voting and elections

PRESS RELEASE: Cambridge Global CEO Jake Braun Presents DEFCON Voting Village Report at LRPP Conference

June 28, 2018 (Singapore) - This week, Cambridge Global Advisors (CGA) was proud to announce that CEO Jake Braun presented the 7th Annual International Conference on Law, Regulations, and Public Policy (LRPP) in Singapore.  Hosted by the Global Science & Technology Forum (GTSF), the conference brings together public sector leaders from around the world to discuss the latest developments in legal, policy, and regulatory space.

Bruan’s presentation featured a discussion on the ground-breaking “Voting Machine Hacker Village” demonstration at last year’s DEFCON -- the largest, longest running hacker conference in the world. Coming at a time when intelligence and news was emerging about Russian-backed attempts to hack U.S. voting infrastructure during the 2016 election, the DEFCON Voting Village sought to serve as an awareness-building opportunity.  The Village assembled more than 25 pieces of election equipment including voting machines and pollbooks still widely used in U.S. elections today and made them accessible to thousands of hackers.

Following on the Voting Village demonstration, Braun and several other Village organizers co-authored an award-winning report, detailing the Voting Village findings. The report can be accessed here.

In presenting this report at the LRPP 2018 Conference, Braun furthered his efforts to raise awareness about the severity and pervasiveness of cyber threats facing not only the U.S. but also democracies around the world.

“Nefarious cyber actors, including but not limited to Russia, know no boundaries,” said Braun. “What the DEFCON Voting Village revealed last year is that this is election security a global problem that will continue to persist. We have to work together, across all nations, in the cyber, public policy and legal arena to make our elections more secure. LRPP gives one forum to start and continue this important conversation.”

The Voting Village is slated to run again at this year’s DEFCON, August 9-12, 2018, hosted annually in Las Vegas.

 

###

About CGA

Cambridge Global Advisors is a strategic advisory services firm with deep expertise at the global, national, state and local levels. CGA assists clients in the management, development, and implementation of their programs, practices, and policies – with a special emphasis on homeland and cybersecurity. CGA works with government, non-profit organizations, and Fortune 500 companies to provide consulting and project management services as well as public diplomacy, stakeholder engagement, and communications.  To learn more, visit www.cambridgeglobal.com or follow on Twitter at @camb_global

IN-THE-NEWS: CGA's Doug Lute tells USA Today about the national security implications of protecting our election infrastructure

This piece originally appeared in USA Today, December 7, 2017

Illinois' most populous county has a plan to keep hackers out, after the state's voter registration list was breached during last year's presidential race. There's one big sticking point: the money. 

The director of elections for Illinois' Cook County and a group including Ambassador Douglas Lute will present a strategy to bolster U.S. election systems' defenses against foreign intruders on Thursday. 

That roadmap comes with a request for the federal government to fund their plan, underlining a hurdle for many municipalities as they head into the 2018 midterm and 2020 presidential elections.

While last year's general election made clear the voting system was vulnerable to hackers, and the federal government has instructed the nation's 9,000 election officials to make their voting rolls safer, many municipalities lack funding to make these changes. 

The last time there was significant federal funding for election infrastructure at the local level was the Help America Vote Act of 2002, passed in the aftermath of the controversy surrounding the 2000 president election recount. That resulted in almost $3 billion in funds for new voting equipment

"For a relatively modest investment it seems to me that we can shore up the system significantly," Noah Praetz told USA TODAY.

His five-page plan, sponsored by Cook County Clerk David Orr and being presented at the University of Chicago's Harris School of Public Policy, is part of a broader effort by an ad hoc bipartisan group working to strengthen the U.S. election system after Russian intrusions during the 2016 U.S. presidential race. It calls on the federal government to aid states, laying out a list of 20 defense tactics election officials can take to protect election integrity.

"Make no mistake, this will be a painful and expensive undertaking," it reads.

Just how expensive isn't known. The U.S. election system is highly decentralized. Each jurisdiction has different staff, equipment and funding and must deal with differing local and state regulations governing elections.

For Cook County, which is responsible only for county-wide elections as the city of Chicago holds its own elections, "it's going to cost many millions." Praetz said he couldn't be more specific because the county is in the middle of a procurement process.

Even hundreds of millions is just "a rounding error of the defense department budget," said Lute, a retired three-star general who served under both Obama and George W. Bush.

