The central purpose of this inquiry is to examine whether voter registration hacking effects the vote count. Unequivocally, the answer is: “Yes, it does.” At the House Intelligence Committee hearing earlier this week covering Russian influence in the 2016 election, FBI Director James Comey and NSA Director, Admiral Michael Rogers were asked multiple questions related to vote tally manipulation, vote count changes, & voter registration hacking. Both men answered that they had no evidence of vote count changes in the states of Michigan, Pennsylvania, Wisconsin, Florida, North Carolina, and Ohio, but that there was evidence of extensive voter registration compromise throughout the country. Admiral Rogers explained, however, that the question was not generally within the scope of his department.
I am currently working on a 50 state survey, but have not yet finalized research on the above-mentioned states. With intelligence community resources being stretched thin no doubt — it is important to note that we need a forensic audit of the voting machines across the country as they are easily prone to hacking and vulnerable to outside influence. This is especially critical because of penetration into the election systems as well as increasing Russian capabilities point to a larger problem outside of the 2016 election which call for a more permanent solution.
It is important to consider the Russian hacking network, capability to make and distribute computer viruses, motive for hacking, and confirmed voter registration penetration versus our own voting machine and voter registration vulnerabilities when answering the question. Considering Russian capabilities, motive, as well as “loud,” prolonged, and confirmed voter registration penetration, we need more information to be made public related to any investigation surrounding the election systems. To be clear our election systems include both the voter registration and vote count components.
Voter Registration Hacking = Vote Count Hacking
State governments, naturally do not want federal interference into their election system processes. A healthy separation of powers between the federal and state governments has been continual constitutional debate throughout our history. Possible hacking of any component of the election system is a politically controversial topic because there is concern about who may be held responsible if a system is ultimately determined to have been hacked. Although accepting responsibility can be difficult, it does not eliminate the fact that most states are not taking adequate measures to protect their election systems from intrusion into the voter registration component. A lack of transparency and accountability, combined with a bit of negligence have created a gaping hole in our democracy.
At the state level, it has been suggested that there is a significant difference between the voter registration systems and the vote count system. Such a position bolsters the claim that we do not need to take action, however, such logic is short-sighted. The typical argument against election system modifications which are so badly needed is that (1) no evidence of vote count hacking exists; (2) our voting system is decentralized; (3) our voting machines vary in their technology; (4) voting machines do not connect to the internet and; (5) the voting machines are completely separate from the voter registration system.
All of these points fail. Here’s why:
1. No Evidence of Vote Count Hacking Exists – Actually it Does…
Typically, those who control the voting systems limit access to those machines. Through extensive research, I found that whenever a critical issue existed, it is glossed over as if the problem were minimal or it is never addressed. Again, it is difficult to say such a defense happens in every case, but I have reviewed hundreds of critical issues and found minimal addressing of the critical issues indicating penetration, thus demonstrating the need for change. Take for example, problems in Michigan where the ballot results did not match the machine count.
It is important to note that because of the mismatch between ballots and the machine counts, Michigan certified the machine counts. This is an unfair result — the ballot count should take precedence or perhaps a revote should apply, but to certify the machine does not represent the will of the voters.
Michigan’s audit report on Detroit election issues, potentially changing the results of that state’s election where a 27 page, single spaced document detailed all the problems found during the audit, but only addressing the most critical issues — the central reason for the audit (the machine vs ballot mismatch) with only 12 words and no explanation.
— Ruben Major, JD, MA (@rubenkmajor) February 20, 2017
Why take the time to write a 27 page report and not identify and take action on the issue voters were most concerned about during Michigan’s recount?
2. Our Voting System is Decentralized – Not an effective argument. History shows us that commercial and personal decentralized systems have already been compromised.
At this time hackers are able to compromise vast networks and computers all over the world. There are continual stories in the press related to banking, institutional, email hacking, etc… Think of what a nation could accomplish with droves of hackers, who use sophisticated software and networks to accomplish their means. Hackers are already hitting decentralized targets all over the world. Thus the idea that a hacker could not hit our voting systems because they are decentralized is flawed.
3. Our Voting Machines Vary in Their Technology – True, but this is NOT GOOD — they are generally older and this makes them more vulnerable to hacking.
While it is true that there are a variety of vendors, of voting machines, the Operating System of the voting machines is largely the same. This software is 10-20 years old — remember Windows XP? Most machines are using this sofware according to a Wired article published just prior to the election. When newer computers are scanning for updates on a daily basis, it is illogical to think that older software would protect a machine from viruses and hacking because the opposite is true.
4.Voting Machines Do Not Connect to the Internet – Inaccurate. Many connect to the internet and those that don’t can still be hacked.
This is an inaccurate statement. Many machines have modems, can and do connect to the internet. If they are online, there is a chance they can be vulnerable to hacking. Additionally machines that cannot connect to the internet can still be hacked through removable media, such as a USB stick which is inserted into the machine to upload candidate information. The USB stick could potentially transmit a virus from an infected computer loaded with an undetected malicious virus used to generate candidate information in the first place. In Arizona, an election official’s computer was found to be infected, prompting the 9 day shut down discussed earlier.
Although we have yet to receive reporting on Arizona’s compromise, this information would be vital to a well conducted investigation. The same is true of the remainder of states experiencing any symptoms of hacking of the election systems.
5. Voting Machines are Completely Separate from the Voter Registration System – Untrue. They are not separate systems, but rather complimentary and critical components of the election systems.
