Tag Archives: Russian election interference

Our Weekly Fresh Horrors

Gee, what fresh horror would make for a nice blog post today?

#1. We could start with this analysis of Orange Blossom’s perfectly inane trade policy, as expounded by conservative economist Walter Block in the not-so-failing New York Times:

“The negative consequences of a trade war will soon be felt, if they aren’t already. Even if the United States avoids trade conflict with Europe, tariffs on steel and aluminum from China, Mexico and Canada will raise domestic prices, hurting consumers. And the administration is likely to find itself subsidizing voters who purchase these items or who are hurt when other countries slap tariffs on American goods in retaliation — mainly farmers, manufacturers and builders.”

Perhaps the color coded cue cards were insufficient to explain BASIC economics to our special Orange Blossom during his meetings with EU officials.  Is there an emoji for putting both of one’s hands palm forward into one’s face? I could use one right now.

#2.  Also from the New York Times — the Feds announce they’ve met the deadline for reuniting children with their migrant parents. However, there’s this little Oops paragraph in the article:

“But in a day that saw government officials and community volunteers scrambling to bring families together, multiple reports of failed reunifications raised questions about whether the deadline had in fact been met. Further confusing the issue was a change in the way the government tallied its progress, with the latest report counting children rather than parents, a reversal from prior reports.”

So, if they can’t reunify families, then they simply reclassify the children and/or parents to say they aren’t eligible for reunification!  Whee. How convenient.   Yes Sir, I could say I really stuck to my pledge to make healthier eating choices — IF we don’t count the two chocolate chip cookies, the can of Pepsi, the chips, the cheeseburger, the … you get the idea. There are still some 700 children not reunited with family.  And when the ADL is putting out warnings about what happens to children separated from parents, as in what happened during the Holocaust, maybe we should be paying attention.  I really do need that double face-palm emoji thing.

#3.  The Ruskies are still here. As in still attacking our American electoral system; as in attacking the McCaskill Senate campaign in Missouri.  They also appear to have attacked two other campaigns. This isn’t “history,” this is current events.  There’s more at “The Hacking of America,” on Slate.   The article isn’t exactly pleasant reading, but it’s recommended as a reminder that God helps those who help themselves, and DHS is talking about new initiatives with 90 day timelines.   90 days?  What happened to getting a start on this, say some 1 year, 188 days, and 2 minutes (as of now) ago?

#4.  Special concern for the people in the Redding, California area.  The news on that fire front is horrible. Up here in cheat grass country we lucked out during the Holloway Complex Fire in 2014.  There’s nothing quite so chilling as the sound of a local deputy on a bull horn announcing a preliminary notice of an evacuation order.  I don’t wish it on anyone.  Please, California neighbors, stay safe!

Comments Off on Our Weekly Fresh Horrors

Filed under Economy, elections, Immigration, Politics

If the Administration Won’t Pay Attention to Russian Interference Then We Must

The good news:  “Nevada is organizing cybersecurity under a new central hub, according to the Secretary of State’s Office, and is among more than 35 states sending officials to a cyber security incident response training at the Harvard Kennedy School’s Belfer Center in Massachusetts later this month.” [LVSun 3/18]  That’s the good news…it’s more questionable to observe it’s been 530 days since the Department of Homeland Security first issued a warning about Russian interference in our national elections.

“The Obama administration on Friday formally accused the Russian government of stealing and disclosing emails from the Democratic National Committee and a range of other institutions and prominent individuals, immediately raising the issue of whether President Obama would seek sanctions or other retaliation.

In a statement from the director of national intelligence, James R. Clapper Jr., and the Department of Homeland Security, the government said the leaked emails that have appeared on a variety of websites “are intended to interfere with the U.S. election process.” [NYT 2016]

Nevadans have been assured the state was not a direct target of election interference at the systemic level. [LVSun 3/18]  In other good news Nevada did address the cybersecurity matter in AB 471 the title of which was:

“An act relating to cybersecurity; creating the Nevada Office of Cyber Defense Coordination within the Department of Public Safety; providing for the powers and duties of the Office; requiring the Nevada Commission on Homeland Security to consider a certain report of the Office when performing certain duties; providing for the confidentiality of certain information regarding cybersecurity; requiring certain state agencies to comply with the provisions of certain regulations adopted by the Office; and providing other matters properly relating thereto.”

