Tag: cybersecurity

Election Infrastructure declared critical by US Dept of Homeland Security

Election infrastructure is vital to our national interests, and cyber attacks on this country are becoming more sophisticated, and bad cyber actors – ranging from nation states, cyber criminals and hacktivists – are becoming more sophisticated and dangerous.

Statement by [US Department of Homeland Security] Secretary Jeh Johnson on the Designation of Election Infrastructure as a Critical Infrastructure Subsector – January 6, 2017

There was also a joint statement from US intelligence agencies about  Foreign Cyber Threats to the U.S. issued on January 5, 2017

Despite ever-improving cyber defenses, nearly all information, communication networks, and systems will be at risk for years to come from remote hacking to establish persistent covert access, supply chain operations that insert compromised hardware or software, malicious actions by trusted insiders, and mistakes by system users. In short, the cyber threat cannot be eliminated. Rather, cyber risk must be managed in the context of overall business and operational risk. At present, however, the risk calculus some private and public sector entities employ does not adequately account for foreign cyber threats or systemic interdependencies between different critical infrastructure sectors.

(Emphasis mine.)
The report concludes that things are only going to get worse.

Over the next five years, technological change will only accelerate the intersection of cyber and physical devices, creating new risks. Adversaries are likely to further explore cyber-enabled psychological operations and may look to steal or manipulate data to gain strategic advantage or undermine confidence.

Joint Statement for the Record on Foreign Cyber Threats to the U.S. to the Senate Armed Services Committee – January 5, 2017

I am less interested in the details of specific events and specific actors, but nevertheless, on January 6, 2017 the US Office of the Director of National Intelligence released a joint CIA, FBI, NSA report: ICA 2017-01D “Assessing Russian Activities and Intentions in Recent US Elections”

We assess Moscow will apply lessons learned from its Putin-ordered campaign aimed at the US presidential election to future influence efforts worldwide, including against US allies and their election processes.

(Emphasis mine.)
ICA 2017-01D Assessing Russian Activities and Intentions in Recent US Elections – January 6, 2017

Canada’s Chief Electoral Officer wants electronic counting option

The Chief Electoral Officer has made his Recommendations following the 42nd General Election.  Buried in it is recommendation A3, which would in my opinion open the door to unaccountable experimentation with Canada’s (federal) vote-counting system, a system that is currently extremely fast and high-integrity.  In particular it opens the door to introduce electronic counting (vote counting computers).  I don’t know why one would want to fix something that is not broken, and why Canada would want to give the sole authority to make that change to the Chief Electoral Officer (CEO).

Recommendation A3: Subsection 283(3) should be replaced with a general provision that allows the ballot-counting process to proceed according to the CEO’s instructions.

These recommendations are being discussed in closed sessions of the Parliamentary PROC (Procedure and House Affairs Committee).  It is not clear how the public can provide input into the discussions, other than by contacting PROC.


At the time of this writing, the next closed meeting will be meeting 42, November 24, 2016.  You can find the list of all PROC meetings for the current Parliamentary session at


Recommendations Report

An Electoral Framework for the 21st Century: Recommendations from the Chief Electoral Officer of Canada Following the 42nd General Election


From Table A—Recommendations Discussed in Chapters 1 and 2

Issues with Vote Counting Computers

The only way to be sure that votes have been counted is to

  1. Vote on paper
  2. Count the paper

If you have very complex counting, with either many positions being voted upon at once, or with an indirect allocation of results based on calculations, then you might choose vote counting computers that scan the paper ballots.  But be aware that you then MUST

  • extensively test vote counting computers before and after the election
  • remove voting computers from service during the live election and test them (in order to test under true voting conditions)
  • conduct risk-limiting audits of the paper ballots
  • keep the computers secure at all times, including between elections
  • keep the computers well-maintained at all times, including between elections

Which is to say, using vote counting computers may be faster for complex elections, but it is definitely not cheaper when done with proper risk management.

It is possible to take a hybrid approach, although no jurisdiction I know of does so.  In a hybrid approach, particularly important votes would be separately hand marked and hand counted (e.g. in the USA it would make sense to separate the Presidential ballot and count from all other vote casting and counting).

Note that in Canada we don’t (yet) have complex elections, meaning there is literally no justification for computer counting of ballots.  You’re introducing greater security risk, along with the need to continuously warehouse, maintain and secure the voting computers.

