Media Release: Audit Language of the Secure Elections Act Falls Short of Standard for Effective Election Cyberdefense

Marian K. Schneider: “Verified Voting cannot in good conscience support the Secure Elections Act unless the previous audit language of the bill is restored

The following is a statement from Marian K. Schneider, president of Verified Voting, formerly Deputy Secretary for Elections and Administration in the Pennsylvania Department of State, regarding the Chairman’s mark of the Secure Elections Act. For additional media inquiries, please contact christy@newheightscommunications.com.

“Voter-verified paper ballots and manual post-election audits provide robust assurance that election outcomes are not manipulated in a cyberattack, and the most important thing elected officials can do to effectively secure the voting process is to require this combination of safeguards, together.

Unfortunately, the Chairman’s mark of the Secure Elections Act falls short of this standard. Unlike previous versions of the language, including the House companion bill introduced last month, the Chairman’s mark removes language that would have required audits to be conducted ‘by hand and not by device.’ This omission would permit software-based audits of digital records that do not provide a meaningful verification of the software that counted the votes. Cybersecurity experts agree that a manual inspection of the actual ballots marked by voters is essential to detecting interference or programming errors.

Verified Voting cannot in good conscience support the Secure Elections Act unless the previous audit language of the bill is restored and the SEA ensures that elections are defended by effective audit processes.”

Verified Voting Blog: Pamela Smith: Testimony Submitted to the Little Hoover Commission

Download Testimony as a PDF

Honorable Members of the Commission: I serve as Senior Advisor to Verified Voting, a national non-partisan non-profit educational and advocacy organization committed to safeguarding elections in the digital age. Verified Voting advocates for the responsible use of emerging technologies to ensure that Americans can be confident their votes will be cast as intended and counted as cast. We promote auditable, accessible and resilient voting for all eligible citizens. I previously served as President of Verified Voting for more than a decade. I have provided information and testimony on voting technology and policy issues at federal and state levels, including to the US House of Representatives Committee on House Administration, and earlier this year at the Joint Hearing of Assembly Elections and Redistricting and Senate Elections and Constitutional Amendments Committees, on Cybersecurity and California’s Elections.[1. March 7, 2018. https://selc.senate.ca.gov/content/oversightinformational-hearings]

I have curated an extensive information resource on election equipment and regulations nationwide, and co-authored several key works on election security policy, including Principles & Best Practices for Post Election Audits[2. Electionaudits.org/principles] and the introductory chapter of Confirming Elections: Creating Confidence and Integrity through Election Auditing.[3. Palgrave/MacMillan, 2012.] I participate in the Future of California Elections, a collaboration between election officials, civil rights organizations and election reform advocates to examine and address the unique challenges facing the State of California’s election system.[4.  Futureofcaelections.org] I also serve on the Los Angeles County Voting Systems for All People (VSAP) Technical Advisory Committee.[5. vsap.lavote.net]

In my capacity at Verified Voting I have worked with advocates, election officials and lawmakers from all across the country. In my view, the states that do the best on metrics relating to voting system security are often the ones that continue to look for and embrace opportunities to improve. As security threats do not stand still, neither can those whose work it is to safeguard our elections and consequently our democracy. I applaud the Little Hoover Commission for taking up this crucial topic of investigation, and am pleased to participate in and contribute to that effort.

Election security is not an on-off switch, where a thing either is secure or it is not. Rather it involves incrementing layers of effort, analysis, systems and procedures, all created or conducted by people, all while balancing costs and priorities. Such incremental measures harden a system, making it more secure than before and solving for problems when they occur. Perfect security is not attainable, but diligence in the pursuit of secure elections is.

Post Election Audits: Verified Voting’s Guide to RLAs in One Infographic

Verified Voting debuted its latest infographic, “A Flowchart for Conducting Risk-Limiting Audits,” at the National Association of Secretaries of States (NASS) 2018 Summer Conference in Philadelphia. In addition to sharing this with election officials at the conferences this summer, Verified Voting is working closely with jurisdictions to demonstrate how to implement robust post-election audits. Check it out below:

RLA Flowchart

This handy flowchart explains the process of conducting a risk-limiting-audit (RLA)

The infographic is part of a series of visuals Verified Voting is creating. This piece breaks down RLAs in a flowchart, and follows the release of “Safeguarding Our Elections: The Solutions to Vulnerabilities in Election Security,” this past June. You can download the infographic here or find it on our Twitter or Facebook.

Media Release: Security Experts Call on ES&S to Provide States with Steps to Disable Problematic Software Installed on Voting Machines

Marian K. Schneider: “Verified Voting calls on all the voting system vendors to be full partners in the effort to secure our elections.”

The following is a statement from Marian K. Schneider, president of Verified Voting, following news that ES&S, the country’s top voting-machine maker, admitted installing problematic remote-access software on election-management systems that it sold over a period of six years. For additional media inquires, please contact aurora@newheightscommunications.com

“Computer security experts agree the computers that program precinct voting devices should never contain any type of remote access software because the presence of this software could lead to hacking that can change election results. To safeguard election systems and instill confidence in the voting process, ES&S should be transparent about which states’ computers have this remote access software installed and provide information about the steps needed to disable or remove it.

“Verified Voting calls on all the voting system vendors to be full partners in the effort to secure our elections. We must all stand shoulder to shoulder to defend our democracy against both internal and external threats that seek to undermine our elections.”

