State and local officials hastened to reassure Americans this week that the nation’s election systems are secure after the country’s top intelligence official accused Iran of sending threatening emails to voters in several states and the United States said Russia obtained voter information from at least one county.
U.S. officials and cybersecurity experts said the activity did not appear to include penetration of voting systems or access to voter registration databases, or the hacking of equipment that could be tampered with to alter election results.
“Arizona’s voter registration database remains secure,” said C. Murphy Hebert, a spokeswoman for the secretary of state’s office in Arizona, one of the states where Democratic voters reported receiving the threatening emails. “Some information in the voter record is publicly available in Arizona through a public record request, including party registration and, up until recently, emails. We are vigilantly monitoring all election systems.”
Federal and state officials said they have fortified election systems since 2016, when Russian hackers scanned election-related websites and software nationwide for vulnerabilities.
Multiple investigations found that no votes or voting machines were compromised by the Russians four years ago, and election administrators said that even more safeguards are in place now to prevent such an occurrence.
In addition, the threat has further declined this year with the surge of mail voting brought on by the coronavirus pandemic, because the vast majority of Americans are expected to cast paper ballots, which are harder to tamper with and easier to audit and recount, cybersecurity experts said.
Some experts and security advocates, however, said measures implemented since 2016 are insufficient and point to lingering risks such as poorly secured voting equipment and, in some states, the reporting of results from precincts and counties over phone lines. Congressional Democrats have called for hundreds of millions of dollars more for election security, but Senate Republicans have refused.
Election officials also worry that the recent interference by Iran and Russia could create a perception that U.S. elections are not secure, shaking the public’s faith in the outcome, even though no voting systems have been compromised.
In recent days, officials have sought to dispel that notion by publicly detailing descriptions of how votes are counted, how registration lists are maintained, and how federal, state and local officials are on constant alert for attempted intrusions.
“There are groups that are trying to confuse and mislead voters, to sow doubt about the process, and we all have a duty to check our facts,” Meagan Wolfe, the Wisconsin elections chief, said during a virtual news conference Thursday.
Fake, menacing emails in support of President Trump and claiming to be from the Proud Boys, a far-right group, reached hundreds of Democrats this week, with the bulk of the reports concentrated in Florida and Alaska. They instructed voters to cast their ballots for Trump or “we will come after you.”
U.S. officials quickly attributed the activity to Iran, saying the messages were part of a bid to shake confidence in American democracy, while a spokesman for the Iranian mission to the United Nations called the U.S. allegations “malign and dangerous.”
Jennifer Edwards, supervisor of elections in Collier County, Fla., said her office received about 100 reports from voters about the threatening emails starting Tuesday afternoon, prompting her to contact the FBI. But she emphasized that the senders “did not get into any of our systems.”
“We have done everything that we’ve been advised to do to protect our security infrastructure” since 2016, Edwards said, adding that the Department of Homeland Security as well as state officials have helped inspect the county’s technology.
In addition, federal security officials warned this week that a Russian hacking group known as Berserk Bear, which works for the KGB successor agency FSB, compromised the networks of two U.S. counties. One county was in California and one in Indiana, officials told The Washington Post.
At the same time, federal law enforcement officials urged state and local officials to remain vigilant to the risk of real data breaches.
“We have multiple state and federal partners monitoring our website and all of the voting systems on a routine basis,” said Patrick Gannon, spokesman for the State Board of Elections in North Carolina.
The activity by Iran and Russia pales in comparison with 2016, when Russia spectacularly hacked and leaked Democratic emails, disrupting the party’s national convention and Hillary Clinton’s presidential campaign, and mounted an ambitious effort on social media to try to stoke discord in the United States. In this year’s campaign, major technology companies say they have stopped similar activity emanating from Russia and other countries before the efforts gained significant traction.
The Senate Intelligence Committee concluded last year that Russia probably targeted election systems in all 50 states in 2016, identifying malicious activity more extensive than officials originally acknowledged. The closest hackers came in many states, investigators found, was in probing voter registration databases.
For instance, the FBI investigated a hack of the Illinois State Board of Elections in which up to 200,000 personal voter records were compromised, as well as an instance in which a credible threat prompted the Arizona Department of Administration to take its statewide voter registration system offline.
Also in 2016, Logan Lamb, a security researcher in Georgia, claimed to have conducted a so-called do-gooder hack, identifying a vulnerability that enabled him to download the state’s entire voter database and potentially alter registration information. Lamb said in an interview this week that the specific server he identified has since been taken offline.
Intelligence officials and security experts remain concerned that the Kremlin potentially poses the greatest threat of election interference, although Iran has been surprisingly assertive — and has pulled off the first foreign interference operation this election cycle targeting specific voters in a bid to undermine democratic confidence.
A breach of voter databases could sow significant chaos, said Theodore T. Allen, an associate professor of integrated systems engineering at Ohio State University. Changing registration details could throw hurdles in front of certain voters, possibly forcing them to cast provisional ballots.
