Voting machine breaches raise worries for elections
As midterms near, probes underway in at least 3 states
ATLANTA — Sensitive voting system passwords posted online. Copies of confidential voting software available for download. Ballot-counting machines inspected by people not supposed to have access.
The list of suspected security breaches at local election offices since the 2020 election keeps growing, with investigations underway in at least three states — Colorado, Georgia and Michigan. The stakes appeared to rise this week when the existence of a federal probe came to light involving a prominent loyalist to former President Donald Trump who has been promoting voting machine conspiracy theories across the country.
While much remains unknown about the investigations, one of the most pressing questions is what it all could mean for security of voting machines with the midterm elections less than two months away.
Election security experts say the breaches by themselves have not necessarily increased threats to the November voting. Election officials already assume hostile foreign governments might have the sensitive data, and so they take precautions to protect their voting systems.
The more immediate concern is the possibility that rogue election workers, including those sympathetic to lies about the 2020 presidential election, might use their access to election equipment and the knowledge gained through the breaches to launch an attack from within. That could be intended to gain an advantage for their desired candidate or party, or to introduce system problems that would sow further distrust in the election results.
In some of the suspected security breaches, authorities are investigating whether local officials provided unauthorized access to people who copied software and hard drive data, and in several cases shared it publicly.
After the Georgia breach, a group of election security experts said the unauthorized copying and sharing of election data from rural Coffee County presented “serious threats” to the November election. They urged the state election board to replace the touchscreen devices used throughout the state and use only hand-marked paper ballots.
Harri Hursti, a leading expert in voting security, said he is concerned about another use of the breached data. Access to the voting equipment data or software can be used to develop a realistic looking video in which someone claims to have manipulated a voting system, he said.
Such a fake video posted online or to social media on or after Election Day could create chaos for an election office and cause voters to challenge the accuracy of the results.
“If you have those rogue images, now you can start manufacturing false, compelling evidence — false evidence of wrongdoing that never happened,” Hursti said. “You can start creating very compelling imaginary evidence.”
There has been no evidence that voting machines have been manipulated, either during the 2020 election or in this year’s
primaries. But conspiracy theories widely promoted among some conservatives have led to calls for replacing the machines with handmarked and hand-counted ballots and raised concerns that they could be targeted by people working inside election offices or at polling places.
The suspected breaches appear to be orchestrated or encouraged by people who falsely claim the 2020 election was stolen from Trump. In several of the cases, employees of local election offices or election
boards gave access to voting systems to people who were not authorized to have it.
MyPillow CEO Mike Lindell, who has organized or attended forums around the U.S. peddling conspiracy theories about voting machines, said this week that he had received a subpoena from a federal grand jury investigating the breach in Colorado and was ordered to hand over his cellphone to FBI agents who approached him at a fastfood restaurant in Minnesota.
In an interview with the
Star Tribune of Minneapolis, Lindell said FBI agents questioned him about the Colorado breach and Dominion Voting Systems. The company provides voting equipment used in about 30 states and has had its machines targeted in the Colorado, Georgia and Michigan breaches.
When agents asked him why he flies between different states, Linden told them, “I’m going to attorney generals and politicians, and I’m trying to get them to get rid of these voting machines in our country.”