"We're buying hard defense for America to the tune of $700 billion a year. And for literally less than one-one-thousandth of that, we could make dramatic inroads to secure our election systems. Which quite frankly may be more fundamental [to our security] than the next fighter plane," he said.

Russia will be back

The problem with Russia, which denied any interference in the U.S. election, isn't going to go away, say election officials. The 2016 attacks were a classic Russian intelligence military operation.

"Initially it is rather clumsy. They probe and they make mistakes and they get found out. But they also learn very quickly. I expect that in 2018 they will be back, with a much more sophisticated and targeted approach," said Lute, most recently the former United States Permanent Representative to the North Atlantic Council, NATO’s standing political body.

2016 was a heads up

The 2016 election was a watershed in terms of awareness about foreign election meddling. No one knows the problem better than Illinois, one of two states where federal authorities say Russian hackers succeeded in infiltrating the election system.

The hackers operated undetected for three weeks, viewing the records of 90,000 voters and, according to the Illinois State Board of Elections, attempted to delete or alter some voter data.

Time is also short. Illinois also is one of two states with the earliest primaries in the county, meaning its voters will go to the polls in March.

The white paper suggests the creation of a national digital network for local election officials to quickly share information about threats and incidents. This is in contrast to 2016, when officials in 21 states only learned they'd been targeted almost a year after the fact.

Next, every local and state election official should have a security officer on staff, to deal with these issues. 

The paper then goes on to outline a standard list of the things any company would implement to protect the security of its networks, but which election officials have overall been slow to roll out because of a lack of funding, knowledge and awareness of the dangers.

The final suggestion is the idea that every election jurisdiction needs to come up with a plan about how it will recover if it is hacked. That could mean paper backups of voter registration lists, storing paper ballots or saving digital scans of ballots.

"If we detect breaches and recover from them quickly, we will survive. And so will our democracy," the paper says.  

PRESS RELEASE: Cambridge Global Advisors CEO Jake Braun Receives O’Reilly Defender Award for Elevating U.S. Voting Infrastructure Cybersecurity Concerns

November 3, 2017 (New York, NY) – This week, CEO of Cambridge Global Advisors (CGA) Jake Braun was awarded the O’Reilly Defender Award for Research at the annual O’Reilly Security Conference in New York City.  The award “celebrates those who have demonstrated exceptional leadership, creativity, and collaboration in the defensive security field.” It was given to Mr. Braun for his recent contributions in the “Voting Machine Hacker Village” at DEFCON and for increasing awareness around cyber threats and vulnerabilities in U.S. election and voting infrastructure. 

The “Voting Village” was an innovative three-day demonstration (July 27-30, 2017) held in Las Vegas at DEFCON – the world’s largest, longest-running hacker conference – that assembled more than 25 pieces of election equipment including voting machines and pollbooks still widely used in U.S. elections today.  The Voting Village made them accessible to 1000+ hackers who were encouraged to test the technology and expose cyber vulnerabilities for educational purposes. The event’s concept was born out of U.S. intelligence reports regarding Russian attempts to interfere in the 2016 elections and the U.S. Department of Homeland Security’s recent confirmation that voter registration databases in at least 21 states were breached last year. 

Mr. Braun shared the O’Reilly Defender award with several other “Voting Village” colleagues including Matt Blaze (University of Pennsylvania), Joseph Lorenzo Hall (Center for Democracy & Technology), Harri Hursti (Nordic Innovation Labs), Margaret MacAlpline (Nordic Innovation Labs) and Jeff Moss (DEFCON).  Last month, this six-person team released a report on the Voting Village findings. Together, the team has been elevating concerns around vulnerabilities in U.S. election equipment and networks and is currently working to assemble stakeholders critical to invoking policy change at the federal, state and local level ahead of nationwide elections in 2018.

Speaking of the award, Jake Braun said: “The Voting Village was about exposing the weaknesses in our voting systems and finding ways to educate others, especially in light of what we know about Russia’s attempts to hack the 2016 Presidential Election. I am immensely proud of this award, which serves as a recognition that voting security is more than just a cyber or hacker issue. Protecting the vote is indeed a national security imperative that requires our leaders band together to find solutions.”

In addition to his CEO role at CGA, Mr. Braun currently serves as a faculty member at the University of Chicago where he teaches cybersecurity policy. He is also a former White House and Public Liaison for the U.S. Department of Homeland Security and remains an advisor to DHS and the Pentagon on cybersecurity issues.