Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Nashville news?

Get a daily digest of the most important stories affecting your hometown with the Axios Nashville newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Columbus news?

Get a daily digest of the most important stories affecting your hometown with the Axios Columbus newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Dallas news?

Get a daily digest of the most important stories affecting your hometown with the Axios Dallas newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios NW Arkansas

Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Aïda Amer/Axios

State and city election boards have spent the better part of 3 years hardening their systems for a 2020 hacker invasion. Yet all that work may not be enough to keep out ransomware.

Driving the news: On Monday, Reuters was first to report that the Department of Homeland Security would begin helping elections officials prepare for ransomware attacks.

  • Ransomware typically locks users out of their own files until they pay a ransom. Across an election office's network, those files could range in sensitivity from trivial vacation schedules to essential voter data.

Background: DHS has been aiding local officials since 2016, trying to prevent a repeat of that year's election interference campaigns.

  • Voting machines often dominate the public conversations around election security. But DHS and localities have to take a much more holistic view of security. Russia did not attack voting machines in 2016, but it did conduct reconnaissance on accessing and altering voter registration databases.

The big question: Accessing and altering data is technically all that most ransomware does, and the criminals behind ransomware are at least notionally less sophisticated than the militaries and spies that states are gearing up to protect against. So why is ransomware still a problem for elections?

  • Many states have made defending against motivated, strategic actors their election security priority. But ransomware is deployed by opportunistic criminals, and fighting it can be more akin to fighting a force of chaos.

When Russia probed voter databases in 2016, it approached them through the easiest access point — vulnerabilities in web applications that connect to the database. So states concentrated on shoring up defenses around the web applications and databases, said Dylan Owen, senior manager for cyber services at Raytheon.

  • But less critical systems that access the secure database may not be as well protected.
  • Elections officials might be left with the time-consuming task of restoring dozens of office systems in their entirety in a ransomware attack. That could impair their ability to provide services, even if the ransomware never reaches the voter database.
  • "This is more about defending the [systems] that connect to those databases, in my mind," Joseph Lorenzo Hall, an election security expert serving as chief technologist of the Center for Democracy & Technology, speculated in an email.

What they're saying: Homeland Security describes both the databases and the systems retrieving data as potential concerns.

  • "Voter registration databases could be an attractive target for these attacks," said Christopher Krebs, who directs the cyber-focused wing of DHS, in a written statement. "A successful ransomware attack at a critical point before an election could limit access to information and has the potential to undermine public confidence in the election itself."

States have made strides in protecting voter databases, but not all states are entirely there yet.

  • "In a utopian world, that’s how the process would work," said Brian Varner, a researcher at Symantec who recently discovered at least one instance where the utopia never came to fruition.
  • Varner presented research at the DEF CON conference about a state that inadequately separated its elections computers and databases from other state systems. Hackers who infected one of those other systems could hypothetically work their way back to the election systems.

Go deeper

Ben Geman, author of Generate
6 hours ago - Energy & Environment

Key clean power provision likely won't survive in Dems' spending bill

A construction worker walks along a dirt road at the Avangrid Renewables La Joya wind farm in Encino, New Mexico, on Aug. 5, 2020. Photo: Cate Dingley/Bloomberg via Getty Images

A pillar of Democrats' plans to speed deployment of zero-carbon electricity is likely to be cut from major spending and tax legislation they are struggling to move on a party-line vote, per multiple reports and a Capitol Hill aide.

Driving the news: The New York Times, citing anonymous congressional aides and lobbyists, reports that West Virginia Sen. Joe Manchin (D) has told the White House he "strongly opposes" the Clean Electricity Performance Program.

Updated 8 hours ago - World

Fatal stabbing of British MP David Amess declared a terrorist incident

Police outside Belfairs Methodist Church in Leigh-on-Sea, England, on Oct. 15. Photo: John Keeble/Getty Images

Authorities have declared the death of David Amess a terrorist incident, hours after the Conservative Party lawmaker in the U.K. was fatally stabbed while meeting with local constituents in a church in eastern England on Friday.

The big picture: The Metropolitan Police has found "a potential motivation linked to Islamist extremism."

Biden: DOJ should prosecute those who defy Jan. 6 subpoenas

President Biden speaks with reporters at Bradley International Airport in Windsor Locks, Connecticut. Photo: Brendan Smialowski/AFP via Getty Images

President Biden said Friday that the Justice Department should prosecute those who defy subpoenas from the Jan. 6 select committee.

Why it matters: The president's remarks come one day after Donald Trump ally Steve Bannon failed to show up for a deposition before the committee.