RALEIGH, N.C. (AP) — In a story published June 5 about a federal forensic analysis of electronic poll books in Durham County, North Carolina, The Associated Press reported erroneously that paper ballots were issued after poll books malfunctioned in the county on Election Day in 2016. In fact, paper ballots were already in use. The malfunctions led authorities to revert to paper ledgers for check-in. That process required that paper vouchers be filled out before a voter could cast their ballot, and some precincts did not have enough vouchers on hand.
A corrected version of the story is below:
Feds to finally examine 2016 NC poll books for hacking
More than two years after 2016 Election Day trouble, federal computer sleuths will do forensic analysis of electronic poll book software from a company targeted by Russian military hackers
By EMERY P. DALESIO and FRANK BAJAK
RALEIGH, N.C. (AP) — More than two years after voter check-in software failed on Election Day in a North Carolina county, federal authorities will finally conduct a forensic analysis of electronic poll books to see if Russian military hackers who targeted the software provider may have tampered with registration information to disrupt voting.
The U.S. Department of Homeland Security analysis of laptops used in Durham County is the first known federal probe of voting technology that malfunctioned during the 2016 election, when Russian hackers infiltrated election systems in several states, part of what special counsel Robert Mueller said was an effort to favor Donald Trump’s presidential campaign.
The malfunction of VR Systems’ electronic poll book software forced officials in the heavily Democratic county to switch to paper registration records and extend voting hours. How many voters may have been disenfranchised as a result is unknown.
State election officials seized for evidence 21 laptops used to check in Durham County voters for the 2016 balloting shortly after the leak of a National Security Agency report revealed in mid-2017 that VR Systems had been targeted by a Russian spear-phishing campaign, said Josh Lawson, who was general counsel of the North Carolina board of elections at the time.
Lawson said Thursday that his office asked federal officials to do a forensic exam of the laptops — and that the FBI assisted the state in making images of their hard drives.
That long-dormant request was renewed last Friday. The reason: The report Mueller issued in April on Russian interference in the 2016 election described how Kremlin-backed cyber spies had installed malware on the network of a company that “developed software used by numerous U.S. counties to manage voter rolls.”
The name was redacted, but the chief operating officer of VR Systems, Ben Martin, said he believes the report was referring to his Tallahassee, Florida, company. Still, Martin disputes that it was hacked. Martin says a security audit by the cybersecurity firm FireEye found no sign of a breach — though that audit was done more than seven months after the election, the company told U.S. Sen. Ron Wyden of Oregon in a letter last month.
The 21 laptops will now be turned over to DHS, state elections board attorney Katelyn Love said Wednesday.
DHS spokeswoman Sara Sendek said the forensic examination, first reported by The Washington Post, along with other support her agency is providing North Carolina “may help to provide a better understanding of previous issues and help to secure the 2020 election.”
The FBI did not immediately respond to requests for comment on whether it was investigating the Durham County poll book failure and whether it had examined the laptops’ contents.
Hackers with access to electronic voter rolls could throw voting into disarray and damage voter confidence by changing names, addresses or polling places.
On Election Day in 2016, some Durham County voters complained that the electronic poll books registered them as having voted when they hadn’t. The company blamed the trouble on poorly trained poll workers and inadequate computer maintenance. A report by a security consultant hired by Durham County’s elections board supported that claim.
“We believed then and now that the cause of the problem was poll worker error, and that a forensic analysis would prove it,” Martin said in an email. The company remains confident the DHS review will prove its voting software “was not breached or compromised.”
Russian-backed hackers probed several dozen state voter registration databases ahead of the 2016 elections, federal authorities say, and gained access to Illinois’ voter rolls, though officials say there is no indication anything was altered or deleted. Florida’s new governor, Ron DeSantis, said in May that the FBI confirmed hackers also penetrated at least two county networks in Florida. His predecessor, Gov. Rick Scott, unseated Sen. Bill Nelson after slamming the Democrat as “sensational” for saying Russians had hacked systems in Florida.
Florida and North Carolina are among eight states that use VR Systems’ EViD electronic polling book software. Lawson, who resigned from the North Carolina election agency last week, said it was installed on off-the-shelf commercial laptops in Durham County.
Election integrity activist Susan Greenhalgh welcomed the forensic exam but lamented that it took a combination of the Mueller report and the 2017 leaking of the classified NSA report that named VR Systems to get here.
Also, it’s entirely possible Russian tampering happened but the forensic exam will find nothing, she said.
“Its value is clearly going to be diminished because it took so long to do it,” she said. Lawson said he could not say how securely the machines were stored before the state seized them.
DHS tries to help state and local election authorities secure their voting systems, but frequently encounters resistance, especially in states like Georgia where the current governor, Brian Kemp, even accused it of trying to hack his state when he was in charge of elections there.
“They have a disincentive to be too aggressive with states that are sensitive to being investigated,” Greenhalgh said.
North Carolina is not among those states. It has welcomed DHS assistance in fortifying election security.
Ultimately, responsibility for securing election systems falls on state and local elections authorities because of the decentralized nature of U.S. voting — even though outgoing DHS Secretary Jeh Johnson declared voting systems critical national infrastructure in January 2017.
Across the nation, they continue to be short on resources for cybersecurity. And voting equipment vendors — in a cutthroat market dominated by three companies — have resisted exposing their black box voting systems to aggressive security audits.
North Carolina sought to decertify VR System poll books in the state after the 2017 NSA leak. But VR Systems fought it successfully in court. Durham County moved to a state-provided poll book after 2016.
A National Academy of Sciences report last year that called for an urgent overhaul of the rickety U.S. election system. That report called for all U.S. elections to be held on human readable paper ballots by 2020.
Bajak reported from Boston. Associated Press writer Christina Almeida Cassidy in Atlanta contributed to this report.
Follow Dalesio at http://twitter.com/emerydalesio and Bajak at http://twitter.com/fbajak.