“Chaos” and “debacle” are the words the San Diego Union-Tribune, the Wall Street Journal, and others use to describe the Iowa Democratic Party caucus, which yesterday gave party members the opportunity to express their preference for a Presidential candidate. Those preferences remain unknown, as the results are still being counted and checked, delayed by problems with an app deployed in the caucuses for the first time. There are no reports of any form of cyberattack. The distinctive way the caucuses are conducted suggests only limited lessons for election security. Principal among those would be "don't deploy technology in voting until it's been thoroughly tested under realistic conditions."
While there was little-to-no evidence of foreign interference in Iowa, a McAfee study released this morning suggests that local authorities in the US are particularly ill-prepared to counter the problem of influence operations conducted through compromised county websites. Fixing the basic failures in website design McAfee calls out wouldn't be a panacea, but it might amount to a good start.
Japanese electronics giant NEC disclosed Friday that its networks had sustained an unauthorized intrusion by parties unknown in 2016. The incident was discovered in 2017, with remediation continuing into 2019. The company says no sensitive data were lost, but it doesn't explain why the disclosure was made now.
Twitter said yesterday that a network of "fake accounts" had been exploiting its API to match usernames with phone numbers. Twitter says it's fixed the problem, and warns that a nation-state might have been responsible.