Media Release: Congressional Briefing on Election Cybersecurity

Washington, D.C. — On Tuesday, July 10, a bipartisan group of leading authorities on election administration and cybersecurity will be on Capitol Hill to present an overview of current election security challenges facing federal and state policymakers. Introduced by Senator James Lankford (R-OK), the panel conversation comes one day ahead of a Senate Rules Committee hearing on the issue and months before November’s midterm elections.

When:
Tuesday, July 10, 2018
1:30 PM – 3:30 PM EDT

Where:
Capitol Visitors Center, Room SVC 202/203
First St NE, Washington, DC 20515

Experts will discuss key steps states should be taking to shore up electronic voting systems, which remain not only vulnerable to cyber-attacks but also a prime target of them. According to a recent report issued by the Senate Intelligence Committee, foreign agents targeted election systems in 18 states, conducted malicious access attempts on voting-related websites in at least six states, and additionally gained access to voter registration databases in a small number of states.

Verified Voting Blog: Verified Voting Designs New Ways to Think About Election Security

Summer is here and that means Verified Voting’s work is heating up! In the past few months Verified Voting has added staff, increased our state work, produced a valuable toolkit for election officials and advocates that received press in POLITICO and The Hill and created a set of infographics and maps which appeared in the Wall Street Journal and NPR (make sure to scroll down to see Verified Voting’s latest infographic: “Safeguarding Our Elections: The Solutions to Vulnerabilities in Election Security”).

The media continues to be instrumental in helping us raise awareness about safeguarding elections. Here are some recent highlights:

Fast Company – How U.S. Election Officials Are Trying To Head Off The Hackers
Bloomberg – Hack-Resistant Vote Machines Missing as States Gird for ’18 Vote
Reuters – Ahead of November election, old voting machines stir concerns among U.S. officials
Washington Post – How Colorado became the safest state to cast a vote
Associated Press – Election Hacking Puts Focus on Paperless Voting Machines
Axios – Exclusive poll: Majority expects foreign meddling in midterms
POLITICO – Election system experts debate merits of wireless tech in voting machines

Verified Voting Blog: Verified Voting’s Guide to Election Security in One Infographic

Verified Voting has gone visual! In addition to recently collaborating with the Wall Street Journal and NPR on maps depicting voting technology across the states, Verified Voting created its own infographic: “Safeguarding Our Elections: The Solutions to Vulnerabilities in Election Security.”

The infographic is the first in a series of visuals Verified Voting is creating. This piece breaks down the state of our elections, which states are most vulnerable, the solution and what people can do. We urge you to take a look and share with your networks. You can download infographic or find it on our Twitter or Facebook.

Media Release: Toolkit Advises Advocates and Election Officials on How to Secure the Nation’s Voting Machines

A joint project from Verified Voting, the Brennan Center, Common Cause and the National Election Defense Coalition suggests ways states can use Congressional election security funds.

Download the toolkit as a PDF. For additional media inquires, please contact aurora@newheightscommunications.com.

A new toolkit designed for advocates and election officials offers suggestions for best practices for conducting post-election audits as well as tips for local jurisdictions considering purchasing new voting machines. The toolkit, “Securing the Nation’s Voting Machines,” is a joint project between Verified Voting, the Brennan Center for Justice, Common Cause and the National Election Defense Coalition.

“Cyber security experts agree that our voting systems need to be resilient and allow jurisdictions to monitor, detect, respond and recover from an event that interferes with the software. Resilient systems incorporate a paper ballot that is retained for recounts and post-election audits,” said Marian K. Schneider, president of Verified Voting. “This toolkit provides a roadmap for election officials nationwide who are looking to implement these resilient systems.”

Verified Voting Blog: Letter to State Election Officials on Best Practices for Voting Funds

Download letter as PDF

On March 23rd, Congress allocated $380 million to states to upgrade election security. This is a positive development. In the age of unprecedented hacking risks, researchers have found that electronic voting infrastructure — including voting machines and registration databases — have serious vulnerabilities. While there’s no evidence that vote totals were hacked in 2016, there’s strong evidence that hackers have been testing the waters.

While federal funding can help states address these issues, simply upgrading or replacing election infrastructure is not sufficient. It is essential that states work with the Department of Homeland Security or other trusted providers to scan their systems for cyber vulnerabilities, and follow best practices identified by computer scientists, national security leaders, and bipartisan experts in elections administration to mitigate hacking risks. On March 20, the Senate Select Committee on Intelligence released its long-awaited recommendations on election security and concluded that requiring paper ballots, banning wireless components and implementing statistically sound audits of election results are essential safeguards. Last year, a group of 100 leading computer scientists and other election administration experts voiced the same conclusion. Through years of researching voting equipment security in real election administration environments, the National Institute of Standards and Technology (NIST) has come to similar conclusions about what it will take to defend elections.

Verified Voting Blog: Bruce Schneier: American elections are too easy to hack. We must take action now.

This article was published by The Guardian on April 18, 2018Bruce Schneier is a fellow and lecturer at Harvard Kennedy School and a member of the advisory board of Verified Voting.

Elections serve two purposes. The first, and obvious, purpose is to accurately choose the winner. But the second is equally important: to convince the loser. To the extent that an election system is not transparently and auditably accurate, it fails in that second purpose. Our election systems are failing, and we need to fix them.