Translation from the legalese: Nevada took coordinating cybersecurity seriously enough to require state agencies to get on the same page.  This includes the Secretary of State’s office and its related election jurisdiction.

It would be nice if the federal government were taking this issue as seriously as the states.   A quick review:  On December 9, 2016 President Obama ordered a review of Russian attempts to “hack” the American elections. The president-elect dismissed the warnings from the intelligence community saying in effect these were the people who said Iraq had WMDs. [USAT]  On December 28, 2016 President Obama expelled 35 Russian diplomats and closes Russian compounds in New York and Maryland.  Nothing happens officially to punish Russian agencies and individuals during the early months of the current administration.  On May 17, 2017 the Justice Department appoints Special Counsel Robert Mueller who is tasked with discovering if any US laws were violated on the part of US citizens and others.

As news of Russian interference trickled out in the press more interest in the issue came from congressional quarters, Senator Lindsey Graham (R-SC) introduced S. 341 (Russian Sanctions Review Act) on April 27, 2017.  By July the interest increased to the point that HR 3364 passed the Congress almost unanimously, it was signed into law on August 2, 2017.  No action was taken by the executive branch to implement the requirements of the law immediately.

Indeed, it was March 15, 2018 before the Department of the Treasury issued enhanced sanctions on Russia, releasing the following statement:

Today, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated five entities and 19 individuals under the Countering America’s Adversaries Through Sanctions Act (CAATSA) as well as Executive Order (E.O.) 13694, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities,” as amended, and codified pursuant to CAATSA.

The list of individuals and entities sanctioned was remarkably similar to the Mueller investigation list of those indicted for interference and illegal activities.

The current administration has not convened any cabinet level coordinated meetings to date regarding Russian interference in US elections, a sore point with Senator Benjamin Cardin who issued a minority report from his Senate committee. [pdfOne recommendation was prescient:

“U.S. and European governments should mandate that social media companies make public the sources of funding for political advertisements, along the same lines as TV channels and print media. Social media companies should conduct comprehensive audits on how their platforms may have been used by Kremlin-linked entities to influence elections occurring over the past several years, and should establish civil society advisory councils to provide input and warnings about emerging disinformation trends and government suppression. In addition, they should work with philanthropies, governments, and civil society to promote media literacy and reduce the presence of disinformation on their platforms.”

And, so we continue. The president congratulated Putin on the occasion of his reelection in an election characterized by eliminating competition and blatant voting fraud.  Nevertheless, the drip continues… reports of social media manipulation, stories about the machinations of the super PACs, Cambridge Analytical, Facebook, and so forth. We know that 21 states were “hacked” in 2016, we know that one was penetrated, and we know that Nevada — fortunately — wasn’t one of them. However, that doesn’t mean we don’t have a stake in this game.

We owe it to ourselves to keep track of state efforts to thwart foreign efforts to attack our voting security systems.  We need to think about the security of our state election rolls and related systems. We need to support efforts to improve the technical acumen of our state and local election officials.  We need periodic updates from our Secretary of State on steps taken by our government to upgrade our voting equipment, and secure our registration.  We also need to pay more attention to how social media is used and abused to cause disruptions to our politics and political discussions. We need to pay attention.

Comments Off on If the Administration Won’t Pay Attention to Russian Interference Then We Must

Filed under elections, Nevada politics, Politics

The Great Dud: What We’re Not Hearing About the GOP Memo and Related Fiasco

The memo was released.  What followed ranged from protestations of great transparency (from an administration which won’t release tax returns and visitor logs) and great outrage from the loyal opposition decrying partisanship because their rebuttal was inexplicably (except we know why) delayed.  And then there was the Great Yawn.

it was rather like being promised a fireworks display only to find that the show would consist of one Roman Candle, two Sparklers, and a half string of firecrackers.  However,  what has not yet been discussed in any depth may be more interesting than all the preliminary hype and post-game interviews to date.

