A group of election security experts have found what they believe to be nearly three dozen backend election systems in 10 states connected to the internet over the last year, including some in critical swing states. These include systems in nine Wisconsin counties, in four Michigan counties, and in seven Florida counties—all states that are perennial battlegrounds in presidential elections.
Some of the systems have been online for a year and possibly longer. Some of them disappeared from the internet after the researchers notified an information-sharing group for election officials last year the researchers told Motherboard.
Votes are generally stored on memory cards inside the voting machines at polling places. After an election, poll workers remove these and they’re driven to county election offices. However, some counties want to get their results faster, so they use wireless modems, either embedded in the voting machines or externally connected to them, to transmit the votes electronically. The system that receives these votes, called an SFTP server, is connected to the internet behind a Cisco firewall.
For security reasons, the SFTP server and firewall are only supposed to be connected to the internet for a couple of minutes before an election to test the transmission, and then for long enough after an election to transmit the votes. But the researchers found some of the systems connected to the internet for months at a time, and year-round for others, making them vulnerable to hackers.
ES&S diagram showing the configuration for the Cisco ASA firewall that sits on the internet in front of an FTP server that receives votes transmitted from voting machines. (The FTP server is labeled here as Data Comm RMS, for Results Management System). The diagram also shows the backend election-management system (EMS), which is used in some jurisdictions to program voting machines before each election, and the reporting system (EMS client) that collects votes from the FTP server and tabulates the results. Eleven states use ES&S’s DS200 optical scan machines with modems to transmit results on election night (the number of counties in a state that do this varies). Image: ES&S
Although no one is suggesting that any of these systems have been manipulated or hacked, the findings reveal how little local and federal election officials understand how these critical election systems are really configured and connected, and the extent to which they are beholden to what the vendors tell them.
Senator Ron Wyden (D-Oregon) said the findings are “yet another damning indictment of the profiteering election vendors, who care more about the bottom line than protecting our democracy.” It’s also an indictment, he said, “of the notion that important cybersecurity decisions should be left entirely to county election offices, many of whom do not employ a single cybersecurity specialist.”
“Not only should ballot tallying systems not be connected to the internet, they shouldn’t be anywhere near the internet,” he added.
An ES&S document supplied to Rhode Island and dated 2015, which clearly shows the modem transmission of votes from the company’s DS200 optical scan voting machines going over the internet.