Today, we conduct our elections on computers. Our registration lists are in computer databases. We vote on computerized voting machines. And our tabulation and reporting is done on computers. We do this for a lot of good reasons, but a side effect is that elections now have all the insecurities inherent in computers. The only way to reliably protect elections from both malice and accident is to use something that is not hackable or unreliable at scale; the best way to do that is to back up as much of the system as possible with paper.

Recently, there have been two graphic demonstrations of how bad our computerized voting system is. In 2007, the states of California and Ohio conducted audits of their electronic voting machines. Expert review teams found exploitable vulnerabilities in almost every component they examined. The researchers were able to undetectably alter vote tallies, erase audit logs, and load malware on to the systems. Some of their attacks could be implemented by a single individual with no greater access than a normal poll worker; others could be done remotely.

Verified Voting Blog: Federal Funds for Election Security: Will They Cover the Costs of Voter Marked Paper Ballots?

Download the Brennan Center/Verified Voting Full Report (PDF)

Under the terms of the omnibus spending bill voted on by the House, states will receive $380 million within months to start to strengthen the security of our nation’s election infrastructure. This near-term funding is the product of tireless work by members of both parties, and a critical acknowledgment from Congress that protecting our elections is a matter of national security. States can use the funding immediately to begin deploying paper ballots, post-election audits, and other essential cybersecurity improvements. However, the new funding is only a first step, as many in Congress have acknowledged, and further Congressional action will be necessary in order to ensure that future elections are secure.

Most significantly, the omnibus funding as allocated to the states under the Help America Vote Act (HAVA) will not be enough for some states to replace their insecure voting machines. Because paperless electronic voting systems are highly vulnerable to cyberattacks, it is urgent that those systems be replaced as soon as possible, as the Senate Select Committee on Intelligence (SSCI) recommended earlier this week. Until this is done, it will be impossible to ensure that election results as reported by the voting system have not been corrupted by a cyberattack.

Thirteen states, including key swing states like Pennsylvania, continue to use paperless voting today. One of the main reasons is cost: cash-strapped states simply can’t afford to replace this aging equipment. Unfortunately, our analysis shows that under the new federal funding, five of the 13 states with paperless machines will receive less than 25 percent of the money they may need to replace them. Moreover, most states will also need to use some of the new funding to pay for improved auditing and other security measures, leaving even less for crucial technology upgrades.

Media Release: Georgia: Election Integrity Experts Do Not Support the Current House Version of SB 403

Marian K. Schneider: The only people who are happy with SB 403 are voting system vendors who are salivating over the chance to sell many more machines than necessary.”

The following is a statement from Marian K. Schneider, president of Verified Voting, about why Georgia’s current Senate Bill 403 cannot ensure a verifiable and accurate election system. For additional media inquires, please contact aurora@newheightscommunications.com

“Election Integrity experts are not happy with Senate Bill 403 because it leaves the door wide open for Georgia to select insecure systems rather than slamming that door shut in favor of secure and verifiable systems. SB 403 does not mandate a voter-marked paper ballot, marked either by hand or accessible ballot marking device that is counted by a ballot scanner. It allows that possibility, but it also allows for insecure voting machines that record, count and report the voter’s selections while purporting to offer a paper record to the voter. Not only is the door to insecure voting wide open, but the bill language could be read to require all voters to vote on an electronic ballot marking device. That outcome would be needlessly expensive for Georgia taxpayers but it would be more than a welcome outcome for voting system vendors who are anxious to sell as many machines as possible.

Media Release: Senate Intelligence Committee’s Recommendations Outline Urgent Need for Paper Ballots, Post-Election Audits

Marian K. Schneider: The recommendations…make the case that states need immediate federal support to build a stronger defense.”

(March 21 2018) — The Senate Select Committee on Intelligence released a report today about Russian targeting of election infrastructure during the 2016 election. Read the full set of recommendations here. The following is a statement from Marian K. Schneider, president of Verified Voting:

“The Senate Select Committee on Intelligence (SSCI) report recognizes that voter-verified paper ballots and post-election audits are the best way – given current technology – to ensure that an attack on our voting systems can be detected and the outcome verified.

“As the Intelligence Committee hearing established again this morning, there was foreign interference during the 2016 election and a real possibility that similar acts to undermine faith in our democratic system will occur again. Security experts agree that safeguarding and protecting our election systems is important, and the Intelligence Committee report is another indication that Congress and state governments must urgently address the vulnerabilities in our election systems, both by mandating voter-verified paper records and audits as well as allocating resources to accomplish these goals.

Media Release: Verified Voting Opposes Georgia’s Current Voting Machine Legislation

Marian K. Schneider:[T]he current bill will perpetuate the cycle of unverifiable voting in Georgia. Verified Voting cannot support the bill unless significant changes are made.”

The following is a statement from Marian K. Schneider, president of Verified Voting, about why Georgia’s current Senate Bill 403 cannot ensure a verifiable and accurate election system. For additional media inquires, please contact aurora@newheightscommunications.com

“Georgia voters need a secure voting system with voter-marked paper ballots and audits, but instead, Georgia’s electoral system is left insecure and unverifiable. The current version of Senate Bill 403, which recently passed the House Government Affairs Committee, has morphed into a sweetheart deal for a group of voting machine vendors. Georgia voters are simply demanding a verifiable secure election system …nothing more.

