Voting machine tampering points to concern for fall election
On the last day of voting in Colorado's June primary, a poll worker sent to wipe down a voting machine found a concerning error message on its screen: "USB device change detected."
The machine, used to mark ballots electronically, was taken out of use and an investigation launched. The message raised concerns that a voter had tried to tamper with it by inserting an off-the-shelf thumb drive.
The incident heightened concerns among election officials and security experts that conspiracy theories related to the 2020 presidential election could inspire some voters to meddle with — or even attempt to sabotage — election equipment. Even unsuccessful breaches, like the apparent one in the county south of Colorado Springs, could become major problems in the November general election, when turnout will be greater and the stakes higher — causing delays at polling places or sowing the seeds of misinformation campaigns.
Activists who promote the false claim that the 2020 presidential election was stolen from former President Donald Trump have been traveling the country peddling a narrative that electronic voting machines are being manipulated. They have specifically targeted equipment made by Dominion Voting Systems, which has filed several defamation lawsuits and said that post-election reviews in state after state have shown its tallies to be accurate.
"This is yet another example of how lies about Dominion have damaged our company and diminished the credibility of U.S. elections," company spokesperson Stephanie Walstrom said in a statement to The Associated Press.
Despite no evidence of widespread fraud or manipulation in the 2020 election, the voting machine conspiracies have sunk in with a wide swath of Republican voters. Many of them have berated county commissions throughout the country, seeking to ditch voting equipment in favor of hand-marking and hand-counting all ballots.
The incident in Pueblo County highlights a troubling reality, that any voter propelled by conspiracy theories could try to tamper with voting machines.
"You get people motivated and activated, and who knows what they are going to come up with to fight machines they don't trust," said election technology expert Kevin Skoglund.
While it's difficult to stop such vigilante attempts, experts say the nation's election infrastructure is well-positioned to detect them quickly, as the Colorado county was able to do. Not only does election security involve layers of defenses, but a majority of the country now uses hand-marked paper ballots. That means an accurate tally can be reached in case something does go wrong and the results questioned.
Perhaps more concerning is what could happen during the time election officials are investigating a suspected attack and working to validate the results. That's when people can exploit the uncertainty and sow doubt about the election outcome.
"We've got so many layers of security and protections that have built over years," said Michigan's Secretary of State Jocelyn Benson. "The bigger threats are outside infiltration, as opposed to the machines themselves, and that's what we're trying to prepare for — because that's the greatest system of unknowns."
False claims by Trump and his allies that the 2020 presidential election was rigged have been widely debunked and discredited, with no evidence of widespread fraud or manipulation substantiated nearly two years after the election. Numerous judges, some appointed by Trump, dismissed lawsuits filed after the election, while Trump's own attorney general said the Justice Department found no fraud that would have changed the results.
Lies about the 2020 election have led to security breaches at some local election offices, including one in Mesa County, Colorado. Authorities in a handful of states are investigating whether officials provided access to their voting systems to conspiracy theorists.
Those concerns are adding to worries about the physical security of the machines, which should never be left unsecured. At polling places, the workers are trained to keep a close eye on equipment and flag anything suspicious.
Election officials also use locks and tamper-evident seals, so it becomes apparent if someone has tried to access voting equipment. Trigger alerts make machines inoperable if someone tries to tamper with them, which is what happened in Colorado on June 28.
Late in the afternoon, poll workers at the Pueblo County vote center heard noises coming from a voting booth. When a poll worker went to investigate and clean the machine, they saw the error message and notified a supervisor. Law enforcement and state election officials were immediately told of the incident.
What triggered the error message is part of the security protocols that protect voting machines.
Election officials can take measures to ensure that unauthorized devices don't infect voting equipment. They can configure their systems to recognize only proprietary devices, such as USB drives from the voting system manufacturer, or employ a system that allows connections only with devices containing a pre-authorized digital signature.
If someone attempts to insert any unauthorized USB device, an error message appears, and the machine won't work unless someone with administrator-level access overrides it.
In the Pueblo County case, the tamper-evident seal on the voting machine appeared to be disturbed. The case remains under investigation, and prosecutors are reviewing evidence.
This year, Colorado lawmakers broadened the definition of tampering with election equipment and strengthened the penalty for it. Formerly a misdemeanor offense with a penalty of up to 364 days in jail, it is now a felony punishable by up to three years in prison.
"Lies about America's elections are causing security risks," said Colorado Secretary of State Jena Griswold. "Any actor who tries to subvert the will of the people should be held responsible under the law."
Federal officials have been working with those on the state and local levels to improve their security defenses since voting systems were designated as "critical infrastructure" after the 2016 election — along with banks, dams and nuclear power plants.
State and local election officials who weren't already doing so have added locks, video camera surveillance of equipment storage locations and door access cards to limit those who can enter secure areas. Other security steps include limiting access to voting equipment to only those who need it and ensuring that sensitive systems are not connected to the internet.
"I have high confidence that jurisdictions are putting the necessary tools in place to be able to prevent and detect any kind of nefarious activities," said Kim Wyman, who leads election security efforts at the U.S. Cybersecurity and Infrastructure Security Agency.
In Pueblo County, election officials are preparing for every possibility during the November general election. Gilbert "Bo" Ortiz oversees elections as the clerk and recorder in Pueblo County, which Trump narrowly won in 2016 but lost four years later.
Ortiz sees a bit of irony in efforts by those who question the outcome of the 2020 presidential election, whether it's flooding his office with record requests, demanding recounts or attempting to tamper with equipment.
"All they are doing is proving the integrity of our system," Ortiz said.
This story has been corrected to update the name of the spokesperson for Dominion Voting Systems.
Copyright 2022, The Associated Press. All rights reserved.