Posted on 08/03/2016 12:02:02 PM PDT by silentknight
http://www.nytimes.com/2016/08/04/us/politics/us-seeks-to-protect-voting-system-against-cyberattacks.html?_r=0
(Excerpt) Read more at nytimes.com ...
Not to worry!! Just think how we have the DOJ, the IRS, the FBI, the State Dept, and the WH. Some federal takeover of the elections would not doubt be run with just as much integrity. (/s)
I am starting to think this election might actually be stolen. It would not surprise me if they try to make sure Trump never makes it to the election.
We are dealing with very dangerous enemies of the state.
Oh, thank heaven... they are “protecting” the voting system... we are all saved now...
It sounds to me as though the DemocRATS are concerned that the hackers will expose the voter fraud they’re going to commit in November.
Minimum idiocy here: the Left’s urge to centralize EVERYTHING in life and create more problems than it ever solves
Maximum idiocy here: the takeover of an entire Federal election by a Leftist Executive branch
Reality: somewhere in between
This means they are actively seeking ways to infiltrate and hack the system.
The password is “1-2-3-4-5.”
Bingo!
Or this is a setup. Election is over. Trump wins. Obama says there was tampering within the system. Nulls the results.
Just sayin
“U.S. Seeks to Protect Voting System Against Cyberattacks”
Of course the U.S DOES NOT HAVE ANY “Voting System” to protect. Voting systems of various technologies are owned and maintained by the States. Poorer states have less expensive ones.
Jeepers, any idiot like me who worked professionally in local elections administration for years knows this fact.
They would have to influence the electoral college members in every state to do so. There isn’t any Federal Voting System Department - the states each send their own results. Thank God.
Must be worried about getting caught cheating again.
Why bother? The enemy is domestic and on the inside! His name is “DEMOCRAT”.
For those of you who STILL don’t believe that our elections are being STOLEN. I share the tears of the lady who wept at the thought that countless thousands have died and suffered to secure a process now being warped (Trump correctly calls it “RIGGED”!) by the very evil and dangerous forces now at work destroying this country.
If after watching the 8 minute embedded video you are not ANGRY AS HELL, see if you can still fog a mirror!
https://intellectualfroglegs.com/whos-watching-watchers-ge…/
Relates to 08/02/2016 news:
http://freerepublic.com/focus/f-news/3455838/posts
America’s Electronic Voting Machines Are Scarily Easy Targets | WIRED
Wired ^ | 08/02/2016 | Brian Barrett
Posted on Tue Aug 2 17:17:23 2016 by MarchonDC09122009
America’s Electronic Voting Machines Are Scarily Easy Targets | WIRED
https://www.wired.com/2016/08/americas-voting-machines-arent-ready-election/
When people think that people think about doing something major to impact our election results at the voting machine, they think they’d try to switch results,” says Norden, referring to potential software tampering. “But you can do a lot less than that and do a lot of damage… If you have machines not working, or working slowly, that could create lots of problems too, preventing people from voting at all.”
The extent of vulnerability isn’t just hypothetical; late last summer, Virginia decertified thousands of insecure WinVote machines. As one security researcher described it, “anyone within a half mile could have modified every vote, undetected” without “any technical expertise.” The vendor had gone out of business years prior.
The WinVote systems are an extreme case, but not an isolated one. Other voting machine models have potentially vulnerable wireless components; Virginia’s just the only one where a test proved how bad the situation was.
The worst part about the current state of voting machines is that they don’t even require outside interference to undo an election. “They’re all computers. They run on tens of thousands of lines of code,” says Norden. “It’s impossible to have a perfectly secure, perfectly reliable computer.”
That’s true, but in fairness, most computers aren’t quite this imperfect, either.
If they steal it, they’ll get a war.
Sounds like something you’d use on your luggage.
And:
And current DEFCON hacking conference attended by gov’t security agencies:
DEFCON August 2016 Agenda
Topic:
Trust, But Verify: Auditing Proprietary Digital Recording Election Systems
Robert J. Hansen, Researcher, ACCURATE
Abstract:
In 2006 the Help America Vote Act (HAVA) rid the country of lever voting machines and punchcard ballots, and gave the states enormous budgets for buying electronic voting machines.
What’s still unresolved is how these electronic voting machines are going to be audited.
Trying to keep track of many different vendors, each of which has many different machines, is like getting lost in a funhouse hall of mirrors.
Yet, there is good news.
The National Science Foundation has established a research group for electronic voting, ACCURATE.
