Voters cast their Ballots in August among an array of Electronic Voting Machines in a Polling Station at the Noor Islamic Cultural Center in Dublin, Ohio. The Machines were Manufactured by Elections Systems and Software (ES&S), the Largest Manufacturer of Voting Equipment in the Country. Then the State discovered a Russian Oligarch now Finances the Company that Hosts its Voting Data.
Then there's the Company that Manufactures and Services Voter Registration Software in Eight States that found itself Hacked by Russian Operatives leading up to the 2016 Presidential Election.
Then ES&S which Initially Denied and then Admitted it had Installed Software on some of its systems, so they could do Remote Updates, considered by Experts to be extremely Vulnerable to Hacking. It has agreed to Disable the Service, if asked by the State. The Software was provided on Election-management Systems. While these systems are not the Machines that Voters Cast Ballots on, they are used to Program those Voting Machines and to Aggregate and Report Final Results. In an interview with NPR, ES&S Vice President, Kathy Rogers. said around 300 Voting Jurisdictions were provided the Software, which helped the Company provide IT Support.
In New York, which uses ES&S machines in: Albany County, Erie County, Nassau County, New York City, Rockland County, and Schenectady County, had ES&S Remove the Question to Activate the Remote Software Module, during Installation of the System, and Deactivate the Remote Software on Existing systems.
Private Companies play a Crucial Role in Elections, from Printing and Designing Ballots, to Manufacturing Voting Machines, to Hosting Results websites. The Industry exists because the Local and State Governments who Run Elections don't have the Resources or Expertise to Maintain All Aspects of an Election themselves.
As the U.S. grapples with how to make its Elections more Secure, the Voting Industry's Security Practices are under Scrutiny like never before.
"Election officials have been doing a ton around election security, but if that same thing isn't going on at the vendor level, then that creates a really big potential vulnerability for the entire system," said Edgardo Cortéz, an Election Security Adviser for the Brennan Center, and a former Virginia Elections Official.
Maryland had been Contracting with Sidus to hold much of the State's Voting Data, including its Online Voter Registration system and its Election Night Results website. After a Buyout, nothing really changed, according to Maryland Deputy Elections Administrator Nikki Charlson. "The team members were the same," she said. This past July however, Charlson got some surprising News.
The FBI organized Briefings with Elections Officials and Politicians in the State to let them know that ByteGrid is Financed by AltPoint Capitol Partners, whose Fund Manager is Russian and whose largest Investor is a Russian Oligarch, Vladimir Potanin. "Who would've thought? I mean, we were obviously very cyber aware, doing all the best practices for I.T. systems and that, but who would've thought?" said Charlson. "That's out of a Tom Clancy novel, right?"
While there's no evidence any Votes Cast or Registrations in the State were affected, and ByteGrid emphasizes its Investors have No Involvement or Role in its Operations, Maryland is considering whether to End its Contract with the Company. "We're looking at all options," Charlson said, before adding that she would be asking about the Financial Ties of any Companies the State decides to Contract with going forward.
The Florida Breach:
An NSA Document Leaked last year to The Intercept, detailed how Russian Operatives hacked a Florida Election Vendor, VR Systems, that Sells and Maintains Voter Registration Software.
After the Document Surfaced, the Company denied that Russia Gained Access, including in an Interview with NPR. "Some emails came into our email account that we did not open. Even though NSA says it's likely that we opened them, we did not," said Company Executive Ben Martin in a June 2017 Interview. "We know for a fact they were never opened. They did not get into our domain."
But an Indictment filed in July 2018 by Special Counsel Robert Mueller's Office says Russian Operatives "hacked into the computers of a U.S. vendor that supplies software used to verify voter registration information for the 2016 U.S. elections."
The Details in the Indictment match up with what was Laid out in the NSA Document. The Hackers used an Email Address Designed to look like a VR Systems Email Address to send over 100 Phishing Emails containing Malware to "organizations and personnel involved in administering elections in numerous Florida counties."
During the 2018 Primary, many Florida Voters claimed their Party Registration was changed or they had been Purged from the Voting Rolls.
National Many Electronic Voting Machines Are Not Secure:
"These companies want to be gatekeepers of our democracy, but they seem completely uninterested in safeguarding it," Senator Ron Wyden (D-OR) said at a Senate Rules Committee Hearing this Summer. Since last October, Wyden has gone back and forth with ES&S, about Security Holes in its Equipment.
While Election Officials argue that the Decentralized way the U.S. conducts Elections makes it incredibly Susceptible to Disruption, a Company like ES&S could provide a more appealing Target, because its Equipment is used in 41 States.
Going forward. The Challenge for Public Officials is that they have No Visibility into the Companies' Practices. Like most other Industries, there's currently No Requirement Companies Publicly say if they've had a Security Breach.
The Secure Elections Act is a Bipartisan Bill that establishes Protocols for Cyber Threat Information Sharing between State Election Officials and the Department of Homeland Security (DHS). The Bill also puts the Onus on Vendors of Voting Technology to Report Possible Hacks to State Officials and for State Officials to Notify DHS.
NYC Wins When Everyone Can Vote! Michael H. Drucker
No comments:
Post a Comment