Feds to Finally Investigate Voting Software Failure in North Carolina During 2016 Election
More than two years after voter check-in software failed on Election Day in a North Carolina county, federal authorities will finally conduct a forensic analysis of electronic poll books to see if Russian military hackers who targeted the software provider may have tampered with registration information to disrupt voting.
The U.S. Department of Homeland Security analysis of laptops used in Durham County is the first known federal probe of voting technology that malfunctioned during the 2016 election, when Russian hackers infiltrated election systems in several states, part of what special counsel Robert Mueller said was an effort to favor Donald Trump’s presidential campaign.
The malfunction of VR Systems’ electronic poll book software forced officials in the heavily Democratic county to issue paper ballots and extend voting hours. How many voters may have been disenfranchised as a result is unknown.
State election officials seized for evidence 21 laptops used to check in Durham County voters for the 2016 balloting shortly after the leak of a National Security Agency report revealed in mid-2017 that VR Systems had been targeted by a Russian spear-phishing campaign, said Josh Lawson, who was general counsel of the North Carolina board of elections at the time.
Lawson said Thursday that his office asked federal officials to do a forensic exam of the laptops — and that the FBI assisted the state in making images of their hard drives.
That long-dormant request was renewed last Friday. The reason: The report Mueller issued in April on Russian interference in the 2016 election described how Kremlin-backed cyber spies had installed malware on the network of a company that “developed software used by numerous U.S. counties to manage voter rolls.”
The name was redacted, but the chief operating officer of VR Systems, Ben Martin, said he believes the report was referring to his Tallahassee, Florida, company. Still, Martin disputes that it was hacked. Martin says a security audit by the cybersecurity firm FireEye found no sign of a breach — though that audit was done more than seven months after the election, the company told U.S. Sen. Ron Wyden of Oregon in a letter last month.
The 21 laptops will now be turned over to DHS, state elections board attorney Katelyn Love said Wednesday.
DHS spokeswoman Sara Sendek said the forensic examination, first reported by The Washington Post, along with other support her agency is providing North Carolina “may help to provide a better understanding of previous issues and help to secure the 2020 election.”
Hackers with access to electronic voter rolls could throw voting into disarray and damage voter confidence by changing names, addresses or polling places.
On Election Day in 2016, some Durham County voters complained that the electronic poll books registered them as having voted when they hadn’t. The company blamed the trouble on poorly trained poll workers and inadequate computer maintenance. A report by a security consultant hired by Durham County’s elections board supported that claim.
“We believed then and now that the cause of the problem was poll worker error, and that a forensic analysis would prove it,” Martin said in an email. The company remains confident the DHS review will prove its voting software “was not breached or compromised.”
Russian-backed hackers probed several dozen state voter registration databases ahead of the 2016 elections, federal authorities say, and gained access to Illinois’ voter rolls, though officials say there is no indication anything was altered or deleted. Florida’s new governor, Ron DeSantis, said in May that the FBI confirmed hackers also penetrated at least two county networks in Florida . His predecessor, Gov. Rick Scott, unseated Sen. Bill Nelson after slamming the Democrat as “sensational” for saying that Russians had hacked systems in Florida.
Florida and North Carolina are among eight states that use VR Systems’ EViD electronic polling book software. Lawson, who resigned from the North Carolina election agency last week, said it was installed on off-the-shelf commercial laptops in Durham County.
Election integrity activist Susan Greenhalgh welcomed the forensic exam but lamented that it took a combination of the Mueller report and the 2017 leaking of the classified NSA report that named VR Systems to get here.
Also, it’s entirely possible Russian tampering happened but the forensic exam will find nothing, she said.
“Its value is clearly going to be diminished because it took so long to do it,” she said.
DHS tries to help state and local election authorities secure their voting systems, but frequently encounters resistance, especially in states like Georgia where the current governor, Brian Kemp , even accused it of trying to hack his state when he was in charge of elections there.
“They have a disincentive to be too aggressive with states that are sensitive to being investigated,” Greenhalgh said.
North Carolina is not among those states. It has welcomed DHS assistance in fortifying election security.
Ultimately, responsibility for securing election systems falls on state and local elections authorities because of the decentralized nature of U.S. voting — even though outgoing DHS Secretary Jeh Johnson declared voting systems critical national infrastructure in January 2017.
Across the nation, they continue to be short on resources for cybersecurity. And voting equipment vendors — in a cutthroat market dominated by three companies — have resisted exposing their black box voting systems to aggressive security audits.
North Carolina sought to decertify VR System poll books in the state after the 2017 NSA leak. But VR Systems fought it successfully in court. Durham County moved to a state-provided poll book after 2016.
A National Academy of Sciences report last year that called for an urgent overhaul of the rickety U.S. election system. That report called for all U.S. elections to be held on human readable paper ballots by 2020.