In this presentation, an ACCURATE researcher will start talking about the thorny problem of making sure voting machines are playing fair.
Existing technologies, both proprietary and open source, will be criticized; and new technologies will be presented.
Bio:
Robert J. Hansen has a Bachelor of Arts in Computer Science, Cornell College, 1998. Master of Computer Science, the University of Iowa, 2006. Chief Security Geek for Yomu Inc., 2000. Cryptographic Engineer for PGP Security, 2000-2001.
https://www.defcon.org/html/defcon-14/dc-14-speakers.html
4 posted on Wed Aug 3 12:14:38 2016 by MarchonDC09122009 (When is our next march on DC? When have we had enough?)
And finally -
The timing couldn’t be any better for gov’t diligence to ensure election integrity.
Its certainly encouraging that the DOJ is in charge of Cyber Incident coordination...
Jeh J is on it:
“the Department of Justice, acting through the Federal Bureau of Investigation and the National Cyber Investigative Joint Task Force, shall be the Federal lead agency for threat response activities.
The Department of Homeland Security, acting through the National Cybersecurity and Communications Integration Center, shall be the Federal lead agency for asset response activities.
The Office of the Director of National Intelligence, through the Cyber Threat Intelligence Integration Center, shall be the Federal lead agency for intelligence support and related activities.”
Presidential Policy Directive — United States Cyber Incident Coordination | whitehouse.gov
The White House
Office of the Press Secretary
For Immediate Release
July 26, 2016
Presidential Policy Directive — United States Cyber Incident Coordination
July 26, 2016
PRESIDENTIAL POLICY DIRECTIVE/PPD-41
SUBJECT: United States Cyber Incident Coordination
The advent of networked technology has spurred innovation, cultivated knowledge, encouraged free expression, and increased the Nation’s economic prosperity. However, the same infrastructure that enables these benefits is vulnerable to malicious activity, malfunction, human error, and acts of nature, placing the Nation and its people at risk. Cyber incidents are a fact of contemporary life, and significant cyber incidents are occurring with increasing frequency, impacting public and private infrastructure located in the United States and abroad.
United States preparedness efforts have positioned the Nation to manage a broad range of threats and hazards effectively. Every day, Federal law enforcement and those agencies responsible for network defense in the United States manage, respond to, and investigate cyber incidents in order to ensure the security of our information and communications infrastructure. The private sector and government agencies have a shared vital interest in protecting the Nation from malicious cyber activity and managing cyber incidents and their consequences. The nature of cyberspace requires individuals, organizations, and the government to all play roles in incident response. Furthermore, effective incident response efforts will help support an open, interoperable, secure, and reliable information and communications infrastructure that promotes trade and commerce, strengthens international security, fosters free expression, and reinforces the privacy and security of our citizens.
While the vast majority of cyber incidents can be handled through existing policies, certain cyber incidents that have significant impacts on an entity, our national security, or the broader economy require a unique approach to response efforts. These significant cyber incidents demand unity of effort within the Federal Government and especially close coordination between the public and private sectors.
I. Scope
This Presidential Policy Directive (PPD) sets forth principles governing the Federal Government’s response to any cyber incident, whether involving government or private sector entities. For significant cyber incidents, this PPD also establishes lead Federal agencies and an architecture for coordinating the broader Federal Government response. This PPD also requires the Departments of Justice and Homeland Security to maintain updated contact information for public use to assist entities affected by cyber incidents in reporting those incidents to the proper authorities.
II. Definitions
Cyber incident. An event occurring on or conducted through a computer network that actually or imminently jeopardizes the integrity, confidentiality, or availability of computers, information or communications systems or networks, physical or virtual infrastructure controlled by computers or information systems, or information resident thereon. For purposes of this directive, a cyber incident may include a vulnerability in an information system, system security procedures, internal controls, or implementation that could be exploited by a threat source.
Significant cyber incident. A cyber incident that is (or group of related cyber incidents that together are) likely to result in demonstrable harm to the national security interests, foreign relations, or economy of the United States or to the public confidence, civil liberties, or public health and safety of the American people.
III. Principles Guiding Incident Response
In carrying out incident response activities for any cyber incident, the Federal Government will be guided by the following principles:
Shared Responsibility. Individuals, the private sector, and government agencies have a shared vital interest and complementary roles and responsibilities in protecting the Nation from malicious cyber activity and managing cyber incidents and their consequences.
Risk-Based Response. The Federal Government will determine its response actions and the resources it brings to bear based on an assessment of the risks posed to an entity, our national security, foreign relations, the broader economy, public confidence, civil liberties, or the public health and safety of the American people.