(1) There still seems to be an attempt on the part of the Republicans to anchor their arguments on a slender premise: The Steele memos informed the FISA application, the Steele memos were paid for by the Clinton Campaign, therefore the Steele memos are unreliable.  Here’s why I think that’s a questionable assumption.  What the Clinton Campaign was paying for was OPPOSITION RESEARCH.  When purchasing the services of opposition research consultants it is assumed that the campaign is buying accurate information, because only the most naive politician doesn’t know that if the opposition research is inaccurate, and the fruits of that research are used, the result is an inevitable backfire.  Usually a very expensive backfire.  Generally a very expensive and embarrassing backfire.

Hence, the better question may well be what does the public information we have to date from the various Russian interference investigations show about the accuracy of Steele’s report?

(2) There have been a few timelines constructed concerning the possible engagement of the Trump Campaign with various and sundry Russians and Russian government contacts.  These are useful, but only serve to describe the interactions during the Campaign and the transition.  What is missing is evidence clarifying the basis for these interactions.

At this point it appears journalists are investigating if and how the Trump Campaign and the Russians interacted, but not necessarily why they were doing so.  Given there was the infamous Trump Tower meeting about the potential lifting of sanctions (Magnitsky Act) then why did the Russians presume that their own opposition research on the DNC and Clinton Campaign would be a valuable bargaining chip with the Trump Campaign?

Of all the sources of opposition research available from all quarters of the globe in this interactive age, why was it the Russians with whom the Trump Campaign met to discuss the acquisition of information?

(3) The defense tactics of the current administration are interesting, but not necessarily crucial to the central question of what Americans can do to minimize the possibility of Russian interference during future election cycles. We might come to more definitive ideas about candidate propensities for conspiring with hostile powers or persons, but that doesn’t address how we can prevent: Hacking voter databases? Interfering with vote counts in elections conducted using vulnerable electronic voting machines? Manipulating voter information data? Inserting false information into social media streams?  Promoting divisive topics and themes on social media platforms?

If we assume we were hacked, and we know that at least 21 states were targets, then what actions have been taken by the administration and the Congress to alleviate this kind of interference?  The answer to this question as of now appears to be “nothing.”  Arguing about the substantiation for a single FISA court surveillance warrant doesn’t advance our understanding of election interference and its techniques.

There is a tendency in the corporate media to chase shiny objects.  The White House legal defense tactics are intriguing, but they should never be mistaken for the core of the election interference issue.

 

1 Comment

Filed under Politics

The Problem Of Focus: Viewing the Russian Interference Issue

At the risk of redundancy, please remember the findings and suggestions in the Cardin Report:

Putin’s Asymmetrical Assault on Democracy in Russia and Europe: Implications for U.S. National Security,” finds that President Trump’s refusal to publicly acknowledge the threat posed by the Russian government has hampered efforts to mobilize our government, strengthen our institutions, and work with our European allies to counter Putin’s interference in democracies abroad.

Never before in American history has so clear a threat to national security been so clearly ignored by a U.S. president, and without a strong U.S. response, institutions and elections here and throughout Europe will remain vulnerable to the Kremlin’s aggressive and sophisticated malign influence operations.

Notice the three elements incorporated in this introduction.  We haven’t mobilized our federal agencies into preventative action. We haven’t strengthened our political institutions to prevent further incursions from Russia.  Nor have we cooperated fully with European allies to prevent more interference.

The current occupant of the Oval Office and his apologists appear to define Russian meddling only in terms of electoral results, if the Russian interference didn’t cause any change in the voting returns then there was no big problem, and hence no sense of urgency in addressing the Russian bots, trolls, and other efforts.  There has been no cabinet level meeting to date during which the Russian Interference constituted a major agenda item.  Recall AG Jefferson B. Sessions’ statement last October:

“We’re not,” Sessions said, when asked by Sen. Ben Sasse, R-Neb., if the government is taking adequate action to prevent meddling in its elections. “The matter is so complex that for most of us we’re not able to fully grasp the technical dangers that are out there.”

Sessions said he accepts the U.S. intelligence community’s findings that Russia interfered with the 2016 election and may attempt to do so again. He said the Justice Department has been aggressively looking into the stealing of trade secrets in the private sector and noted that the FBI’s computer experts are also highly trained.

