NSA Leak Indicates Real Dangers Of Vote Hacking
Reprinted with permission from Alternet.
The Greens were right during 2016’s presidential recounts when they pressed states to allow computer security experts to examine their election computing systems for evidence of possible hacking.
That is one of the top takeaways from leaked National Security Agency documents that describe how Russian intelligence services targeted and infiltrated e-mails and computers of a private contractor servicing state voter registration databases in eight states and also sent phishing e-mails to 100-plus local election officials before Election Day.
Another top takeaway is the NSA documents show Russians are capable of copying basic moves from the Republican’s catalog of voter suppression tactics to impede voting: in this case by possibly scrambling voter files used to create polling place voter lists. (A related example of that GOP tactic is Ohio’s mass purge of infrequent voters, which comes before the Supreme Court next fall.)
But what the NSA document doesn’t prove is what many people are looking for—an evidence trail that Russia stole the election for Trump and the GOP. The NSA documents, disclosed in a Monday report in The Intercept, simply affirmed what the Greens said was a real issue and wanted to investigate in its 2016 presidential recounts—the extent to which cyber-stalkers, Russian or domestic, had infiltrated election systems in swing states.
Until the Intercept published its report, the Green’s concerns, their court filings by nationally known computer security experts and the issue writ large, had been dismissed by the mainstream media. But now that leaked NSA documents said these concerns had merit, and because Russians are involved, the issue is reborn—or at least the most superficial aspects.
“I don’t believe they got into changing actual voting outcomes,” Sen. Mark Warner, D-VA, told USA Today. “But the extent of the attacks is much broader than has been reported so far… None of these actions from the Russians stopped on Election Day.”
The NSA confirmed that Russian hackers had targeted a Florida-based election software firm that specialized in state voter registration databases and also targeted local election officials and their computer systems. The Intercept’s report had comments from respected computer scientists who said the cyber attacks could allow hackers to rummage through election office files and possibly scramble voter registration records in several states. They pointed to North Carolina, where on 2016’s Election Day there were complaints of broken-down e-poll books at precincts. The experts said precinct voter lists are generated from those voter registration databases.
Anything further was purely speculative. The experts said that getting inside more routine election office computers and networks are a necessary, but an insufficient step to possibly accessing separate counting systems—central tabulators. There are a lot of steps for that to happen and no proof it did.
What’s frustrating is the Green Party raised these red flags during their 2016 presidential recounts, including filing testimony by the same experts in the Intercept report. But mainstream media portrayed the Greens as conspiracy theorists or electoral meddlers or sore losers, or some mix of all those.
AlterNet also reported these then-likely, now-proven Russian hacks into the Florida-based registration database contractor last November. We noted the Election Day e-poll book confusion in North Carolina, quoting some of the experts in the Intercept’s report who raised the same questions being asked now. Namely, how vulnerable are government election computer systems?
There are more than 10,000 government jurisdictions nationwide running elections. They use different computer systems. But they’re not immediately nor readily interconnected. Voter registration databases are not on the same networks as vote-count tabulators. What they have in common is that most run on hardware that dates to 2005. They’re easy prey for Internet predators.
The question of infiltration by Russians—or as likely, domestic Republican hactivists—was a line of inquiry in the Green Party’s push for a presidential recounts in three states, Michigan, Pennsylvania and Wisconsin.
The Greens Tried To Expose These Very Issues
Remember the recounts? The Greens raised millions from progressives over the Thanksgiving weekend and filed in the three states where, collectively, Trump won by 80,000 or so votes.
In Michigan, tens of thousands of paper ballots read by electronic scanners in black urban counties were missing presidential votes. The Greens wanted to hand count those ballots because commercial high-speed scanners have known error rates. They wanted to look inside Pennsylvania’s completely paperless voting machinery for traces of malware that could fractionally adjust vote totals. Both states and Republicans refused to cooperate, even though Pennsylvania has a Democratic chief state elections officer.
