News & Insights
We’re Making History in Real Time.
Our timely insights share informed perspectives on the rapidly evolving story of Election Technology, as it unfolds.
New Cybersecurity Threats Require New Thinking on Testing and Certification
Ms. Voting Matters offers a summation of internal leadership discussion on the imperative topic of evolving election technology security; a longer article, but we think worth the read.
On an almost daily basis, there is mounting evidence that the scope of “election security” is wider than might appear at first blush. While much attention has been paid to “voting machines” and “voting systems” that capture and tabulate votes, there is growing awareness that other types of election-related software infrastructure are even more vulnerable by virtue of being network-connected: specifically, voter registration (VR) systems and Election Night Reporting (ENR) systems (which display results over the web, but which do not tabulate votes) have been found to be especially vulnerable. The question is how can cybersecurity testing and certification adapt?
Perspectives from the U.S. Elections Assistance Commission Public Hearing in Memphis
On April 10, 2019, at the historic Peabody Hotel in Memphis, TN, Eddie Perez, our Director of Technology Development, had the privilege of presenting public testimony on behalf of the OSET Institute at a Public Hearing of the United States Election Assistance Commission (EAC). The topic was the latest version (still pending) of federal voting system standards: the Voluntary Voting System Guidelines (VVSG), Version 2.0. Here are Eddie Perez’s observations about themes that emerged from the Public Hearing:
A Major Breakthrough Development in the Innovation of Election Technology
On Thursday March 14th it was announced that the Defense Department Advanced Research Projects Agency (DARPA) System Security Integration Through Hardware and Firmware (SSITH) Program has selected Galois, a premier computer science company and a security engineering partner of the OSET Institute, to develop a public prototype voting system in order to demonstrate the Program’s advancements in hardware and system security. This is an enormously pivotal piece of news in the mission to innovate election technology infrastructure to be Verifiable, Accurate, Secure, and Transparent (the “VAST mandate'“)…
Examining the Georgia State Voting System Cost Projection
The OSET Institute closely follows all developments in election technology infrastructure, because it’s essential to the defense of democracy. Lately, one topic that has garnered more public attention is the process by which state and local jurisdictions assess, select, and procure voting technology. One in particular, Georgia, has garnered much attention, and rightly so. There are some very unusual cost justifications underway; and the math is not adding up. Not. Even. Close. The OSET Institute took a measured examination of what the costing should really look like. Something is not right in Georgia.
Are There Cyberterrorist Threats to Elections?
On the same day H.R.1 was introduced by Sarbanes, Rep. Sheila Jackson Lee (D-TX-18) introduced H.R.52 – SAFETI Act - the Security for the Administration of Federal Election from Terrorists Intervention Act of 2019. Unlike H.R.1, H.R.52 is short — just two pages …but what it calls for was enough to get our attention about an aspect not previously focused on…
Thinking and Acting Locally for the Nation’s Sake— A Strategy for Improving Election Security
This is the first of a two-part article by our Associate General Counsel and Director for International Development, Joy London, that considers a local, state-based strategy for improving the nation’s election security rather than purely a top-down federal approach.
A 116th Opportunity: New Congress to Offer Ambitious Election Reform Bill to Defend Democracy
We’ve said it many times and it bears worth repeating: foreign interference in U.S. elections is a threat to our democracy. The security of critical election infrastructure is the focal point of the OSET Institute’s mission. So, OSET leadership was pleased to learn that on January 3, 2019, the opening day of the 116th session of Congress, the newly elected House Democratic majority, led by Speaker-designate Rep. Nancy Pelosi (D-CA-12), will have its first order of legislative business—House Resolution #1 (“H.R.1”), a comprehensive election reform bill. The question is will H.R.1 become law, and be the change-agent needed to better defend democracy?
Will Foreign Adversaries Attack U.S. Midterm Elections or Elsewhere?
Most experts believe that Russia through the GRU, the intelligence arm of Russia's armed forces, will continue to interfere in U.S. elections on some level(s). Others are raising concerns about China and even Iran. There are many prognostications, but before commenting on any one theory, let’s review the multiple paths a malicious actor could use to compromise the 2018 American Midterms and upcoming elections in Europe…..
New Securing the Voting Report Details Settled Consensus Except for One Major Point
The National Academies of Sciences, Engineering, and Medicine (NASEM) new Report on election security released last Thursday among other things, verifies a settled consensus: a shift to all-paper-ballot elections coupled with Risk Limiting Audits. While the report makes several sound proposals, it has a significant blind spot…..
The Race to Secure our Elections: How Far Have we Come?
