When people in several North Carolina precincts showed up to vote last November, weird things started to happen with the electronic systems used to check them in. “Voters were going in and being told that they had already voted — and they hadn’t,” recalls Allison Riggs, an attorney with the Southern Coalition for Social Justice. The electronic systems — known as poll books — also indicated that some voters had to show identification, even though they did not. Investigators later discovered the company that provided those poll books had been the target of a Russian cyberattack. There is no evidence the two incidents are linked, but the episode has revealed serious gaps in U.S. efforts to secure elections. Nine months later, officials are still trying to sort out the details. … At first, the county decided to switch to paper poll books in just those precincts to be safe. But Bowens says the State Board of Elections & Ethics Enforcement got involved “and determined that it would be better to have uniformity across all of our 57 precincts and we went paper poll books across the county.”
That move caused a whole new set of problems: Voting was delayed — up to an hour and a half — in a number of precincts as poll workers waited for new supplies. With paper poll books, they had to cut voters’ names out and attach them to a form before people could get their ballots. “Precincts didn’t have scissors, they didn’t have tape, they didn’t have glue sticks,” says Riggs. As far as she was concerned, the solution was worse than the problem, and the state had overreacted.
But Susan Greenhalgh, who is part of an election security group called Verified Voting, worried that authorities underreacted. She was monitoring developments in Durham County when she saw a news report that the problem poll books were supplied by a Florida company named VR Systems. “My stomach just dropped,” says Greenhalgh. She knew that in September, the FBI had warned Florida election officials that Russians had tried to hack one of their vendor’s computers. VR Systems was rumored to be that company.
“I became really concerned that this might be a cyberattack, some sort of cyber event,” says Greenhalgh. But she had trouble getting anyone’s attention. Greenhalgh says a contact she had at the U.S. Department of Homeland Security was concerned but said there was little federal officials could do unless the state requested help.