Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Tribune News Service
Tribune News Service
Politics
Mark Niesse

US cybersecurity agency reviews hacking risk to Georgia voting system

ATLANTA — A confidential report alleging Georgia's voting touchscreens could be hacked is now being reviewed by the federal government.

The U.S. Cybersecurity and Infrastructure Agency wrote in a court filing late Thursday that it will assess potential vulnerabilities and decide whether updates or patches are needed to mitigate risks.

CISA's action came in response to a report by a computer scientist who said votes could be changed if someone gained physical access to Georgia's voting touchscreens or election management computers.

Georgia election officials say the state's voting systems are secure and that vulnerabilities discovered in a lab would be difficult to exploit in a real election.

There's no indication that Georgia's election computers manufactured by Dominion Voting Systems were hacked in the 2020 election, but an ongoing election security lawsuit alleges the touchscreens could be exploited in future elections. Three ballot counts and multiple investigations checked the 2020 election results.

Both Secretary of State Brad Raffensperger and plaintiffs in the lawsuit have called for a redacted version of the hacking report to be made public, but CISA urged a judge not to disseminate further information for now.

"Such premature disclosure increases the risk that malicious actors may be able to exploit any vulnerabilities and threaten election security," CISA, an agency within the U.S. Department of Homeland Security, said in the filing.

CISA will analyze the extent of potential vulnerabilities, work with Dominion and develop mitigation measures, according to the agency's court filing.

If vulnerabilities are confirmed and fixes required, CISA's review could reverberate beyond Georgia. Dominion touchscreens that print out paper ballots, called ballot-marking devices, are used in jurisdictions in 12 states, including California, Michigan and Missouri.

The report was produced by University of Michigan computer science professor Alex Halderman, who as an expert for the plaintiffs was able to examine Georgia's voting equipment for 12 weeks and look for flaws.

Halderman found that malicious software could be installed on voting touchscreens so that votes are changed in QR codes printed on paper ballots, which are then scanned to record votes, according to court documents.

The secretary of state's office reviewed Halderman's report after a judge made clear last month that it could be shared with election officials, following reporting about the potential vulnerability by The Atlanta Journal-Constitution. But the report remains sealed from public view.

Raffensperger said Halderman is "way off base."

"I'm sure that anyone who has that kind of unlimited access could do something, but it's not the real world," Raffensperger said during an Atlanta Press Club interview Thursday.

David Cross, an attorney for the plaintiffs, said more information should be revealed about the risks to Georgia's voting system after CISA has an opportunity to review it. Cross asked a judge last week to release a redacted version of the report within 30 days.

"Sending it to CISA for this purpose so that they can basically make the independent decision of how to do that balancing act is appropriate," Cross said in court Feb. 2. "The public is entitled to have an understanding of the general matters covered in the report."

It's unclear how long CISA's review would take, but the agency said it would provide an update in 30 days.

After CISA finishes its evaluation and develops safeguards, it will disclose information about vulnerabilities and mitigations but not necessarily release Halderman's full report.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.