Search This Blog


Search Tool

Jun 15, 2020

Analysis | The Cybersecurity 202: Reports of mail-in ballot problems, partisan rancor in Georgia primary spell trouble for November

By Joseph Marks

with Tonya Riley
New claims that Georgia’s election technology may have failed to count thousands of legitimate votes sent in by mail is adding fuel to Democrats’ outrage over a disastrous primary they say disenfranchised many African American voters.
Officials and activists spotted the issues in four counties and warn others could have been affected. They may have been caused by poorly calibrated software for scanning mail ballots that failed to recognize when voters indicated their choice with an X or a check mark rather than completely blacking out an oval – though some election experts are urging a full review before drawing any conclusions about the systems, which have worked effectively in other states.
Republicans are pointing to the Georgia election debacle as evidence states should back off plans to expand mail voting in November. That runs counter to the advice of most election security experts who say voting by mail probably is the safest and most secure way to ensure people can cast ballots during the coronavirus pandemic. Democrats, meanwhile, are calling for more money for states to make sure they're prepared for the surge and to mitigate any technical issues that came up in the primaries
It’s a disturbing preview of how technical problems, bad preparation and partisan rancor could combine to wreak havoc in November — especially in Georgia and other hotly contested states in the presidential contest.  

Voters wait in long lines to vote in the Georgia's primary election. (Jenni Girtman/Atlanta Journal-Constitution/AP)
The uncounted Georgia votes were discovered during county reviews of ballots that vote-tallying scanners flagged for anomalies. 
They represent a small number of votes so far, but experts fear they could indicate there are more ballots that went uncounted but were never flagged — and in far more counties, the Associated Press’s Frank Bajak reports. The scanners are part of a statewide voting system Georgia purchased for $120 million last year after a judge ordered the state to replace an outdated paperless system.
“The fact that it is in multiple counties tells me that it’s probably systemic,” said Richard DeMillo, a Georgia Tech computer scientist who works extensively on voting security. He’s urging broader audits to identify such votes.
Yet Georgia voting implementation manager Gabriel Sterling told Bajak he had seen no evidence of the issue. “These are activists who have an ax to grind,” he said.
The issue was first highlighted by the voting security advocacy group Coalition for Good Governance, which has filed several lawsuits against the state in an effort to force it to switch to hand-marked paper ballots, which many security advocates say offer the best protection against hacking.

Steven Posey checks his phone as he waits in line to vote at Central Park in Atlanta. (John Bazemore/AP)
The uncounted ballots follow a slew of problems that upended Georgia’s primary and have prompted calls for widespread changes.
The previous problems, which were concentrated in heavily African American counties in and around Atlanta, included mail ballots that voters requested but didn’t arrive in time and a crush of in-person voting at a reduced number of polling sites.
Polling sites also suffered from a dearth of poll workers capable of showing up during the pandemic, many of whom did not know how to operate the state’s complex new voting machines.
In a troubling sign for November, Democrats and Republicans have drawn starkly different lessons from the problems.
Republican National Committee press secretary Mandi Merritt described the debacle to the Washington Examiner as evidence states should scale back plans to increase voting by mail in November, despite concerns that may be the safest way to vote during the pandemic.
The fumbled response in Georgia yesterday and the voting disasters we’ve seen across the country are exactly why the RNC is fighting back against the Democrats’ assault on the integrity of our elections process,” Merritt said. “States just don’t have the experience to switch to a universal vote-by-mail system when the election is merely months away.”
In fact, there are no states that plan to move to universal mail voting that don’t offer it already. But some mail voting advocates have expressed concerns that states with low mail-voting rates won’t be able to handle the levels of increase they might see during the pandemic.
President Trump has attacked mail voting by claiming without evidence that it leads to widespread fraud but has not cited any logistical concerns. He also voted by mail himself in Florida this year.
Democrats, meanwhile, have pointed to Georgia as evidence the federal government must increase funding for elections. 
Senate Democrats are pushing for an additional $3.6 billion in the next coronavirus stimulus bill to ensure states can all offer effective mail voting and safe in-person voting in November even if the pandemic is still raging.
But they’re unlikely to win support from Republicans, including Senate Majority Leader Mitch McConnell (R-Ky.). The first coronavirus stimulus included $400 million for elections.
Here’s Sen. Dianne Feinstein (Calif.), top Democrat on the Senate Judiciary Committee:
I joined @SenAmyKlobuchar and @SenGaryPeters to call for hearings on how to prepare for the November elections given the ongoing pandemic. Long lines and malfunctioning voting machines like we saw in Georgia aren't acceptable. We should expand vote-by-mail to help save lives.
— Senator Dianne Feinstein (@SenFeinstein) June 11, 2020
And House Majority Leader Steny Hoyer (D-Md.):
What happened in Georgia on Tuesday cannot be repeated. We have seen the success of mail-in voting as a means to ensure Americans can safely cast their votes, but states must take additional steps to address infrastructure and logistical issues.
— Steny Hoyer (@LeaderHoyer) June 11, 2020
Georgia Secretary of State Brad Raffensperger’s office has launched an investigation into what went wrong during the primary, but also tried to focus blame on county officials. That has drawn fire from Democrats and many election security experts who say the buck should stop with his office.
Georgia politician Stacey Abrams (D), who narrowly lost the 2018 governor’s race to Republican Brian Kemp, called the primary “an unmitigated disaster.” Abrams has been listed as a possible vice-presidential candidate for presumptive Democratic nominee Joe Biden. Her organization Fair Fight focuses on election access and voter suppression.