“Are we at the level we need to be yet? I don’t think so,” Sessions conceded.”

Sessions made the statement in mid-October 2017, if finger counting is correct that’s 8 months since the onset of the current administration. Nor has the Cyber-security page on the DoJ been updated since that date.  “Are we at the level we need to be yet?”  I don’t think so either.

The Department of Homeland Security also has a cyber-security component.  DHS describes its concerns:

“Cyberspace and its underlying infrastructure are vulnerable to a wide range of risk stemming from both physical and cyber threats and hazards. Sophisticated cyber actors and nation-states exploit vulnerabilities to steal information and money and are developing capabilities to disrupt, destroy, or threaten the delivery of essential services.”

The idea that the Russians might be profoundly interested in disrupting the delivery of essential electoral services doesn’t seem to have moved to the top of the department’s concerns, at least not to the point of making any special reference to those instances of interference.  There is a draft of a DHS publication on cyber-security efforts (pdf) available online for the purpose of public comment, published this month.  At this point let’s review the Cardin Report summation of the problem, and then read a portion of the DHS Draft Report on what might be the same subject.

Cardin Report: “Mr. Putin has thus made it a priority of his regime to attack the democracies of Europe and the United States and undermine the transatlantic alliance upon which Europe’s peace and prosperity have depended upon for over 70 years. He has used the security services, the media, public and private companies, organized criminal groups, and social and religious organizations to spread malicious disinformation, interfere in elections, fuel corruption, threaten energy security, and more.”

 DHS Draft 1-5-18: “Given the networked nature of the risks, real coordination is necessary to fully understand the problem and identify paths to solutions. While the information technology and communications sectors do actively work to understand security risks, sectors often are unable to coordinate well with other sectors. Even though some entities coordinate domestically or regionally, there are few global mechanisms to share information about threats, solutions, and their adoption and efficacy. In many cases, lack of clarity around roles and responsibilities has impeded collective action, resulting in security failures.”

At no point in the draft does one find any specific reference to interference in political institutions and operations.  A generous interpretation might be that political interference is included in the general category of infrastructure.

In short there’s not much in the DHS Draft which would offer any Nevada voter, of any stripe, comfort as to the security of our political institutions, or our election processes.  In fact, a quick reading of the draft leaves the impression that the issue of political cyber-security is left to the private sector, and market forces, whatever that might be.

Therefore, we’re back where we started, with a federal Executive Branch unable or unwilling or un-directed to develop specific guidelines or regulations toward preventing Russian interference in political matters and a market (Google, Facebook, Twitter) adrift and stumbling around what they may perceive as business and public relations pot holes on the road to prosperity.

“Russian trolls sought to steer Facebook users toward events, even protests, around contentious issues like immigration. In its response to Congress, published Thursday, Facebook elaborated that Kremlin-aligned agents created 129 events on 13 of its pages. Roughly 338,300 unique accounts viewed these events, while 25,800 accounts indicated they were interested and about 62,500 said they would attend. “We do not have data about the realization of these events,” Facebook explained.”

“Google, meanwhile, previously informed Congress that it had discovered that Russian agents spent about $4,700 on ads and launched 18 channels on YouTube, posting more than 1,100 videos that had been viewed about 309,000 times.”

“And Twitter told lawmakers at first that it found 2,752 accounts tied to the Russia-aligned Internet Research Agency. Last week, however, the company updated that estimate, noting that Russian trolls had more than 3,000 accounts — while Russian-based bots talking about election-related issues numbered more than 50,000.”  [Recode]

There does seem to be some movement from social media operations, however nothing in the draft appears to directly address any specific assistance to state and local governments trying to secure their election rolls, ballot security, and count integrity.  Not to put too fine a point to it, but the DHS draft reads like it was crafted by the Chamber of Commerce not law enforcement agencies.  A wide and highly generalized focus such as the one presented in the DHS draft doesn’t exactly offer much satisfaction to those voters seeking an answer to the problem: What are we doing about Russian interference?