Verified Voting Blog: Pennsylvania Takes Critical Steps Toward Election Security by Purchasing Voter-Verifiable Paper Systems

Marian K. Schneider: “We applaud this decision today to increase the integrity of Pennsylvanias elections and its move to safeguard elections.”

The following is a statement from Marian K. Schneider, president of Verified Voting, formerly Deputy Secretary for Elections and Administration in the Pennsylvania Department of State, on Pennsylvania’s announcement that it will no longer purchase paperless DREs and that going forward all new voting machines must have a voter-verifiable paper ballot or paper record. For additional media inquires, please contact aurora@newheightscommunications.com 

“Pennsylvania is taking a critical step towards safeguarding elections by replacing its aging voting systems and restoring voters’ faith that their votes will be counted as cast. The only way to address the risk of software problems is to require a physical paper ballot that can be used to check the computer-generated votes.

Verified Voting Blog: Marian K. Schneider: It’s time to safeguard our elections

This oped was originally published in the York Dispatch on February 1, 2018.

An oversight in York County, Pennsylvania on the eve of last November’s Election Day questioned the rightful winner of the election, but thankfully the potential damage stopped there. Still, the discovery of a technical error — one that allowed voters to cast multiple votes for a candidate in races with cross-filed candidates — risked the integrity of the election. This could’ve been easily preventable with paper ballots.

Most Pennsylvania voters are using paperless electronic voting machines to cast their ballot. The problem is that these outdated machines — also known as direct recording electronic (DRE) systems —are unverifiable. DREs, or voting machines without paper ballot back-up, have been the source of controversy for years because of their inability to allow anyone to verify the results. Instilling confidence in election outcomes can only occur by replacing these systems with newer ones that provide a software independent record of voter intent and implementing statistically meaningful audits of those records.

We know there was foreign interference during the 2016 election cycle, and that similar acts to undermine faith in America’s democratic systems are a possibility. Security experts agree that safeguarding and protecting election systems is important and that no system is completely secure. That’s why security experts recommend ensuring that all computer-based systems, including voting machines are resilient, that is, they have the ability to identify a problem and recover from it. Replacing the outdated voting systems with resilient machines is imperative before the 2018 elections because, for more than 80 percent of Pennsylvania voters in 50 counties, no one has any way of knowing whether the paperless voting machines correctly captured voter intent.

Media Release: Verified Voting Says Paper Ballots and Post-Election Audits Can Safeguard our Elections as State and Local Election Officials Discuss Election Security

Marian K. Schneider: “Passing the bipartisan Security Elections Act will advance our nation’s efforts to protect and ensure trustworthy elections.”

The following is a statement from Marian K. Schneider, president of Verified Voting, regarding the U.S. Election Assistance Commission (EAC) summit held today in Washington, D.C. For additional media inquires, please contact aurora@newheightscommunications.com  

“As officials look to address the risks our elections face today, it is essential that voter-verified paper ballots and post-election audits are recognized as the best way – given current technology – to ensure that an attack on our voting systems can be detected and the outcome verified. With midterm elections quickly approaching, it’s time we also prepare to monitor, detect, respond and recover from these potential attacks. The good news is that we can, and Congress has a bill that goes a long way in doing so.

“The bipartisan Secure Elections Act, introduced late last month by Sen. James Lankford (R-OK) and co-sponsored by Sen. Amy Klobuchar (D-MN), Sen. Lindsey Graham (R-SC), Sen. Kamala Harris (D-CA), Sen, Susan Collins (R-ME) and Sen. Martin Heinrich, (D-NM), aims to provide states with the resources needed to implement these safeguards. 

Media Release: Verified Voting Urges Congress to Pass the Secure Elections Act; Bipartisan Legislation Empowers States to Protect Themselves

Marian K. Schneider: “Passing the bipartisan Secure Elections Act will advance our nation’s efforts to protect and ensure trustworthy elections.”

The following is a statement from Marian K. Schneider, president of Verified Voting, on the Secure Elections Act, which was introduced by Sen. James Lankford (R-OK) and co-sponsored by Sen. Amy Klobuchar (D-MN), Sen. Lindsey Graham (R-SC),Sen. Kamala Harris (D-CA), Sen, Susan Collins (R-ME) and Sen. Martin Heinrich,(D-NM) on December 21, 2017.

“The Secure Elections Act addresses the new reality that our election infrastructure must be protected as matter of national security. At a time when our democracy needs increased protection, Congress should fast-track the newly introduced Secure Elections Act to provide resources for states to safeguard our voting systems and ensure election infrastructure is resilient.

“This bipartisan legislation establishes a structured grant program that creates incentives for states to adopt good cyber hygiene measures in accordance with guidelines developed by an advisory panel of experts. Coupling grants to the states with effective guidelines on spending will ensure the money is used well and moves toward strengthening our elections. In addition, the bill improves the exchange of information about security threats among the different levels of government to allow timely response and action.

Media Release: Election Security Experts Urge Congress to Pass the Security Elections Act; Bipartisan Legislation Empowers States to Protect Themselves

Marian K. Schneider: “Passing the bipartisan Security Elections Act will advance our nation’s efforts to protect and ensure trustworthy elections.”

