Clickability tracking pixel

Experts: Florida Voting Machines Ripe for Foreign Hackers

Florida may be ripe for the picking, computer scientists say, because numerous counties in the state still rely on voting machines that are drawing fire from experts for their vulnerability to a cyberattack.

by John Pacenti, Palm Beach Post / October 16, 2020

(TNS) — Bad actors working for the likes of Russia and other nation-states are lurking on the internet, waiting for their chance to infiltrate the American voting system.

Florida may be ripe for the picking, computer scientists say, because numerous counties rely on voting machines that are drawing fire for their vulnerability to a cyberattack.

These computer scientists along with election integrity groups familiar with the model that Palm Beach and 48 other counties use, say there are potentially numerous ways for a foreign entity to alter results.

They say that state election officials have accepted wholesale the spin from the manufacturer that these machines -- which voters at polling places feed ballots into after marking candidates of their choice -- are secure.

“It has been asserted that voting machines are not vulnerable to remote hacking because they are never connected to the Internet, but both the premise and the conclusion are false,” states a Sept. 15 letter sent to Florida’s Division of Elections by nearly 30 of the country’s top computer scientists and election integrity groups.

The experts urged the state to eliminate the use of wireless modems.

“Our elections remain under attack by the opponents of a free and fair democracy, who wish to compromise our election infrastructure to sow chaos, distrust, or even manipulate the election outcome,” the letter states.

The response of Florida’s election officials? Crickets.

Criticism of the machines, manufactured by Nebraska-based Election Systems & Software, has been building as America barrels toward a troublesome general election in little more than two weeks with the specter of election interference and a possible challenge to the results themselves by the sitting president.

After Russian hackers attacked America’s voting systems in 2016, numerous states such as Ohio bought voting machines that don’t allow internet access to their vote-counting apparatus. That year, two Florida counties -- Washington and St. Lucie -- were infiltrated by hackers aiming to corrupt their voter registration systems.

But Florida made no such changes like Ohio's, banking on wireless vote tabulators to get results to the public as fast as possible. Florida has certified the use of the wireless DS200 voting machines, but a federal commission whose standards are required by other states has not.

“They are vulnerable in so many different ways, and most importantly because of the way they are designed, you don’t need sophisticated nation- state-level antics at all,” said  Harri Hursti , a Finnish computer scientist who has made it his mission to tell the public of weaknesses in the American voting systems.

“You can hack them even without ever coming to the United States. You can remotely carry out attacks across the world.”

The hack-proof myth

Hursti was featured in the HBO documentary, “Kill Chain: The Cyber War on America’s Elections” and is on the board of Verified Voting, an organization that promotes responsible use of technology in elections.

Palm Beach County uses the DS200 voting tabulator made by ES&S, which contains the wireless connection to transmit results. It spent $15.7 million on the new machines and the system that goes with them in 2019.

Not all counties with the DS200 have wireless capability, but the Division of Elections did not respond to questions by The Palm Beach Post on how many do. Miami-Dade and Broward County are among them, according to published reports.

Hursti said Florida’s own test of the wireless DS200 in 2015 found that it can be bedeviled by just a bit of wrong code in its firewall script.

It is a misnomer, Hursti said, that the DS200 uses a modem, conjuring up the days when fax machines used dedicated landline phones, he said. But in fact, the machine is equipped with sophisticated software that pretty much operates as a cellphone, he said.

It’s also a myth that the machine is hack-proof because it still uses internet protocol when connecting to the wireless network, the computer scientist said.

“There is no secure network in that context. It’s using the same Verizon network a criminal would use,” Hursti said. “You can reroute that call to Florida and Moscow and back, and nobody would ever know it.”

Andrew Appel , a computer scientist at Princeton University, on his blog, Freedom to Tinker, diagrams how a hacker would alter election results. He said that a hacker can get through a border router from the internet or by walking near a polling place with a Stingray, a portable suitcase-sized device that can capture data by mimicking a cellphone tower.

“I think it would be wise for Palm Beach County to do what other states have done and that is to determine it is a security risk for a feature that is not necessary to have,” he said.

ES&S did not return an email or a phone call for comment.

Advertising for the DS200, though, says it uses encryption and a digital fingerprint to protect voting results. In one of its promotions, ES&S advertises the voting machine with the slogan, “Because who wants to be stuck inside counting ballots?”

And the company's website says it trains all election offices on its equipment. "We go above and beyond what's required to keep our elections safe," ES&S states.

How it works

Generally, vote totals are stored on memory cards, called cartridges, inside the voting machines at polling places.

The DS200 uses a wireless connection to transmit these results via cell towers to a simple file-transfer server that is connected to the internet behind a firewall.

For security reasons, the SFTP server and firewall are supposed to be connected to the internet for only a couple of minutes before an election to test the transmission, and then for long enough after an election to send the vote totals.

But researchers found some of the systems stayed connected to the internet for months at a time, and year-round for others, making them vulnerable to hackers.

And guess where? Critical battleground states, including seven Florida counties, nine Wisconsin counties and four Michigan counties. Miami-Dade, the most populous in the state, was one.