PS: “The Departments are requesting comment, asking for further insight into the issues and goals raised by the report, as well as the proposed approach, current initiatives, and next steps. The draft will be finalized based on adjudication of received comments before submission to the President. The final report is due to the President on May 11, 2018.” <https://www.ntia.doc.gov/report/2018/report-president-enhancing-resilience-internet-and-communications-ecosystem-against&gt;

Comments Off on The Problem Of Focus: Viewing the Russian Interference Issue

Filed under Nevada politics, oversight, Politics, Public Records, public safety

The Happy Hackers Bill approved by House Republicans

One of the major ironies of the past few days is that the administration’s fraudulent anti-voting fraud commission is asking for bundles of private voter information from the 50 states, all the while dismissing Russian interference in the 2016 election as a hoax, AND submitting a budget which we’ve known for some time would eliminate the ONE federal agency tasked with assisting state and local governments with election security.

“House Republicans are taking aim at a small federal agency that helps provide election oversight and guidance, saying its functions are no longer necessary.

A spending bill from the House Appropriations Committee unveiled Thursday would give the Election Assistance Commission 60 days to terminate itself. The small agency was created after the tightly contested 2000 presidential election. It has an annual budget of about $10 million and had just 31 employees on its rolls as of March. The agency writes election management guidelines and develops specifications for testing and certifying voting systems, among other tasks.” [GovExec]

The bill, introduced by Rep. Gregg Harper (R-MS), would hand the powers and duties of the Election Assistance Commission to the Federal Election Commission, and the little agency responsible for “developing specifications for testing and certifying voting systems” would fold up and go away under the terms of HR 634.

The tribulations and gridlock in the Federal Election Commission are well known and documented: Investigations stalled, dark money flowing freely, enforcement delayed and denied. In short a scene of “dysfunction and deadlock.”  [NYT]  Failures to investigate, and 3-3 vote ties stifling further investigations. [NBC] Thus, the Harper bill would deliver election security responsibilities to a commission already in the throes of partisan gridlock and as they say so politely, “dysfunction.”

Republicans on the Administration Committee [Harper (R-MS), Davis (R-IL), Comstock (R-VA), Smith (R-NE),  Walker (R-NC), and Loudermilk (R-GA)] voted to send the bill forward;  Democratic Representatives Brady (D-PA), Lofgren (D-CA) and Raskin (D-MD) voted “no.”  So, what do these lawmakers want to hand over the the stalemated FEC?  The part which should interest us the most at the moment is this segment from the EAC:

“EAC Certification Program is to provide clear procedures to Manufacturers for the testing and certification of voting systems to specified Federal standards consistent with the requirements of HAVA Section 231(a)(1).

Under this program, the testing and review process requires the completion of an application, employment of an EAC-accredited laboratory for system testing, and technical analysis of the laboratory test report by the EAC. The result of this process is an Initial Decision on Certification.”

It doesn’t take much effort to interpret this task as the foundation of standards for the certifying and testing of election systems.   Republicans may argue that this could be done under the auspices of the Department of Homeland Security, but this seems hollow since the bill doesn’t transfer the duties to DHS, it just wipes the EAC off the map.  The EAC already maintains a list of certified election systems,  and those which have been terminated.   The Republicans appear quite pleased to take the constable off the beat, and hope that someone, somewhere, will prevent the development and certification of voting systems from becoming the Wild West of slackers, partisan backers, and hackers.

If eliminating the EAC isn’t the answer, what might be?   The Brennan Center issued a report on “Security Election Systems from Foreign Interference,”  in a forward by former CIA Director James Woolsey,” he observes:

“In the last few months, we have learned extraordinary details about a Russian assault on our election infrastructure. While there is no evidence that this assault altered the vote count, that fact should be cold comfort as we look to protect ourselves against future attacks.”

One doesn’t have to be an expert on cybersecurity or election technology to understand how dangerous this is. Based on my experience, as a former Director of Central Intelligence, and in service to this country under both Democratic and Republican Presidents, I am confident the Russians will be back, and that they will take what they have learned last year to attempt to inflict even more damage in future elections. In particular, their history of interfering in other nations’ politics, their antipathy to the United States and Western democracies generally, and their proven ability to multiply the impact of their actions through cyberattacks should put us on the highest alert, and spur us to take all necessary actions to protect ourselves from further attack.”