Voter registration systems and voting machines are actually a part of the entire election system. In order to cast a ballot a person must be registered to vote. Once registered, they go onto a voter roll. A volunteer helping with voting will usually check the list to see if the voter is on the rolls. If they are found, the voter will then be permitted to vote. If the voter is not on the rolls or if there is an issue with their stated party on their voter registration form, they may not be permitted to vote, thus effecting the vote count.
During the primary election, if a person is not registered to vote because they were removed by a hacker or their voter party was switched by a hacker that person might not be allowed to vote. Being removed from the voter registration system is perhaps the single biggest problem with our voting systems currently. A provisional ballot would generally not be counted in a party switch hack. If a hacker had control of the voter registration systems during the primary, they could essentially control the general election candidates, thus controlling the vote count which would have otherwise been cast to a different candidate.
Though extensive research, I have found that at the very least, several hundred thousand voters had their registration party switched during the primary. I intend to expound upon this information in a 50 state survey. The last state I detailed was Connecticut.
This is similar to the primary election except that a person with a switched primary party would be entitled to vote. If the voter was kicked off the rolls prior to the registration deadline, they could be disenfranchised, thus affecting the vote count.
Vote Machines and The Vote Count
Again, questioning at the House Intelligence Committee hearing did not target all 50 states related to question of the vote count issue, but rather “various” and the “states previously discussed.” This information needs to be clarified in subsequent testimony. It is important to note that it would be nearly impossible to have conducted a forensic analysis of all voting machines across the country since the election, and indeed neither the House Intelligence Committee, the FBI Director, nor the NSA Director gave any indication of there being such an effort.
The states referenced in questioning were Michigan, Pennsylvania, Wisconsin, Florida, North Carolina, and Ohio. The aforementioned states were considered to be swing states in the 2016 election.
In Michigan, however, there were some issues which potentially indicate hacking and this should be investigated further. A previous article I wrote in January, reported the following:
In Detroit, it was found that most of the ballots in the precinct polls did NOT match the voting machine printouts. There were errors in 392 of the 662 counties. Such an error could be indicative of a computer virus because the variation on each machine would make it difficult to manipulate the count properly upon recount – this [could] be the reason for so many discrepancies.
However, state law says if there’s an error – there is no recount! So Stein gave up and Trump won Michigan despite the fact that there was a possibility that a malicious virus was embedded on the voting machines.
Arizona had numerous problems throughout the primary and prior to the general election. The issues occurring during the primary kicked many people off the voter rolls and had a profound impact on the vote count itself. This is because people were disenfranchised when they went to vote for their primary candidate.
As I explained in a previous article:
Arizona Secretary of State, Michelle Reagan gave testimony accepting that there had been alterations of both Republican and Democrat party affiliations — where they were changed to “No Party Preference.” Her testimony appeared genuinely concerned, shocked, and heartfelt. The results were truly disturbing.
It turns out that hackers were actually able to install malicious software, prompting the state to take the machines down/offline for nine days. For those naysayers, this is a confirmed remote access and compromise of an election system…
Remainder of Swing States & Various States
I am currently working on getting information out about other states for further analysis. I hope to have this available relatively soon. While research indicates symptoms indicating hacking, in some cases there are other explanations which I will specify in each article.
Regarding “various states,” representative Heck asked some follow up questions noted below:
HECK: Did you see efforts to penetrate any other portions of election systems, other than registrations? In this country it’s a highly-decentralized system and, as a consequence, you will recall, then-Secretary of Homeland Security, Jeh Johnson, indicated that election systems should become a part of our critical infrastructure for cybersecurity purposes.
COMEY: Their efforts were aimed at the voter registration systems in various states, and it takes different forms in various states. Sometimes there’s a private vendor, sometimes it’s state. But it — that’s where it was focused, and not on the — the vote itself, vote machines, vote tabulation, vote transmission, that we’ve seen.
What’s important to note about the response is that it is general in nature with regard to the term “various states” as well as where the efforts were “aimed” or “focused.” There does not appear to be a definite answer from the response and so it is recommended that Committee members ask more poignant questions related to the vote counting itself to get a clearer picture.
Advancing hacking tools & techniques available to foreign nations and actors as well as domestic agents and the well documented ability to penetrate our voting systems, demonstrates the urgent need to take action. We need to start by fully investigating the extent of compromise with a forensic analysis of voting machines across the country. Only at that point can we fully assess the damage and take appropriate action. The process needs to be as open and transparent as possible so the American people can have buy-in that the system is being fixed properly.
Once the investigation is complete, and if there are still viruses, malicious code or other intrusions found on the voting machines themselves, the infections will need be removed and we will need to prevent of future implantation. One way this can be done is by implementing non-corporate controlled, open source voting machines with multiple redundancies which include printed paper ballots which are verified by the voter as it goes into the machine. For example, open source software/paper ballot election systems are now deployed in New Hampshire and funds have been allocated for projects in San Francisco, Los Angeles and Texas per the National Association of Voting Officials.
We can also secure the voter registration system with verification systems, such as two-factor authentication for changes to be made, various scripting solutions, and/or mail/email confirmation, among countless other solutions which I will detail once the 50 state survey is complete. Voter registration and vote count hacking should be at the very top of the list for any all Americans. If the issues are not rectified quickly lawmakers and candidates may find themselves in perilous circumstances. This problem will only continue to grow in intensity.