Breaches of voting machine data raise worries for midterms
ATLANTA - Sensitive voting system passwords posted online. Copies of confidential voting software available for download. Ballot-counting machines inspected by people not supposed to have access.
The list of suspected security breaches at local election offices since the 2020 election keeps growing, with investigations underway in at least three states - Colorado, Georgia and Michigan. The stakes appeared to rise this week when the existence of a federal probe came to light involving a prominent loyalist to former President Donald Trump who has been promoting voting machine conspiracy theories across the country.
While much remains unknown about the investigations, one of the most pressing questions is what it all could mean for security of voting machines with the midterm elections less than two months away.
Election security experts say the breaches by themselves have not necessarily increased threats to the November voting. Election officials already assume hostile foreign governments might have the sensitive data, and so they take precautions to protect their voting systems.
The more immediate concern is the possibility that rogue election workers, including those sympathetic to lies about the 2020 presidential election, might use their access to election equipment and the knowledge gained through the breaches to launch an attack from within. That could be intended to gain an advantage for their desired candidate or party, or to introduce system problems that would sow further distrust in the election results.
In some of the suspected security breaches, authorities are investigating whether local officials provided unauthorized access to people who copied software and hard drive data, and in several cases shared it publicly.
After the Georgia breach, a group of election security experts said the unauthorized copying and sharing of election data from rural Coffee County presented “serious threats” to the November election. They urged the state election board to replace the touchscreen devices used throughout the state and use only hand-marked paper ballots.
Harri Hursti, a leading expert in voting security, said he is concerned about another use of the breached data. Access to the voting equipment data or software can be used to develop a realistic looking video in which someone claims to have manipulated a voting system, he said.
Such a fake video posted online or to social media on or after Election Day could create chaos for an election office and cause voters to challenge the accuracy of the results.
“If you have those rogue images, now you can start manufacturing false, compelling evidence - false evidence of wrongdoing that never happened,” Hursti said. “You can start creating very compelling imaginary evidence.”
There has been no evidence that voting machines have been manipulated, either during the 2020 election or in this year’s primaries. But conspiracy theories widely promoted among some conservatives have led to calls for replacing the machines with hand-marked and hand-counted ballots and raised concerns that they could be targeted by people working inside election offices or at polling places.