Georgia Sec. of State does not want DHS to designate election systems as critical infrastructure. Here’s why.

Georgia’s election officials were all bent out of shape last fall when the US Department of Homeland Security (DHS) wanted to designate American election infrastructure as critical to national security.  As Sec. of State Brian Kemp explained in his recent USA Today op-ed, it’s really just a matter of state sovereignty.  We don’t want the federal government telling us how to run our elections, is what Kemp is telling Georgians. In fact, he thinks so little of DHS, he wants you to believe the federal government (ours, not Russia’s) is the one hacking Georgia’s election system in a “massive attack,” according to a complaint filed by Kemp’s office last January.

The Inspector General of DHS investigated Kemp’s allegations and found to the Secretary’s embarrassment that what he had characterized as a massive attack, was actually normal web traffic. Never mind murmured Kemp.

A more likely explanation for the critical infrastructure freak-out is that the Secretary of State’s office treats the protection of computerized election system like a high school science fair project, not a precious resource to be protected. Wouldn’t that be embarrassing if the Feds showed up to check on his ability to manage critical infrastructure?

Way back in the early days of electronic voting in Georgia, then SoS Cathy Cox, a Democrat,  set up the Center for Election Systems (CES) at Kennesaw State University to test, program, maintain and provide training for the Diebold-based touchscreen voting machines and associated servers, networks, and software.

CES Director Michael Barnes served as an enthusiastic tour guide to the Atlanta Journal and Constitution, which posted this video on YouTube™

A well-positioned sign announced the state’s central technology organization, helpfully displaying its precise location.  No guards or even a receptionist to check the identities of visitors; no ID badges to distinguish students who were authorized to be there from those who merely wanted to examine the piles of election equipment and computers that had been left unattended in otherwise unsupervised rooms.

You would think that an important system like this would have the eye of top university leadership.  Director Barnes says no. CES is just another department in the school of science.

The most likely explanation for the Secretary’s over-the-top reaction to the suggestion that Georgia’s election system be classified as critical infrastructure is that the state’s election officials do not think it is that important, and they would prefer that not be widely known.

#protectGAvote

 

 

Secretary of State Brian Kemp takes his case public for maintaining Georgia’s reputation for the country’s most insecure voting system.

Georgia Secretary of State Brian Kemp responded this morning to a USA Today editorial that points out an inconvenient fact:

in Georgia, where researchers discovered a gaping hole in election security last fall, it’s unclear what has been done to plug it. Georgia Secretary of State Brian Kemp has argued vehemently against replacing the state’s voting machines, which are susceptible to sabotage because they lack a paper record of votes.

Kemp could have defended himself by behaving like a responsible public servant and: (1) acknowledging the threat, (2) promising to marshal the considerable resources at his disposal to meet the threat, and (3) forming a national strength-in-numbers coalition of election officials to adopt the common-sense reforms that are the consensus recommendation of voting technology experts.  He did not do that.

Instead, Kemp laid out his case for placing his personal political ambitions above his duty to protect Georgia voters:

As reporters chase stories to feed the 24-hour news cycle, they dilute facts and develop false narratives about Russian hacking and potential vulnerabilities in the system. The prevailing plot line is that states like Georgia can’t provide suitable security for elections.

At last month’s Senate Intelligence Committee hearing, national security officials testified that there is no doubt about Russian hacking. Committee members-who have been briefed on the threats and vulnerabilities-showed rare bipartisan agreement. They also said that DHS has not conducted classified briefings for state election officials, so Brian Kemp actually has no way to know whether the “narratives” are false.

This sounds like me.  When I was Mayor of Amity, Chief Brody tried to get me to close the beaches because of a great white shark that was snacking on 4th of July tourists.  I was more concerned about the political implications than protecting people.  I’ve apologized for my irresponsible behavior.  My hope is that Brian Kemp follows suit, but I don’t think that’s very likely.

The next best outcome is for Kemp’s Republican gubernatorial opponent, Lt. Gov. Casey Cagle to use this shocking editorial to argue that Kemp should never again be allowed to represent the public interest.

In the meantime, Georgians are left to wonder whether the results of recent elections can be trusted.

#protectGAvote

Here’s how to thwart Russian attacks on the 2018 elections

100 experts on election security (including conservatives, progressives, academics, corporate officials, and member of the national security community)  released a letter that lays out a plan for safeguarding the vote. Despite their personal political differences, they are all united in the view that our nation’s rough patchwork of voting security measures is wholly inadequate.   Even more importantly, they are united in what to do about it.

