Security News

The latest edition of the ISMG Security Report offers an analysis of the missteps that led to problems with the app used in this week's Democratic presidential caucuses in Iowa. Also featured:...

YouTube is the latest social media firm to adjust its policies as the 2020 U.S. presidential election gets underway. On Monday, the company announced plans to remove misleading political content and other disinformation from its platform.

When state election officials gathered ahead of the last presidential election, major topics were voter registration, identity theft and ballot design. Election officials from 44 states joined officials with 11 federal agencies and representatives from more than a dozen voting technology companies to participate in the half-day exercise to help them keep votes secure.

THE THREAT. THEN: U.S. intelligence agencies say Russia was the only nation that significantly interfered in the 2016 election. CYBERSECURITY IN THE STATES. THEN: Before the 2016 election, state election offices were mostly focused on ensuring orderly elections and that voting-related equipment functioned properly.

King County voters will be able to use their name and birthdate to log in to a Web portal through the Internet browser on their phones, says Bryan Finney, the CEO of Democracy Live, the Seattle-based voting company providing the technology. Once voters have completed their ballots, they must verify their submissions and then submit a signature on the touch screen of their device.

The new guidelines, explained on a media call last Thursday and in a press release last Friday, say the FBI will notify a state's chief election official and other local election workers in the event of any cyberattack. "Understanding that mitigation of such incidents often hinges on timely notification, the FBI has established a new internal policy outlining how the FBI will notify state and local officials responsible for administering election infrastructure of cyber activity targeting their infrastructure," the FBI statement said.

So said Shelby Pierson, the election security threats executive for the Office of the Director of National Intelligence, speaking at an Election Assistance Commission event earlier this month. It's probably a good idea for the FBI to warn local and state election officials of hacking attempts, and last week, it announced just that.

The FBI has changed its policy around election cybersecurity and said it will now notify state officials in the event that local election systems are hacked. Previously, the FBI would inform these parties but didn't necessarily share the information with state election officials, a move that came under fire from state lawmakers and Congress for not going far enough to protect the integrity of elections from cyberattacks.

The FBI has created a new policy to give "Timely" breach notifications to state and local officials concerning election hacking and foreign interference. It will also require agents to work directly with state and local election officials to identify and mitigate cyberthreats to election infrastructure as quickly as possible, according to the FBI announcement.

A computer security expert says he found that a forensic image of the election server central to a legal battle over the integrity of Georgia elections showed signs that the original server was hacked. Logan Lamb, a security expert for the plaintiffs, said in an affidavit filed in Atlanta federal court on Thursday that he found evidence suggesting the server was compromised in December 2014.