Are Local Election Results Hacker Friendly?
Sonora, CA — In the wake of national buzz about hackable voting equipment, Clarke Broadcasting talked with Mother Lode elections officials about cyber security threats.
Recently, Sacramento-based KCRA-TV reported here of a Las Vegas convention where hackers, some quite young, demonstrated that they could quickly alter results on a variety of devices used in the elections process.
It drew the ire of the National Association of Secretaries of State (NASS), which criticized the activities as being highly inaccurate because they were being performed in a “pseudo environment” that in no way duplicated actual state election systems, networks and physical security. NASS also maintained that election night reporting websites, used only to publish preliminary, unofficial results for the public, are not connected to vote counting equipment and could never change actual election results.
California’s Voting System, Highly Protected
California election officials point to a multitude of layered security protocols in place at the state and local levels. The Secretary of State’s Office, which is required to certify any voting system prior to its sale and use, developed what it considers to be one of the most strenuous voting system testing and certification programs in the nation. No part of a voting system is allowed to be connected to the internet at any time and no parts electronically receive or transmit election data through any type of exterior communication network.
Calaveras County Clerk-Recorder Rebecca Turner concurs. “We do not believe our system is more hackable because we have precautions in place. Calaveras uses a closed system that does not have access to the internet or the ability to allow remote accessibility. We also wipe the system before each election.”
She adds, “Having an older system does not make it more hackable, nor vulnerable; with any voting system as a security measure you must ensure it does not have internet or remote access capabilities. In the end, we still have paper ballots which give us the ability to recount the results to verify all votes were counted accurately. We always do a manual recount at the end of each election to ensure the vote counting software was counting ballots properly. During my tenure, I have never witnessed the results tabulated by the voting equipment to not match the manual count of paper ballots.”
Literally, Counting On The Paper Ballots
Tuolumne County Clerk and Auditor-Controller Debi Bautista emphasizes that maintaining all the backup, including the ballots themselves, creates a paper trail that allows officials to promptly detect possible intrusions into the voting process. She also points to multiple layers of checks and cross-checks in place. She says her office interfaces with the Secretary of State (SOS) in the same fashion as the 57 other counties in the state.
Further outlining the process, she explains, “We have the option to fax the election night results, enter them manually or electronically upload directly to the SOS. Before myself or the election staff leaves on Election Night, we confirm the results with the SOS verbally, we go line by line over each candidate and confirm the vote.”
Bautista points to county polling places, which use stand-alone tabulation machines that are sealed until Election Day and cumbersome enough to hack, even if someone could escape the notice of the minimum of two poll workers assigned to watch over the process. Besides counting all the ballots, the poll workers run a tape that has to match.
Tight Vote By Mail Protocols
The back up is hand counting ballots at the Elections Office. Tabulation counters at the Elections Office used for the votes by mail are also stand-alone machines. They are secured within an ID-keyed room that only three county workers have access to; two of them have to be in the room at all times.
“After the election is over, we do a manual one percent count of at least every race in one randomly picked precinct to make sure that the tallies from the polling place and the in-house tabulations all match,” Bautista shares..
“Now, where there can be some hacking — and this is more at the state level — is at the statewide data base but the state is very serious about protecting that,” she maintains. The state system does not allow changes in votes, only the addition or deletion of voters, which creates a trail denoting those activities. The state system keeps tabs of the voter count in every precinct and will not accept a report from that location unless the count matches.
County Processes Hardly Hackable
“If we are truly talking about Election Day and election results, it would be very difficult for someone to hack into the machines we use here in Tuolumne County, because they are all stand-alone, none of them are connected to the internet and we have checks and balances through the process to make sure that all the numbers tie,” she maintains.
Asked about hacking attempts, she shares, “Certainly it is my understanding that there have been attempts to hack into the data base itself but not into the actual tabulations machines at a county level.” Getting into the election database, she says, requires getting past many security hurdles and all activities performed are attached to a name linked with the desktop.
In the states where problems have been found, Bautista says a lot has to do with relying on reports and not retaining the paper copies. The bottom line, she says, is keeping all the backup and doing the math all through the process. “If all fails in the State of California, we have the ballots to go back to if, for some reason, a machine does not read the stuff right — and there are lots of tallies that we keep to make sure that the numbers all jive — I think we would see an anomaly.”