Respecting affected entities. To the extent permitted under law, Federal Government responders will safeguard details of the incident, as well as privacy and civil liberties, and sensitive private sector information, and generally will defer to affected entities in notifying other affected private sector entities and the public. In the event a significant Federal Government interest is served by issuing a public statement concerning an incident, Federal responders will coordinate their approach with the affected entities to the extent possible.
Unity of Governmental Effort. Various government entities possess different roles, responsibilities, authorities, and capabilities that can all be brought to bear on cyber incidents. These efforts must be coordinated to achieve optimal results. Whichever Federal agency first becomes aware of a cyber incident will rapidly notify other relevant Federal agencies in order to facilitate a unified Federal response and ensure that the right combination of agencies responds to a particular incident. State, local, tribal, and territorial (SLTT) governments also have responsibilities, authorities, capabilities, and resources that can be used to respond to a cyber incident; therefore, the Federal Government must be prepared to partner with SLTT governments in its cyber incident response efforts. The transnational nature of the Internet and communications infrastructure requires the United States to coordinate with international partners, as appropriate, in managing cyber incidents.
Enabling Restoration and Recovery. Federal response activities will be conducted in a manner to facilitate restoration and recovery of an entity that has experienced a cyber incident, balancing investigative and national security requirements, public health and safety, and the need to return to normal operations as quickly as possible.
IV. Concurrent Lines of Effort
In responding to any cyber incident, Federal agencies shall undertake three concurrent lines of effort: threat response; asset response; and intelligence support and related activities. In addition, when a Federal agency is an affected entity, it shall undertake a fourth concurrent line of effort to manage the effects of the cyber incident on its operations, customers, and workforce.
Threat response activities include conducting appropriate law enforcement and national security investigative activity at the affected entity’s site; collecting evidence and gathering intelligence; providing attribution; linking related incidents; identifying additional affected entities; identifying threat pursuit and disruption opportunities; developing and executing courses of action to mitigate the immediate threat; and facilitating information sharing and operational coordination with asset response.
Asset response activities include furnishing technical assistance to affected entities to protect their assets, mitigate vulnerabilities, and reduce impacts of cyber incidents; identifying other entities that may be at risk and assessing their risk to the same or similar vulnerabilities; assessing potential risks to the sector or region, including potential cascading effects, and developing courses of action to mitigate these risks; facilitating information sharing and operational coordination with threat response; and providing guidance on how best to utilize Federal resources and capabilities in a timely, effective manner to speed recovery.
Threat and asset responders will share some responsibilities and activities, which may include communicating with affected entities to understand the nature of the cyber incident; providing guidance to affected entities on available Federal resources and capabilities; promptly disseminating through appropriate channels intelligence and information learned in the course of the response; and facilitating information sharing and operational coordination with other Federal Government entities.
Intelligence support and related activities facilitate the building of situational threat awareness and sharing of related intelligence; the integrated analysis of threat trends and events; the identification of knowledge gaps; and the ability to degrade or mitigate adversary threat capabilities.
An affected Federal agency shall engage in a variety of efforts to manage the impact of a cyber incident, which may include maintaining business or operational continuity; addressing adverse financial impacts; protection of privacy; managing liability risks; complying with legal and regulatory requirements (including disclosure and notification); engaging in communications with employees or other affected individuals; and dealing with external affairs (e.g., media and congressional inquiries). The affected Federal agency will have primary responsibility for this line of effort.
When a cyber incident affects a private entity, the Federal Government typically will not play a role in this line of effort, but it will remain cognizant of the affected entity’s response activities, consistent with the principles above and in coordination with the affected entity. The relevant sector-specific agency (SSA) will generally coordinate the Federal Government’s efforts to understand the potential business or operational impact of a cyber incident on private sector critical infrastructure.
V. Architecture of Federal Government Response Coordination for Significant Cyber Incidents1
In order to respond effectively to significant cyber incidents, the Federal Government will coordinate its activities in three ways:
National Policy Coordination2
The Cyber Response Group (CRG), in support of the National Security Council (NSC) Deputies and Principals Committees, and accountable through the Assistant to the President for Homeland Security and Counterterrorism (APHSCT) to the NSC chaired by the President, shall coordinate the development and implementation of United States Government policy and strategy with respect to significant cyber incidents affecting the United States or its interests abroad.
National Operational Coordination
Agency Enhanced Coordination Procedures. Each Federal agency that regularly participates in the CRG, including SSAs, shall establish and follow enhanced coordination procedures as defined in the annex to this PPD in situations in which the demands of responding to a significant cyber incident exceed its standing capacity.
