There’s a Catch-22 when it comes to whether Congress will address the issue of voting security in time for this year’s elections. On the one hand, the threat posed by Russian hackers has brought significant attention to the issue, leading to the introduction of several pieces of bipartisan legislation to boost the nation’s cybersecurity. But some congressional Republicans worry that raising the Russian threat could call into question the legitimacy of President Trump’s election, so they don’t want to touch it. … Academic researchers and hackers at last year’s DefCon hacking conference showed that voting machines can be penetrated easily, often within minutes. The exercise drew considerable attention, but Lawson emphasizes that the experiment’s results wouldn’t be replicated in real-world conditions. Most of the machines at the conference weren’t certified for use in the U.S., she says, while poll workers would have to be napping for hackers to open them up.
“Voting machines are not connected to the internet,” Judd Choate, director of elections for Colorado, said at a Center for American Progress event on Monday. “You would have to be present, hacking in with a screwdriver.”
In response to the DefCon exercise, however, Virginia required local officials to switch to paper ballots and electronic scanners, just weeks ahead of elections there last fall. “We had quite a number of recounts in November, which really would not have been possible if we had not been using those machines,” Edgardo Cortés, the former commissioner of elections for Virginia, said at the CAP event.
The seemingly anachronistic technology of paper has become perhaps the top priority for election officials worried about cyberattacks. Last Friday, Pennsylvania Gov. Tom Wolf ordered counties replacing their voting machines to buy ones that can create a paper trail. Last year, Iowa and Rhode Island passed laws requiring election officials to check machine counts against paper ballots.