The assault that Russians mounted in 2016 on America's voting system was unrelenting.

They penetrated Illinois' voter registration database, hurling attacks "five times per second, 24 hours a day," according to a Senate Intelligence Committee report on Russian interference in the 2016 elections.

Problems in Palm Beach County

Palm Beach County had entirely a human problem with its wireless voting machines during the Aug. 18 primary, when a large percentage of results were delayed past midnight.

Supervisor of Elections  Wendy Sartory Link  blamed a delay in transmitting results from some precincts, in part, on thick walls in schools blocking the connection to the internet. For years, schools, which have been known for internet problems, have served as voting sites.

Some Palm Beach County polling places, because of school food deliveries, forced workers into rooms with poor internet connections.

The state found inadequate signal strength for the machines in two tests of the ES&S system in 2018 for certification. There is no indication that any tests were performed on wireless security, according to a Florida Division of Elections report.

Link said that poll workers are now trained on where to take the DS200 to get a solid signal. They may have to move the machine outside the polling station, such as an outside corner of a school, to transmit results.

“We have addressed all of it,” she said.

Paper trail as fail-safe

Marion County Supervisor of Elections  Wesley Wilcox  said he has been using some form of electronic transfer of election results for the past two decades and has never had a problem.

He said the concerns with wireless transfers are hypothetical and conspiratorial. He pushed back on the contention that the DS200 uses a cellphone connection like any other.

The results remain walled off from the wireless device in the DS200 until the time they are to be transmitted. Wilcox said that the machines use what is akin to a secret handshake to transmit data.

Marion, with the county seat of Ocala, is large. To transport election results by hand to the tabulation center would delay results significantly on election night, Wilcox said.

But Wilcox and Link said voters need to know there is a safety net in case election results are corrupted by outside actors: a paper trail.

Before any results are transmitted, poll workers print out the results. One copy goes to the Supervisor of Elections Office and the other is posted on the window or door of the polling station.

“That is my rock,” Wilcox said. “We’ve been doing this for 20 years and nobody has intercepted interim results, but if they were, I got the actual printed out results.”

“That is how we know if something was changed,” Link said.

The cartridge with the voting data from the machine -- the official results -- also are transported to the election office, as are the paper ballots submitted by voters.

Wilcox was adamant the public know that the electronic transfer of data for expediency sake does not represent the official results. Those are on the paper trail and the memory card.

But what about election central where the votes from hundreds of precincts are compiled?

The letter sent to the Division of Elections last month pointed out that an official with the federal government’s National Institute of Standards and Technology expressed fear that hackers could inject malware into the voting system.

“Now you can change the data, now you can change the information that’s within the voting system, or change the behavior of the voting system itself,” the official was quoted in the September letter as saying on a conference call with the Elections Assistance Commission.

The official said the use of wireless devices “make the voting system a node on the internet” and that it “could provide an entryway for remote attackers.”

The results transmitted wirelessly by the DS200 are what voters get on the night of the vote -- but they are unofficial.

Link said her workers check the paper trail against the results shortly after Election Day.

She said 100 percent of the results during the primary matched the paper trail.

No oversight, no regulation

The enthusiasm of election chiefs in Florida about the DS200 is not shared with voting integrity groups or numerous computer scientists.

Just this August, the Election Assistance Commission chastised ES&S for promoting in marketing materials that the model with an embedded wireless connection had been certified by the bipartisan commission.

Many states will use only voting machines that are EAC certified, but Florida is not one of them.

Advocates said the EAC’s rebuke was a good first step but that the federal government needs to do more.

“The election industry is entirely broken,” said  Susan Greenhalgh , senior adviser on election security for Free Speech for People, an election integrity group.

“There is no oversight of it. There is no regulation. As a result, the vendors can make these sorts of false claims with impunity."

Free Speech for the People spearheaded the letter to the Florida Division of Elections with more than a dozen computer scientists, like Appel.

Ciara Torres-Spelliscy , a professor of law at Stetson University College of Law, said there is more security in gaming systems than voting machines.

“As Americans, we have not invested in election security,” she said. “Voting localities have to balance their budgets so that filling potholes and election security are fighting each other for spots on the budget and often the potholes win.”

Another myth about election security, Torres-Spelliscy said, is that the voting system is secure because it is so decentralized with counties in various states using different technologies. It would take a massive coordinated effort by Russia or China to be able to hack all these sites, the argument goes.

But the fact is, Torres-Spelliscy said, most tabulators use similar hardware and software. “You can impact a voting technology used across many jurisdictions,” she said. “It is possible to have a huge impact.”

Link says Palm Beach County is ready.

On Oct 5, Link and other Florida supervisors of elections met with federal authorities to go over possible scenarios and how they would respond to different cybersecurity attacks.

She told the Palm Beach County Commission the day before that her office has been detecting such attempts, which are expected to only increase as Election Day nears.

“We are stopping them,” Link told commissioners.

(c)2020 The Palm Beach Post (West Palm Beach, Fla.). Distributed by Tribune Content Agency, LLC.

Looking for the latest gov tech news as it happens? Subscribe to GT newsletters.

E.REPUBLIC Platforms & Programs