Still, safeguards are in place to ensure that such ballots are ultimately counted, he said, a point stressed by U.S. officials, who sought to reassure the public that the Nov. 3 vote will not be compromised.
“We’ve been working for years as a community to build resilience in our election infrastructure — and today that infrastructure remains resilient,” FBI Director Christopher A. Wray said at a news conference Wednesday evening announcing Iran’s and Russia’s activity. “You should be confident that your vote counts. Early, unverified claims to the contrary should be viewed with a healthy dose of skepticism.”
Election administrators also emphasized the many layers of security in place to prevent the ultimate breach of an election system — an attempt to tamper with results.
In North Carolina, all voters will cast ballots on paper, and those ballots will be fed into scanners that are not connected to the Internet, Gannon said.
Once polls are closed on Election Day, memory cards in the scanners are physically transported to county election headquarters, where tabulation results are uploaded to a computer that is also not connected to the Internet. The results are then transferred to another memory card, and uploaded to a different computer that is connected to the county and state systems.
In addition, voting machines and scanners are tested ahead of the election to make sure they have been programmed to record voters’ choices correctly, he said. Poll books used to check in voters at polling locations are not connected to the Internet while in use.
Vote tallies will be audited after the election in several ways, Gannon said. For instance, the number of voters who check into a particular voting location will be matched against the number of votes tallied at that location. In addition, election officials in every county must hand-count the ballots in two randomly selected precincts to ensure that vote totals match the tabulation results from the digital scanners. Any irregularities would prompt an investigation and a delay in election certification.
Similar procedures are in place in Georgia, said Gabriel Sterling, the statewide voting system implementation manager for the Georgia secretary of state’s office. Unofficial results are compiled at counties’ election headquarters and then sent to the state’s election night reporting — via Internet connection — but official results are hand-delivered in a padlocked bag via a memory card that has never been connected to the Internet, he said. “We have chain of custody on all this stuff,” he said.
Experts say the biggest vulnerability lies in paperless voting machines, which are used in a handful of states. Jurisdictions that use hand-marked paper ballots have the greatest level of protection against malicious activity, said David Jefferson, a computer scientist at the Lawrence Livermore National Laboratory and a board chairman for Verified Voting.
“Wherever there are machines in the system, we worry about the software, even if it’s not hooked up to the Internet during the election,” he said, noting that some states, including South Carolina, have shunned paper ballots in favor of voting machines.
Some government websites that display public information lack sufficient security, some experts say.
For instance, recent research by McAfee, a cybersecurity company, found that “significant majorities” of county government websites use Web addresses that do not use the “.gov” domain-naming system, which adds an extra layer of protection against efforts to trick voters into visiting inauthentic sites.
In addition, at least nine states, including swing state Michigan, do not conduct post-election audits, according to the National Conference of State Legislatures.
“Unfortunately, we did not adopt much-needed minimum election safeguards nationwide following the revelations of 2016,” said Susan Greenhalgh, a senior adviser on election security for Free Speech for People, a nonprofit organization that advocates against special interests in politics and has been critical of the voting-machine industry. “Significant gaps remain in the security of our election infrastructure, largely because many election officials may not have a clear understanding of the inherent security risks of the technology and the threats we face.”
An additional factor this year is the diversion of millions of federal dollars directed to states to shore up election security. With the onset of the coronavirus pandemic, the U.S. Election Assistance Commission (EAC) authorized states to spend some of that money on measures meant to prevent the spread of the virus, such as protective equipment and sanitizing supplies.
It’s not known how much of the $800 million in election-security funding was diverted to coronavirus protections, said Benjamin Hovland, a member of the EAC.
Election officials as well as cybersecurity experts said the greater risk this year is disinformation involving claims of a hack, rather than a hack itself. “Telling people votes can be hacked is a disinformation tactic we saw from the Russians in 2016 and feeds into its own type of election hack,” said Maggie MacAlpine, co-founder of Nordic Innovation Labs, a cybersecurity consultancy.
Although 1 in 5 voters in 2016 used paperless machines to cast their ballots, Larry Norden, director of the Election Reform Program at the Brennan Center for Justice, estimated that 96?percent of people this year will use paper ballots, whether by mail or in person.
Online systems for registering to vote, as well as requesting and tracking mail ballots, also give voters a chance to monitor their own records. And election officials are creating more regular offline backups of voter registration data and public information websites, he said.
“There may well be more intense efforts over the next couple of weeks to push disinformation, to sow doubt about the system,” Norden said. “My best advice to the public and to voters is to tune it out.”
Joanna Lydgate, the national director of the Voter Protection Program, said during an online panel discussion on Thursday: “We want to be really clear that voting is safe. It’s secure. Your vote is private. No one, not even election officials, can see who you vote for. And the best way to defeat misinformation like this is to vote.”
Ellen Nakashima contributed to this report.