The following is a statement from Marian K. Schneider, president of Verified Voting, on the Secure Elections Act, which was introduced by Sen. James Lankford (R-OK) and co-sponsored by Sen. Amy Klobuchar (D-MN), Sen. Lindsey Graham (R-SC),Sen. Kamala Harris (D-CA), Sen, Susan Collins (R-ME) and Sen. Martin Heinrich,(D-NM) on December 21, 2017. For additional media inquires, please contact aurora@newheightscommunications.com  

“The Secure Elections Act addresses the new reality that our election infrastructure must be protected as matter of national security. At a time when our democracy needs increased protection, Congress should fast-track the newly introduced Secure Elections Act to provide resources for states to safeguard our voting systems and ensure election infrastructure is resilient.

“This bipartisan legislation establishes a structured grant program that creates incentives for states to adopt good cyber hygiene measures in accordance with guidelines developed by an advisory panel of experts. Coupling grants to the states with effective guidelines on spending will ensure the money is used well and moves toward strengthening our elections. In addition, the bill improves the exchange of information about security threats among the different levels of government to allow timely response and action.

Verified Voting Public Commentary: Verified Voting Testimony before the Pennsylvania State Senate Senate State Government Committee: Voting System Technology and Security

Download as PDF

The security of election infrastructure has taken on increased significance in the aftermath of the 2016 election cycle. During the 2016 election cycle, a nation-state conducted systematic, coordinated attacks on America’s election infrastructure, with the apparent aim of disrupting the election and undermining faith in America’s democratic institutions. Intelligence reports that have been published in 2017 demonstrate that state databases and third-party vendors not only were targeted for attack, but were breached.1 Regardless of the success of hacking attempts in 2016, the consensus among the intelligence community is that future attacks on American elections are inevitable.2 The inevitability of attacks is a key concept in cyber security, that is, it’s not whether a system will be attacked, but when.

The existence and national significance of this threat have escalated the priority of securing Pennsylvania’s elections infrastructure. Two primary areas that require immediate and sustained attention are 1) securing both the state and county networks, databases and data transmission infrastructure that touch elections; and 2) instilling confidence in election outcomes by replacing legacy voting systems with new systems that permit reliable recounts and audits.

During the time that I served the Commonwealth as Deputy Secretary for Elections and Administration and Special Advisor to the Governor on Election Policy, I worked with the Office of Administration-Office of Information Technology to protect the Commonwealth’s networks that touch elections and to implement procedures to recover from any potential attacks. These efforts complied with cyber security best practices to monitor, detect, respond and recover. OA-OIT’s experienced staff is continuing this effort, and along with the Department of State, they have engaged county CIOs and technology staff to coordinate similar efforts at the counties working through the Commonwealth’s relationship with the County Commissioners Association of Pennsylvania (CCAP). Assuming the administration receives support from the General Assembly, the Commonwealth is on the right track to taking the necessary steps to monitor, detect, respond and recover from cyber attacks.

Media Release: Election Security Experts Raise Concern about the Integrity of Alabama’s U.S. Senate Election if a Recount is Needed

Download as PDF

Marian K. Schneider: “Alabama’s recount laws won’t do enough to protect voters’ votes.”

The following is a statement from Marian K. Schneider, president of Verified Voting, on election integrity, and the need for manual recounts and audits. For additional media inquires, please contact aurora@newheightscommunications.com  

“All eyes might be on the candidates running for the U.S. Senate seat in Alabama, but Alabama’s election practices and recount laws also deserve scrutiny. If the race goes to a recount following the election, Alabama’s recount laws won’t do enough to protect voters’ votes because it has no audit structure in place and relies on re-tabulation – where ballots that were tabulated by optical scanners are now re-tabulated by machine. If a recount occurs, it cannot be relied on to detect and correct a potential error in the computerized count unless it is done manually.

Verified Voting Blog: Testimony of Verified Voting to the Georgia House of Representatives House Science and Technology Committee

Download as PDF

Georgia’s voting machines need an update. The lifespan of voting machines has been estimated at 10-15 years.1 Purchased in 2002 Georgia’s voting machines are at the outside of that estimate. As voting systems age they are more susceptible to error, malfunction or security threats potentially losing or miscounting votes.

Georgia is one of only a handful of States that is still casting votes on entirely electronic voting systems, known as Direct Record Electronics (DREs). These machines record votes only in digital form; if the digital records are corrupted, either by benign error or malicious attack, there are no backup records and no way to know whether votes have been corrupted. When Georgia purchased these machines in 2002, the national trend was toward paperless touchscreen voting machines. Since then, however, most states moved away from paperless voting systems, driven by mounting research establishing these machines’ security flaws and some high profile and costly machine failures.2 Most of the nation has adopted voting systems that rely on a voter-marked paper ballot, an election safeguard recognized as essential by election officials and computer security experts alike.

A paper ballot provides a durable, physical record that is out of reach of a cyber attack and cannot be lost by a digital malfunction or programming error. Paper ballots can be used in a recount or to perform a post-election audit or check on the election results to help ensure the election outcome is correct. Today roughly 70% of voters in our nation mark a paper ballot which is counted by an electronic scanner.

