Weak state or federal guidance leaves many cybersecurity companies doing whatever they want.
The Guardian (4/23/19)
Maryland congressman Jamie Raskin is a newcomer to the cause of reforming America’s vote-counting machines, welcomed through baptism by fire. In 2015, Maryland’s main election system vendor was bought by a parent company with ties to a Russian oligarch. The state’s election officials did not know about the purchase until July 2018, when the FBI notified them of the potential conflict.
The FBI investigated and did not find any evidence of tampering or sharing of voter data. But the incident was a giant red flag as to the potential vulnerabilities of American democracy – especially as many states have outsourced vote-counting to the private sector. After all, the purchase happened while Russian agents were mounting multiple disinformation and cybersecurity campaigns to interfere with America’s 2016 general election.
There are no technical standards from the US federal government on the security of voter registration systems.
“To say that they don’t have any evidence of any wrongdoing is not to say that nothing untoward happened,” Raskin said. “It’s simply to say that we don’t have the evidence of it.”
The fact is that democracy in the United States is now largely a secretive and privately-run affair conducted out of the public eye with little oversight. The corporations that run every aspect of American elections, from voter registration to casting and counting votes by machine, are subject to limited state and federal regulation.
The companies are privately-owned and closely held, making information about ownership and financial stability difficult to obtain. The software source code and hardware design of their systems are kept as trade secrets and therefore difficult to study or investigate.
The market for election vendors is small and the “customer base” mostly limited to North America and centered on the US, meaning that competition is fierce. The result is a small network of companies that have near-monopolies on election services, such as building voting machines. Across the spectrum, private vendors have long histories of errors that affected elections, of obstructing politicians and the public from seeking information, of corruption, suspect foreign influence, false statements of security and business dishonesty.
But these companies are the safekeepers of American democracy.
A corner of the computer security world has been sounding the alarm since voting machines were adopted after the punch-card disaster of the 2000 election recount in Florida. …
- “Free Fall”: Turmoil Consumes White House Team Guiding Feds’ Tech Strategy — The White House team that ensures federal agencies build better technology and defend networks from hackers is plagued by cratering morale — jeopardizing efforts to modernize the government and protect sensitive data from spies and cybercriminals. Few Americans may have heard of the Office of the Federal Chief Information Officer, but the unit inside the Office of Management and Budget coordinates tech improvements across the government, helping agencies boost cybersecurity and manage technology and cybersecurity budgets that totaled $105 billion in the past fiscal year. But many OFCIO employees are overwhelmed by unclear and changing priorities, while others are simply checked out or feeling increasingly marginalized, according to an internal February staff survey that POLITICO obtained … Read the Rest
(Commoner Call cartoon by Mark L. Taylor, 2019. Opn source and free for non-derivative use with link toe www.thecommonercall.org )