Here are their recommended actions

  • Phase out the use of voting technologies such as paperless Direct Recording Electronic voting machines that do not provide a voter-verified paper ballot.
  •  Create firewalls (software barriers) between internet and all voter registration, vote-tabulating machines, ballot delivery, and election management systems. Require layered backup systems to ensure that intrusions and corruption of the databases can be detected and corrected.
  • Review and document compliance with the recommendations and checklists prepared by the US Department of Homeland Security for security, penetration testing, network scanning, and detection and management of potential cyber-attacks. Review and track FBI security alerts.
  • Ensure that voting systems and information technology that supports voting systems have the latest security patches, and that those patches have been provided from trusted sources on trusted media. Limit physical access and regularly audit sensitive and critical election systems.
  • Discourage voters from voting online in any form—via web, email or fax—even in states where it is legal. Inform voters that electronically submitted ballots can be modified, copied, rerouted or simply deleted during transmission.
  • Compare random samples of voting system totals to hand counts of the votes on the corresponding paper ballots.
  • Audit in a way that has a large chance of detecting and correcting any incorrect electoral outcomes, whatever their cause.
  • Recruit technical experts to assist with tests and audits. Resources for finding experts, many of whom may provide pro bono services, include the Election Verification Network, professional societies such as the American Statistical Association, and academic institutions.
  • Allow public oversight of all audits, and prominently publicize all testing and audit results.
  • Report and publicize ballot accounting and final results in detail before certification.

The American election system is a patchwork of computerized voting systems.  There is no over-arching architecture. State and local authorities are largely free to choose the election products that make the most sense for their citizens.  That decentralized diversity has been touted as a strength of voting in the U.S.   Unfortunately the strength of decentralization falls apart when confronted with a determined, well-funded, state-backed adversary.  State and local officials simply cannot keep up.

Let local election officials know that there are alternatives that would greatly enhance public confidence in their systems.

#protectGAvote

 

You don’t know if an election is hacked unless you take steps to find out.

It was overlooked by the news networks, but there was a significant step forward in advancing public understanding of how to secure voting systems in yesterday’s Senate Intelligence Committee hearing.  California Senator Kamela Harris opened her questioning with an old cyber security riddle:

Q: How is not being hacked like being hacked?

A: Either way you don’t know.

This has been at the root of public misperceptions of election system security: since you can’t point to a successful vote-changing hack,  we must therefore be secure. In fact, most the of the Senate committee seemed hell-bent on propagating this idea by coaxing

No Senator, I don’t know if votes were actually changed in the November election

from witnesses who in fact have never tried to find out.

Alex Halderman tackled both sides of this fallacy with his opening statement.  First,  he pointed to a supervised hack of a Washington DC election that, over 48 hours changed every vote.

Even more importantly, he recommended risk-limiting post-election audits as a mandatory cost-effective and mathematically sound method of verifying election results:

 Specifically, if the reported outcome (usually the set of winner(s)) is incorrect, then a risk-limiting audit has a large, pre-specified minimum chance of leading to a full hand count that reveals the correct outcome. A risk-limiting audit can stop as soon as it finds strong evidence that the reported outcome was correct. (Closer elections generally entail checking more ballots.)

An important bottom line from yesterday’s hearing was an answer to the question whether you can ever know that an election was hacked.  You can, if you look.

#protectGAvote

At today’s hearing of the Senate Intelligence Committee, Prof. Alex Halderman gave a recipe for enhancing the security of our computerized voting systems:

Step 1: Replace DRE touchscreen systems with paper ballots and optical scanners.

Step 2: Use risk-limiting post-election audits to verify election results.

Step 3: Adopt best Cybersecurity practices and technologies appropriate to the threat.

#protectGAvote

Chris Matthews barks “I like paper!” on Hardball. It’s what he does when common sense departs.

Georgia is only one of five states that does not use paper backup for its election system. Experts have written to Secretary of State @BrianKemGA asking him to move to paper ballots.  The arguments against it are weak, so why does Georgia continue to promote the nonexistent benefits of a this national embarrassment? @HardballChris doesn’t get it either and he’s not shy about calling out the hypocrisy on MSNBC:

#protectGAvote