Verified Voting Blog: Testimony of Verified Voting to the New York State Assembly Standing Committee on Election Law

Download as PDF

In 2016 the threat of cyber attacks on our elections from foreign entities became an alarming reality. We learned that an adversarial nation was targeting our election systems with the intent to disrupt and undermine the legitimacy of our free, democratic government. In the declassified report “Assessing Russian Activities and Intentions in Recent U.S. Elections” the U.S. Intelligence Community warned that “Russian intelligence obtained and maintained access to elements of multiple US state or local electoral boards.”1 Several months ago we learned that the U.S. Department of Homeland Security (DHS) contacted officials in twenty-one states to notify them that their election systems had been targeted by Russian hackers. When asked at a June hearing of the Senate Select Committee of Intelligence if we should expect continued cyber attacks on our election infrastructure, then FBI director James Comey stated emphatically, “[t]hey will be back.”2 The gravity of this threat cannot be overstated. It is critical that we take every precaution to protect our election systems.

The stealth, skill and sophistication of today’s state-level cyber attackers should not be underestimated. Cyber security experts have warned that attacks today continue to outpace our ability to defend against them. The unending list of high profile and well-defended enterprises that have fallen victim to cyber attacks3 demonstrates the impracticality of trying to defend any computer system absolutely. Further complicating the problem, our election offices are typically under-resourced and understaffed. Though the New York State Board of Elections currently has in place some of the more advanced cyber security and cyber hygiene requirements for election systems, we cannot expect our county election offices to defend against cyber attacks from a state-level attacker.

Verified Voting Blog: Verified Voting Testimony for the New Jersey State Assembly Judiciary Committee

Verified Voting is a national non-partisan, not for profit research and advocacy organization founded by computer scientists and committed to safeguarding democracy in the digital age. We promote technology and policies that ensure auditable, accessible and resilient voting for all eligible citizens. We urge you to adopt the proposed amendments and vote “YES” on A-4619.

New Jersey is one of only a handful of states whose voters are still casting votes on entirely electronic voting systems, direct recording electronic (DREs). Because these systems record votes directly onto computer memory without any independent paper record of the vote, they are especially vulnerable to undetectable and uncorrectable errors in the vote count.

Numerous studies and security evaluations of DRE systems over the years have found that the DREs in use in New Jersey have insecurities making them vulnerable to undetectable manipulation and tampering.1 Because DRE systems prevent anyone from verifying that the electronic tally accurately reflects voter intent, many States have discontinued the use of electronic DRE voting systems in favor of paper ballots. In 2006 only 25% of voters nationwide cast their ballots on paper but in 2017 more than 70% of U.S. voters marked a paper ballot.2

Verified Voting Blog: Yes, Voting Machines Can Be Hacked – Now the Hard Work Begins

DEFCON Report on Machine Vulnerabilities Critical First Step in Raising Awareness, But to Secure Election Systems, States Must Adopt Paper Ballots

A new report on cyber vulnerabilities of our elections systems raises awareness of a critical issue, but in order to secure our elections, we need fundamental changes made at the state and local level. Verified Voting collaborated on the DEFCON Hacker Village to raise awareness of a chilling reality: our enemies have the will, intention and ability to tamper with our election infrastructure, potentially delegitimizing our elections and destabilizing our government. Verified Voting has known of this frightening possibility for years—we were founded in 2004, in the wake of election irregularities, to secure our democracy by ensuring that Americans’ votes would be counted the way they intended to cast them.

We know from deep experience: protecting our election infrastructure is a national security issue, and if we don’t act now, as former FBI Director James Comey has stated, ‘They’ll be back.’ That’s why Verified Voting has worked continuously with state election officials to safeguard their systems. Just last month, Verified Voting worked closely with Virginia’s Board of Elections in their move to decertify and remove its insecure, untrustworthy paperless voting machines and replace them with voter-marked paper ballots. 

Verified Voting Blog: Verified Voting Letter to the US Senate Select Committee on Intelligence

This letter was sent to the US Senate Select Committee on Intelligence following a hearing on June 21, 2017. (Download PDF)

Verified Voting vigorously applauds the Senate Select Committee on Intelligence for its leadership and commitment to securing our elections. With clear evidence that foreign attackers sought to attack our 2016 elections through various means, our intelligence agencies warn that hostile attackers will be back to attack future elections. Congress and the most vulnerable states should act with urgency to fund and implement protective reforms that will make our election systems resilient against cyber attack: funding the adoption of paper ballots and accessible ballot marking systems, and implementing robust, manual post-election audits of the votes.

The June 21 hearing is an important first step toward those reforms, providing valuable information through witness testimony and questions of the Senators. We wish to expand on several key points that were raised in the hearing to ensure a clear understanding of the challenges we face in securing our elections.

It is crucial to understand that further reforms are urgently needed to bolster the mitigations currently in place so that it is possible to detect and correct a cyber attack on the vote count.

Some testimony asserted that pre-election testing and post-election audits currently in place would catch errors in vote tallies caused by a malicious attacker or software failure. Unfortunately, pre-election testing, though helpful for ensuring the completeness of ballot programming, can be defeated by malicious software designed to detect when the system is in test mode. This is what happened with Volkswagen diesels cars: the software caused the cars’ emissions systems to behave correctly during testing, but then allowed them to pollute under non-testing conditions.

Verified Voting Blog: Alex Halderman: Expert Testimony before the US Senate Select Committee on Intelligence

This testimony was delivered at a hearing on June 21, 2017. (Download PDF)

Chairman Burr, Vice Chairman Warner, and members of the Committee, thank you for inviting me to speak today about the security of U.S. elections. I’m here to tell you not just what I think, but about concerns shared by hundreds of experts from across cybersecurity research and industry. Such expertise is relevant because elections—the bedrock of our democracy—are now on the front lines of cybersecurity, and they face increasingly serious threats. Our interest in this matter is decidedly non-partisan; our focus is on the integrity of the democratic process, and the ability of the voting system to record, tabulate, and report the results of elections accurately.