In Wisconsin, where a recount was not stopped midway in court, election transparency activist observers saw its machines had cell-phone modems, a hacking pathway that police regularly use to spy on suspects. Couldn’t these be accessed to plant malware, they asked, echoing the Green’s court filings.
They got nowhere. State election officials and Republicans scoffed when the Greens or democracy activists wanted a closer look. The known electronic vulnerabilities and stonewalling from officialdom led many people to blur important distinctions and conclude ‘this is how it could be stolen.’
That’s not different from some of the coverage following from Intercept’s report—where many people are excited, or scoffing that it didn’t prove the election was stolen by Russia. That’s not what the NSA documents prove. That’s not what Virginia’s Sen. Warner told USAToday.
So what do we really know that’s new? We know that state voter registration databases were targeted and accessed. These databases are electronically tied into state motor vehicle records, state department of corrections records and federal Social Security records—because all are used to verify registration information. If you scramble voter registration records in key precincts, in swing counties, in swing states, you can cause delays at polls when people show up expecting to vote but find they are not listed and raise a fuss.
That’s apparently what resulted in North Carolina last November—which the Greens mentioned then and was one of the more solid examples in the Intercept report. Why that happened is more complex and still unknown.
“Was the shut-down of the electronic poll book system in Durham County the result of a benign malfunction or an intentional hack?” the Green’s lead attorney told AlterNet last fall. “If it was the latter, who was behind the cyber attack? These questions must be answered immediately, especially if the answers lead to questions about the integrity of the election process in other jurisdictions.”
But here’s the key point: there could be other causes for this shabby result. There were so many nasty things that Republicans in North Carolina were doing to likely Democratic voters that could also explain why the poll books were a mess in some Durham County precincts.
This is the same state where the Supreme Court issued two rulings in the past month concluding that its GOP racially discriminated against blacks when drawing congressional and state political districts. This is the same state where a federal court last summer said the GOP targeted black voters with “surgical precision” to block them from voting: by narrowing ID laws, curtailing early voting and more. This is the same state where its top election official, a Republican, told their legislators in June 2016 that she had a list of 30,000-plus illegal voters—after getting a list from a notorious Republican vote suppressor, Kansas Secretary of State Kris Kobach, casting suspicions on 455,000 voter registrations statewide. Were some purged?
Was that the real reason there were poll book snafus last November? Nobody who knows is saying. When Intercept asked North Carolina election officials for statements, those Republicans said there was nothing wrong. A blanket denial obscures a range of possibilities. That’s what the Greens wanted to probe via a recount while the evidence trail was still fresh. The leaked NSA documents had a May 2017 date—six months later.
The notion that Russians hacked into the voting machinery and they alone could swing presidential and other federal elections is too one-dimensional when cast against the Republicans vast voter suppression playbook. That’s not to discount what the Russians did or didn’t do.
One could argue, as Jonathan Allen and Amie Parnes do in their new book about Hillary Clinton’s campaign, Shattered, that the Russia-fed Wikileaks emails that dethroned DNC chair Debbie Wasserman Schultz and hounded campaign chair John Podesta for months last fall was more damaging. That was another example of a cyber attack with serious electoral consequences.
But because Russians were tinkering with America’s election machinery, because Russian President Vladimir Putin denied but then admitted some role, and because Trump’s Russia ties are not fully known and the subject of multiple congressional investigations, America’s rickety election machinery is now under new scrutiny.
Or perhaps it isn’t. Because as the focus keeps shifting to the Kremlin instead of how voting is run across the country, the same issues the Greens tried to raise in November 2016 will likely recede. And America’s wobbly voting infrastructure will remain mostly unchanged for 2018 and 2020.
Steven Rosenfeld covers national political issues for AlterNet, including America’s democracy and voting rights. He is the author of several books on elections and the co-author of Who Controls Our Schools: How Billionaire-Sponsored Privatization Is Destroying Democracy and the Charter School Industry (AlterNet eBook, 2016).
This article was made possible by the readers and supporters of AlterNet.