In summary form, Ambassador Woolsey is convinced the Russians will be back, they will apply “lessons learned” evaluations, and they will attempt to cause even more damage in the future.  If the former CIA Director is correct, and there’s no logical reason to believe otherwise, this is hardly the time to terminate any programs to help state and local election officials secure their systems.  In fact, it’s time to do more, as outlined by the Report:

“What more must be done? The key security measures detailed in this report are the right place to start: replace paperless electronic machines, upgrade the hardware and software that supports voter registration, and conduct post-election audits to confirm the results.

These are common-sense solutions that will increase security and public confidence in the integrity of our system. Importantly, they will do so without interfering with the right of any eligible citizen to participate in the choice of who will govern the nation.”

Some of these recommendations are squarely in the EAC wheelhouse, others will require additional support for local and state election officials.

The good news is that the decentralization of American voting systems makes a concerted attack extremely difficult, there are 8,000 voting jurisdictions, and about 100,000 polling places.  However, this doesn’t mean that we should be taking much comfort from our fragmented system, because the bad news is that some jurisdictions are using antiquated equipment with operating systems no longer supported by vendors (and thus are easier to attack.)  States and localities have made progress toward greater technical voting system security since 2004, but now is no time to rest upon laurels and declare “we’re Safe!” merely because vote totals are difficult to alter.

There’s also the matter of voter registration data security.  Again, the Brennan Center recommends:

“State and local governments must fully identify potential avenues for attacking voter registration systems, mapping out all of the entities that interact with that system, and implementing mitigation strategies where weaknesses are identified. The consensus among experts interviewed by the Brennan Center is that this should be done on a regular basis, but that many states are unlikely to have completed this kind of comprehensive risk assessment in the last few years, despite the fact that both registration systems and cyber threats have evolved enormously over that time.”

Putting a more blunt perspective on it:  The risk assessment tools used to evaluate the security of voter registration data which were judged “state of the art” just a couple of years ago may now be as outdated as that Motorola StarTAC clam shell mobile phone  sitting in the bottom of someone’s junk drawer.   Add to this the notion that the Administration’s fraudulent Fraud Commission wants to centralize voter registration data from 50 states all in one convenient place — thus making it a handier target for our adversaries — and we lose the advantages of decentralization while making life easier for those wishing to practice their “foreign interference.”

There is a bill in the Congress well worth supporting, introduced by Derek Kilmer (D-WA), HR 1344, under its terms the Department of Homeland Security would assist local and state government officials as follows:

“The Department of Homeland Security (DHS) may award states with planning and biennial implementation grants under the program to:

adopt cybersecurity best practices;
mitigate talent gaps in government workforces;
protect public safety answering points, emergency communications, and continuity of communications during catastrophic disruption;
mitigate threats to critical infrastructure or key resources;
coordinate with neighboring states or countries, National Guard units, or information sharing and analysis organizations; and
establish scholarships or apprenticeships to provide financial assistance to state residents pursuing cybersecurity education who commit to working for state government.
The bill sets forth requirements for distribution of awarded amounts to local and tribal governments within states and for consultation with local and regional officials.

The Committee for Cyber Resiliency Grants is established to: (1) promulgate guidance for states to develop applications for such cyber resiliency grants; (2) provide DHS and states with recommendations regarding the approval of state plans or applications; and (3) evaluate, and report to Congress regarding, the progress of states in implementing plans.”

We’d be well advised to contact our Representatives and recommend they oppose HR 634 (perhaps on the theory that the fact we have a Navy doesn’t obviate the need to also have a Coast Guard) and to support HR 1344.

This is hardly the time to make the hackers any happier.

Local Contact Information: 

Representative Mark Amodei (R-NV2) Phone: (775) 686-5760

Representative Dina Titus (D-NV1) Phone: (702) 220-9823

Representative Ruben Kihuen (D-NV4)  (702) 963-9360

Representative Jacky Rosen (D-NV3)  (702) 963-9500

Comments Off on The Happy Hackers Bill approved by House Republicans

Filed under Nevada Congressional Representatives, Nevada politics, Politics, Vote Suppression, Voting