My research in computer science and cybersecurity tackles a broad range of security challenges.1 I study attacks and defenses for the Internet protocols we all rely on every day to keep our personal and financial information safe. I also study the capabilities and limitations of the world’s most powerful attackers, including sophisticated criminal gangs and hostile nation states. A large part of my work over the last ten years has been studying the computer technology that our election system relies on.2 In this work, I often lead the “red team,” playing the role of a potential attacker to find where systems and practices are vulnerable and learn how to make them stronger.

I know firsthand how easy it can be to manipulate computerized voting machines. As part of security testing, I’ve performed attacks on widely used voting machines, and I’ve had students successfully attack machines under my supervision.

Verified Voting Blog: Technology Experts’ Second Letter to Georgia Secretary of State Brian Kemp

This letter was sent to Georgia Secretary of State Brian Kemp on May 24, 2017. Download PDF

On March 14th we sent a letter to you expressing grave concerns regarding the security of Georgia’s voting systems and requesting transparency from your office concerning key questions about the reported breach at Kennesaw State University Center for Election Systems (KSU).

The FBI has reportedly closed its investigation into the breach at KSU and will not be pressing federal charges1 but regrettably little more is known. We remain profoundly concerned about the security of Georgia’s votes and the continued reliance on Diebold paperless touchscreen voting machines for upcoming elections.2

The FBI’s decision not to press charges should not be mistaken for a confirmation that the voting systems are secure. The FBI’s responsibility is to investigate and determine if evidence exists indicating that federal laws were broken. Just because the FBI concluded this hacker did not cross that line does not mean that any number of other, more sophisticated attackers could not or did not exploit the same vulnerability to plant malicious software that could be activated on command. Moreover, the FBI’s statement should not be misinterpreted to conclude that KSU or the Georgia voting system do not have other security vulnerabilities that could be exploited by malicious actors to manipulate votes.

Any breach at KSU’s Election Center must be treated as a national security issue with all seriousness and intensity. We urge you to engage the Department of Homeland Security and the US Computer Emergency Readiness Team (CERT) to conduct a full forensic investigation. We cannot ignore the very real possibility that foreign actors may be targeting our election infrastructure.

The Voting News Weekly: The Voting News Weekly for April 17-23 2017

According to reporting by Reuters, a Moscow-based think tank linked run by retired senior Russian foreign intelligence officials appointed by Vladimir Putin developed plans for a propaganda and misinformation campaign aimed at influencing the 2016 US Presidential election. Sources interviewed by Reuters described two documents produced by the Russian Institute for Strategic Studies that outlined strategies for influencing the election. The first was aimed at encouraging U.S. voters to elect a president who would take a softer line toward Russia, while the second, based on the assumption that Hillary Clinton would be elected recommended focusing on voter fraud to undercut the U.S. electoral system’s legitimacy and damage Clinton’s reputation.

An article in Wired examining the fight against partisan gerrymandering and suggests that current efforts may the most auspicious in decades due to new quantitative approaches—measures of how biased a map is, and algorithms that can create millions of alternative maps—that could help set a concrete standard for how much gerrymandering is too much. Last November, some of these new approaches helped convince a United States district court to invalidate the Wisconsin state assembly district map—the first time in more than 30 years that any federal court has struck down a map for being unconstitutionally partisan. That case is now bound for the Supreme Court.

Within days of Alabama Governor Robert Bentley's resignation, new Governor Kay Ivey has changed the date for the special election to fill the U.S. Senate seat previously held by Jeff Sessions to this calendar year. Bentley had been criticized for putting the special election off until next year and Ivey moved quickly to set the primary for August 15, with a runoff, if necessary, for September 26. The general election will be held on December 12.

With the closely-watched special election in Georgia's 6th Congressional district going to a run-off in June, civil rights and voting organizations have filed a suit challenging a Georgia law that prohibits voters from voting in the runoff election who weren't registered in time for the first round. The plaintiff's allege that the restriction violates Section 8 of the National Voter Registration Act, which requires states to allow voters to participate in any election for federal office as long as they register at least 30 days prior.

Last week, Nevada Secretary of State Barbara Cegavske claimed that the state’s DMV of encouraged the registration of non-citizen voters, by allowing ID-seekers to also fill out voter registration forms at driver’s licenses offices even if they had presented a green card. Voting right advocates and DMV officials were quick to point out that federal law requires the DMV to submit voter registration applications to the state’s election officials regardless of the applicant’s apparent citizenship status. Cegavske on Wednesday released a statement saying that research by her department had found three non-citizens that are alleged to have voted in the November 2016 election in November, though she declined to say if her office would attempt to prosecute the three voters.

A voting rights group in North Carolina called for state and local officials to investigate whether allies of North Carolina's former governor and the state Republican Party broke laws when hundreds of people were accused of voter fraud or absentee ballot irregularities last November. Democracy North Carolina said most of the accusations were irresponsible because the claims weren't backed by evidence or could be eliminated based on cursory reviews of voter roll information. The protests were designed to intimidate voters for political gain or put in doubt the election result, the group's report describing its own review alleges.