The keys
Anonymous is claiming credit for taking an Atlanta police website offline after a black man was killed by law enforcement. 

Rayshard Brooks, a 27-year-old black man, was fatally shot by a white Atlanta police officer outside the Wendy's on Friday night. (Curtis Compton/Atlanta Journal-Constitution via AP)
The hacking collective tweeted that it had “taken action against Atlanta PD for the execution of #RayshardBrooks” around 8:30 a.m. Sunday. The site was offline for a couple hours afterward but back up by 11:30 a.m., the Atlanta Journal Constitution reports.
Atlanta police chief Erika Shields resigned after video emerged of the shooting, which has prompted a wave of protests in the city.
Small facial recognition firms will fill the gap as big tech halts selling the equipment to police.

Washington County Sheriff's Office Deputy Jeff Talbot demonstrates how his agency used facial recognition software to help solve a crime. (Gillian Flaccus/AP)

Microsoft and Amazon have pledged to temporarily stop selling those tools to law enforcement amid widespread concern about how they’re being used during nationwide protests over police brutality. (Amazon CEO Jeff Bezos owns The Washington Post.)
But smaller firms including NEC, Clearview AI, and Ayonix that sell facial recognition products to police in the United States and around the world have no plans to stop, they told the Wall Street Journal’s Jared Council.
Those companies and other small firms hold the majority of facial recognition tech contracts with U.S. law enforcement agencies, Jameson Spivack, a policy associate at the Center on Privacy and Technology at Georgetown University Law School, said.
“We believe that law enforcement agencies should be able to use thoroughly tested and validated facial recognition technologies to help correct inherent biases, protect privacy and civil liberties, and fairly and effectively conduct just investigations,” NEC said in a statement.
Privacy bills for coronavirus surveillance are hitting familiar roadblocks in Congress. 

Senate Intelligence Committee Chairman Sen. Richard Burr, R-N.C., and Vice Chairman Sen. Mark Warner, D-Va.. (AP Photo/Andrew Harnik, Pool)
As with most data privacy and breach notification bills in recent years, Republicans want any federal laws that mandate privacy protections for the coronavirus tracking tools to be the law of the land. Democrats, meanwhile, want state laws to be able to supersede the federal law if they’re stronger, the Wall Street Journal’s David Uberti reports.
The continuing disagreements also give more room to foreign governments to set standards for the global tech industry,” Uberti reports.
“Reasserting American leadership in this area would be extremely important,” Sen. Mark Warner (D-Va.) who co-sponsored a Democratic coronavirus proposal, said.

Government scan

U.S. military spy agencies did not help spy on nationwide protests against police brutality, officials say.

Police clear the area around Lafayette Park and the White House in Washington, as demonstrators gather to protest the death of George Floyd. (Alex Brandon/AP)

No one in the Trump administration asked for such help and none of the military intelligence agencies offered it, Undersecretary of Defense for Intelligence and Security Joseph D. Kernan said in a letter to House Intelligence Committee Chairman Adam B. Schiff (D-Calif.).
Kernan said some military intelligence agencies shared but did not contributed to “situational reports” generated by the Department of Homeland Security, the FBI and other federal and state law enforcement organizations and “deemed reasonably necessary to protect [military] personnel from harm," Ellen Nakashima reports.
More government cybersecurity news:

Industry report

A cyberattack that hit Honda was highly sophisticated and targeted complex mechanical systems.

Honda vehicles bound for shipment sit at a port in Yokohama, Japan. (Kiyoshi Ota/Bloomberg News)

Such hacking tools, which target industrial control systems rather than commercial software, are highly rare and usually used by national intelligence services rather than criminal hackers. But there’s no evidence so far that the Honda hack was launched by a nation-state, Ben Dooley and Hisako Ueno at the New York Times report.
In the hands of criminals, the tools could be used not just to steal data or disrupt business operations but to bring factories to a grinding halt or switch off power grids,” the Times reports.
The attack forced Honda to shut down production at most plants in North America on June 8. They weren’t all back up and running until four days later. It also halted work at some factories in Brazil, India and Turkey. But the company hasn’t found any evidence of employees’ or customers’ personal information being stolen.
More industry news:

Zoom reinstates accounts of Tiananmen Square commemoration organizers, but is creating tech to ensure mainland Chinese users can be censored.

Signal, the privacy-first chat app, is seeing record downloads—here’s why.
Wall Street Journal


  • The House Financial Services committee will host a hearing on how cybercriminals are exploiting the covid-19 pandemic Tuesday at noon.

Secure log off

Some of the best of Georgia:

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.