And note I said voting computers not some incorrect term like “voting machines” or “electronic counting devices” or “electronic tabulators” or “optical mark-sense scanners”.  These are full-fledged computers with optical scanners attached.  Computers that are vulnerable to all the regular and routine sorts of attacks and errors that happen every day.

Now think about this concept of “efficiency”.  How often does an election take place?  Once every four years?  And how long does it take to do the count?  With a simple ballot, you might save a few minutes on the entire count.  And then what do you do with the computers?

To save a few minutes every four years, you have to spend millions of dollars to warehouse and maintain vote counting computers.  And warehouse them securely, if you care about elections security.  And technology goes obsolete quickly.  So basically you’re paying for computers to sit in warehouses going obsolete, in pursuit of some illusory time and efficiency savings.

Aleksander Essex on Internet Voting in Canada

Aleksander Essex’s submission to the ERRE Special Committee on Electoral Reform is now available:

Some key areas of concern he identifies include:

  • Vote selling and Coercion
  • Phishing
  • Automation bias
  • Denial of Service
  • Client-side malware/spyware
  • Network attacks
  • Server penetration
  • Insider influence
  • State-level actors

He cites the recommendations in the 2015 Utah iVote Advisory Committee Report (PDF), specifically the call for public trials (white hat hacking) of any proposed Internet voting system. Here’s the relevant paragraph from the Utah report:

We recommend that Utah build requirements for an open, public trial for any proposed voting system. The requirements should clearly state the level of integrity and auditability that is required for acceptance along with the overall security and integrity goals for the system. Be aware that even with open, public penetration trials, an Internet voting system would still be subject to malware, phony voter, DDoS, phishing, and insider attacks. So we further recommend that any requirements for an Internet voting system address these concerns specifically and require that vendors satisfy them. In addition, Utah should strongly consider that source code for the entire voting system be made open source so that it can be subjected to review, build, and test by computing professionals not under the influence or supervision of the vendor.

For more about Aleksander Essex see my list of computer science experts


CSE reports thousands of Canadian federal gov systems compromised yearly

The CSE statement says that of more than 4,500 known federal government computer-system compromises to date in 2016, it can identify only three known instances where data were actually stolen.

From the Globe and MailHackers target Canadian government’s energy and resource departments – by Colin Freeze – November 17, 2016

The article is based on the CSE response to a Parliamentary question.

Specifically, CSE responded in Sessional Paper No. 8530-421-14 to Question Q-525 in the 42nd Parliament, 1st Session.  Unfortunately at this time I am not able to post this paper online.


You can see the titles of all Written Questions and the information about the responses at Status of House Business – Part III – Written Questions http://www.parl.gc.ca/HousePublications/Publication.aspx?Pub=status&File=12

The specific info for this question is

Q-5252Mr. Jeneroux (Edmonton Riverbend) — Cyber attacks — Notice — September 30, 2016

Answer tabled (Sessional Paper No. 8530-421-14) — November 16, 2016

Made an Order for Return and answer tabled (Sessional Paper No. 8555-421-525) — November 18, 2016

Sessional papers must currently be requested from the Library of Parliament info@parl.gc.ca

To find the actual text of the question, the only way I know is to go back through the Order Paper and Notice Paper, usually from the day after the notice date.  You can find Q-525 in the October 3, 2016 Questions section:

Q-5252 — September 30, 2016 — Mr. Jeneroux (Edmonton Riverbend) — With regard to cyber attacks, broken down by month, and by department, agency, and crown corporation, since January 1, 2016: (a) how many cyber attacks have occurred, either against a department, agency or crown corporation or on one of their servers or networks; (b) how many of the attacks referred to in (a) resulted in government information being stolen; (c) how many of the attacks referred to in (b) resulted in classified government information being stolen; (d) how many of the attacks referred to in (a) resulted in individuals’ personal information being stolen; (e) for each of the attacks referred to in (d), how many individuals’ personal information was stolen; (f) were the individuals from whom information was stolen informed of the theft, and, if so, how were they informed; and (g) for each case where individuals’ information was stolen, was the Privacy Commissioner notified?

The superscript 2 means 2 Response requested within 45 days.

And no, I don’t know how anyone would know any of this without spending a lot of time on parl.gc.ca plus getting some help.  It is very unintuitive and nothing is linked properly.