For the third time this Spring, courts have found Texas voting districts unconstitutional. This week it was the state legislative districts that were determined by a three-judge federal panel were also intentionally drawn to dilute votes based on race, and also violated the “one person one vote” principle of equal-sized voting districts that is the core consideration of the Voting Rights Act.

A New York Times article examined the role of Russian-sponsored misinformation in today's presidential election in France. Turkey’s high election board has rejected formal calls by the country’s main opposition parties to annul the result of a referendum that will grant RecepTayyip Erdoğan sweeping new powers as president and the British parliament overwhelmingly agreed to a early general election on June 8, less than 12 months after deciding to quit the European Union.

The Voting News Weekly: The Voting News Weekly for April 3-9 2017

At an Election Assistance Commission hearing, a DHS official made the case for his agency's designation of voting systems as critical infrastructure, emphasizing the designation did not undermine the autonomy of state election administration. Robert Hanson, DHS' director of the prioritization and modeling at Office of Cyber and Infrastructure Analysis, noted that many state and local governments have turned to DHS for such support and warned that new security flaws could be introduced if the replacement systems aren't properly vetted. State and local officials, however, reiterated their concerns on the critical infrastructure designation and the National Association of Secretaries of State will continue to ask the administration to rescind the critical infrastructure designation for election systems.

Under investigation by the House Ethics Committee, Devin Nunes has stepped down "temporarily" from his role in leading the House Intelligence Committee's investigation of ties between Russia and the Trump campaign. The investigation relates to statements Nunes made last month regarding U.S. surveillance operations aimed at foreign targets had incidentally collected communications involving members of President-elect Trump's transition team, of which he was a member. His recusal leaves the inquiry in the hands of other rightwing Republicans and it is unclear how much effect, if any, his absence would have on an investigation stalled by deep partisan infighting.

An FBI investigation has determined a “security researcher” was behind data breaches at Kennesaw State University’s Center for Election Systems and that researcher's activities was not in violation of federal law. In what seems to be a "white hat" hack, a researcher at least twice breached the KSU system apparently in an attempt to demonstrate its vulnerability. A closely watched special election this month in Georgia will be conducted using unverifiable direct recording electronic equipment maintained and programmed at the KSU Election Center.

A federal magistrate judge has ordered Kansas Secretary of State Kris Kobach to hand over for review the documents that he took to a meeting with President Trump outlining a strategic plan for the Department of Homeland Security. The U.S. District Court in Kansas City, Kan., will determine whether the documents are relevant to two federal lawsuits seeking to overturn a Kansas law that requires voters to provide proof of citizenship, such as a birth certificate or passport, when they register to vote.

Montana Governor Steve Bullock reignited a debate over all mail ballot elections when he inserted language specifying that "the 2017 special election to fill the vacancy in the office of the United States representative for Montana may be conducted by mail," into an unrelated election bill that had reached his desk. Republican legislators, fearing that an all mail ballot election would result in higher turnout therefore diminish their party's chances, had defeated similar legislation in the state Senate last week. Montana State law allows the governor to issue such "amendatory vetoes" to bills he generally supports but will only sign with his suggested changes. The amendments must be approved by both legislative chambers for the bill, including the originally passed language, to become law.

On a party-line vote the North Carolina House has approved a bill that would merge the state's ethics and election boards and significantly diminish the power of the political party of the governor. Roy Cooper, the Democratic Governor has threatened to veto the bill, which has been fast-tracked in Senate. Republicans hold veto-proof majorities in the House and Senate, so the Governor may pursue legal action to stop the bill as he did successfully with a similar proposal passed before his inauguration in January.

U.S. District Judge Nelva Gonzales Ramos will wait until after the Texas legislative session is over to order remedies to its voter identification law, but does not believe current legislative action will affect a pending lawsuit against the state. Gonzales Ramos had ordered temporary fixes to the law ahead last November's presidential election and Republicans had introduced legislation this year that resembled the judge’s measures. They argue that the changes in the bill, which has passed in the Senate and is pending in the House, would have an impact on the judge's ruling in the lawsuit but Gonzales Ramos disagreed. In the same ruling, the judge also allowed the Justice Department to withdraw from the case, a request made after President Donald Trump took office in January.

The ruling Liberal government in Canada has rejected calls for internet voting. A special parliamentary committee report issued last month expressed concern about the security of online voting and recommended against pursuing it until those concerns could be addressed. In a formal response to the committee's report, Minister of Democratic Institutions Karina Gould said the government agrees with the committee. "While Canadians feel that online voting in federal elections would have a positive effect on voter turnout, their support is contingent on assurances that online voting would not result in increased security risks," Gould wrote. "We agree."

In a rare development, both the winning and losing parties in Ecuador's presidential election are supporting a recount to verify the accuracy of he announced results. Country Alliance, the incumbent party, accepted the challenge of conservative challenger Guillermo Lasso, who has alleged fraud and vote rigging. Observers from the Organization of American States reported that they had “found no discrepancies between the observed records and the official data”. The recount is already underway.

As Indian politicians debate the accuracy and reliability of electronic voting machines, Russia has expressed interested in observing India's technology with goal of using it in their presidential election in 2018. In return, Russia would assist India in developing a "state-of-the-art tabulation system" for counting of votes. Since by-elections earlier this year, allegations of voting machine tampering have been a significant issue in the Indian Parliament, with various opposition leaders disrupting proceedings to protest the issue.