“We would try to get them to do things like change their password for their email or change their password for the database we were using,” Kaplan said.

It’s this kind of attention to detail and seriousness about security that political veterans and party officials are urging on candidates and their staffs. Starting next week, the first votes in the 2020 Democratic presidential primaries will be cast. Even more campaigns — from congressional races to local contests for mayor and city council — are gearing up for November’s election.

I became interested when I read that piece on WTF and started digging. It’s a much bigger problem than I anticipated.

"A compact flash card was found, containing a SQLite database of some 600,000 voter records in Tennessee, formatted for the ExpressPoll. Someone sold a Diebold ExpressPoll 5000, containing this card, on eBay.

The very presence of this card at DEF CON, a well-known hacker conference, or indeed anywhere outside of an incinerator, is a huge vulnerability, as it indicates that personal and voter records are clearly not treated with respect, or any sort of security. The entries within this database could be altered, deleted, or appended to, demonstrating that even voter records used in an actual election could be altered by anybody with access to basic hardware."

Anyone can purchase these machines and parts on eBay, which means there’s probably another unseen market elsewhere. This issue needs more attention from the public.

Wtf, right?!