Cyber Unified Coordination Group. A Cyber Unified Coordination Group (UCG) shall serve as the primary method for coordinating between and among Federal agencies in response to a significant cyber incident as well as for integrating private sector partners into incident response efforts, as appropriate. A Cyber UCG shall be formed at the direction of the NSC Principals Committee, Deputies Committee, or the CRG, or when two or more Federal agencies that generally participate in the CRG, including relevant SSAs, request its formation. A Cyber UCG shall also be formed when a significant cyber incident affects critical infrastructure owners and operators identified by the Secretary of Homeland Security as owning or operating critical infrastructure for which a cyber incident could reasonably result in catastrophic regional or national effects on public health or safety, economic security, or national security.
A Cyber UCG will normally consist of Federal lead agencies for threat response, asset response, and intelligence support, but will also include SSAs, if a cyber incident affects or is likely to affect sectors they represent. In addition, as required by the scope, nature, and facts of a particular significant cyber incident, a Cyber UCG may include participation from other Federal agencies, SLTT governments, nongovernmental organizations, international counterparts, or the private sector.
Following the formation of a Cyber UCG, Federal agencies responding to the incident shall assign appropriate senior executives, staff, and resources to execute the agency’s responsibilities as part of a Cyber UCG. The Cyber UCG is intended to result in unity of effort and not to alter agency authorities or leadership, oversight, or command responsibilities. Unless mutually agreed upon between agency heads or their designees, and consistent with applicable legal authorities such as the Economy Act of 1932 (31 U.S.C. 1535), Federal departments and agencies will maintain operational control over their respective agency assets.
Federal lead agencies. In order to ensure that the Cyber UCG achieves maximum effectiveness in coordinating responses to significant cyber incidents, the following agencies shall serve as Federal lead agencies for the specified line of effort:
In view of the fact that significant cyber incidents will often involve at least the possibility of a nation-state actor or have some other national security nexus, the Department of Justice, acting through the Federal Bureau of Investigation and the National Cyber Investigative Joint Task Force, shall be the Federal lead agency for threat response activities.
The Department of Homeland Security, acting through the National Cybersecurity and Communications Integration Center, shall be the Federal lead agency for asset response activities.
The Office of the Director of National Intelligence, through the Cyber Threat Intelligence Integration Center, shall be the Federal lead agency for intelligence support and related activities.
Drawing upon the resources and capabilities across the Federal Government, the Federal lead agencies are responsible for:
Coordinating any multi-agency threat or asset response activities to provide unity of effort, to include coordinating with any agency providing support to the incident, to include SSAs in recognition of their unique expertise;
Ensuring that their respective lines of effort are coordinated with other Cyber UCG participants and affected entities, as appropriate;
Identifying and recommending to the CRG, if elevation is required, any additional Federal Government resources or actions necessary to appropriately respond to and recover from the incident; and
Coordinating with affected entities on various aspects of threat, asset, and affected entity response activities through a Cyber UCG, as appropriate.
Field-Level Coordination
Field-level representatives of the Federal asset or threat response lead agencies shall ensure that they effectively coordinate their activities within their respective lines of effort with each other and the affected entity. Such representatives may be co-located with the affected entity.
VI. Unified Public Communications
The Departments of Homeland Security and Justice shall maintain and update as necessary a fact sheet outlining how private individuals and organizations can contact relevant Federal agencies about a cyber incident.
VII. Relationship to Existing Policy
Nothing in this directive alters, supersedes, or limits the authorities of Federal agencies to carry out their functions and duties consistent with applicable legal authorities and other Presidential guidance and directives. This directive generally relies on and furthers the implementation of existing policies and explains how United States cyber incident response structures interact with those existing policies. In particular, this policy complements and builds upon PPD-8 on National Preparedness of March 30, 2011. By integrating cyber and traditional preparedness efforts, the Nation will be ready to manage incidents that include both cyber and physical effects.
BARACK OBAMA
1 Additional details regarding the Federal Government’s coordination architecture for significant cyber incidents are contained in an annex to this PPD.
2 This sub-section supersedes NSPD-54/HSPD-23, paragraph 13, concerning the National Cyber Response Coordination Group.
Share This:
Twitter
31 posted on Wed Aug 3 13:05:06 2016 by MarchonDC09122009 (When is our next march on DC? When have we had enough?)
So let me guess: If Trump wins, then his victory will be attributed to Russian hackers. Thus, the result will be declared null & void.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.