This article is the 1st of a two-part series on the state of America’s election infrastructure security with less than 4-months left to 2018 midterm election. Here I discuss the current situation and progress, and in the next post I will evaluate preparedness for the upcoming midterm in 110 days…
Shifting the Conversation from “Shoring-up” to “Re-engineering”
This afternoon a bipartisan group of authorities on election administration and cybersecurity presented a Congressional Briefing on current election security challenges facing federal and state policymakers. While it was a worthy discussion, I keep having this sinking feeling that we’re simply re-arranging furniture on the deck of a large cruise ship steaming toward an icebreaker in the dark…
OSET Institute to Attend Copenhagen Democracy Summit
We have some big news to share today: Members of our leadership team at the Institute have been personally invited to attend the inaugural Global Democracy Summit in Copenhagen, Denmark this week focused on improving the integrity and security of elections…
Election Vulnerabilities: No Exploit Too Small; No Impact Too Large
The American public is currently in the midst of a rude awakening as increasing numbers of reports diagnose the state of American cybersecurity, especially as it pertains to elections. The nature of attacks isn’t limited to election administration equipment. Lots of havoc can be wreaked just attacking voter services web site…
Recounting Cyberscoop's SF CyberTalks Election Security Panel
Our CTO John Sebes was a featured speaker at Cyberscoop’s recent San Francisco CyberTalks held last week in downtown San Francisco. A huge success, SF CyberTalks was a TED-like conference for the cyber-security leadership community that brought together top influential leaders from the cyber-security community, technology industry and the government. We recap the Election Security Panel discussion John participated on, including recaps of his comments and answers to the moderator’s questions.
Senate Intelligence Committee Announces Election Security Recommendations
The Senate Select Committee on Intelligence (SSCI) offered up its first set of draft recommendations today (Tuesday) from its on-going investigation of foreign intervention in American sovereignty—specifically our election processes including both campaigns and electioneering, and the actual process of election administration. They were announced earlier today with a press conference held by the Senate Select Committee on Intelligence. Those draft SSCI recommendations are as follows in this article with some commentary of our own...
Critical Democracy Infrastructure: Our Briefing Launches
We are pleased to announce the release of the OSET Institute’s Critical Democracy Infrastructure (CDI) Briefing. It’s been over a year in development. Early review by several in Government, Media, and Advisors tell us this may be the most important publication on the issue of election infrastructure yet. We humbly hope so. This Briefing provides a thorough review of the technology infrastructure of election administration and operation. We address its critical nature and what is required for it to be treated as such, and assess the challenges of official designation, as well as the immediate and longer-term challenges to protecting this vital aspect of our democracy...
Recapping Our 4 CAP Briefing Posts
You may wonder why we spent 4 blog posts reviewing and discussing the CAP Briefing. Here’s briefly why. This Briefing is the kind of substantive consideration and conversation America (e.g., election officials, U.S. security officials, policy strategists, policy makers, and other stakeholders) needs to be having right now. Any set of recommendations deserves fair, intellectually honest, and open consideration and debate...
Another Look at the CAP Briefing on Solving Election Security
We want to give credit to the great points the Center for American Progress recently made in their Briefing about election integrity. While we have some strategic differences, we generally endorse CAP’s tactical steps for improving election integrity in the near term. The CAP Briefing was well researched and brought together many points that are widely agreed upon by the election integrity community including the OSET Institute. Given Greg’s desire to limit the length of his response recently, and focus on the structural issue we’re so concerned about, we decided I would post a list here of the points we agree with and those we differ on...
Another Proposed Solution Set to Protect U.S. Elections
Danielle Root and Liz Kennedy at the Center for American Progress (“CAP”) published an important Briefing today highlighting nine solutions to secure America’s elections. The Briefing is well researched and offers a keen assessment of our current public elections’ average level of integrity. I want to say right up front, this is good and important work. What we offer as a review and comment here is intended to catalyze an intellectually honest conversation, and not to serve as some critique of their good work.
Is Foreign State Hacking of an Election An Act of War?
A couple of days ago Benjamin Dynkin, Barry Dynkin & Daniel Garrie, published an intriguing article in the New York Law Journal, “Hacking Elections: An Act of War?” (Subscription required.) The article is well heeled; Benjamin Dynkin is a law clerk at Grauman Law Group. Barry Dynkin is of counsel at the firm, where he heads the cyber security practice. Daniel Garrie is the editor-in-chief of the Journal of Law and Cyber Warfare and a partner at Zeichner Ellman & Krause. And its worth summarizing here food for thought (inasmuch as possibly some intellectual navel-gazing ;-)