The AP reports that MAGA/Qanon efforts to question the outcome of the 2020 presidential race – the Big Lie – have led to voting system breaches that election security experts say pose a heightened risk to future elections. Experts warn of dangers from breach of voter system software:
Copies of the Dominion Voting Systems software used to manage elections — from designing ballots to configuring voting machines and tallying results — were distributed at an event this month in South Dakota organized by MyPillow CEO Mike Lindell, an ally of former President Donald Trump who has made unsubstantiated claims about last year’s election.
“It’s a game-changer in that the environment we have talked about existing now is a reality,” said Matt Masterson, a former top election security official in the Trump administration. “We told election officials, essentially, that you should assume this information is already out there. Now we know it is, and we don’t know what they are going to do with it.”
The software copies came from voting equipment in Mesa County, Colorado, and Antrim County, Michigan, where Trump allies had sue unsuccessfully challenging the results from last fall.
The Dominion software is used in some 30 states, including counties in California, Georgia and Michigan.
Election security pioneer Harri Hursti was at the South Dakota event and said he and other researchers in attendance were provided three separate copies of election management systems that run on the Dominion software. The data indicated they were from Antrim and Mesa counties. While it’s not clear how the copies came to be released at the event, they were posted online and made available for public download.
The release gives hackers a “practice environment” to probe for vulnerabilities they could exploit and a road map to avoid defenses, Hursti said. All the hackers would need is physical access to the systems because they are not supposed to be connected to the internet.
“The door is now wide open,” Hursti said. “The only question is, how do you sneak in the door?”
A Dominion representative declined comment, citing an investigation.
U.S. election technology is dominated by just three vendors comprising 90% of the market, meaning election officials cannot easily swap out their existing technology. Release of the software copies essentially provides a blueprint for those trying to interfere with how elections are run. They could sabotage the system, alter the ballot design or even try to change results, said election technology expert Kevin Skoglund.
“This disclosure increases both the likelihood that something happens and the impact of what would happen if it does,” he said.
The effort by Republicans to examine voting equipment began soon after the November presidential election as Trump challenged the results and blamed his loss on widespread fraud, even though there has been no evidence of it.
Judges appointed by both Democrats and Republicans, election officials of both parties and Trump’s own attorney general have dismissed the claims. A coalition of federal and state election officials called the 2020 election the “most secure” in U.S. history, and post-election audits across the country found no significant anomalies.
In Antrim County, a judge had allowed a forensic exam of voting equipment after a brief mix-up of election results led to a suit alleging fraud. It was dismissed in May. Hursti said the date on the software release matches the date of the forensic exam.
Calls seeking information from Antrim County’s clerk and the local prosecutor’s office were not immediately returned; a call to the judge’s office was referred to the county clerk. The Michigan secretary of state’s office declined comment.
In Colorado, federal, state and local authorities are investigating whether Mesa County elections staff might have provided unauthorized individuals access to their systems. The county elections clerk, Tina Peters (photo above), appeared onstage with Lindell in South Dakota and told the crowd her office was being targeted by Democrats in the state.
MyPillow CEO Mike Lindell has said he is providing a safe house for a Colorado county clerk amid an FBI investigation into her role in an alleged plot to leak election data to a QAnon leader, according to Vice News.
The official at the center of the probe, Mesa County clerk Tina Peters, is accused of compromising voting machines and allowing someone to share sensitive data with QAnon figurehead, Ron Watkins, Insider previously reported.
Peters, a so-called “Trump Truther,” permitted surveillance cameras to be turned off for up to two months, it is alleged.
She is under investigation by the Colorado Secretary of State Jena Griswold, and on Tuesday, the FBI said it was also looking into it. The FBI announced that it was working with Colorado’s District Attorney’s office “to determine if there was a potential federal criminal violation,” FBI Denver office spokeswoman Courtney Bernal told the Denver Post.
Two weeks ago, when Griswold issued an order authorizing her staff to travel to Mesa County to inspect the election system, Peters was on her way to MyPillow CEO Mike Lindell’s “cyber symposium” in South Dakota, Vice News reported.
Lindell told Vice News on Wednesday that, following the symposium, a member of his own security team leaked the secret location she was staying in, the media outlet reported.
Peters is now “holed up” in a new safe house, Lindell said.
Update: Colorado secretary of state files lawsuit to strip Tina Peters of election authority:
Colorado Secretary of State Jena Griswold has filed a lawsuit as part of an effort to prevent the Mesa County clerk and recorder from maintaining her authority over elections.
The lawsuit was filed Monday in state district court in Mesa County. The lawsuit seeks to remove Mesa County Clerk and Recorder Tina Peters as the designated election official.
“My priority is ensuring that the voters of Mesa County have accessible and secure elections. With the quickly approaching election, I am taking action to ensure that the county’s election office can provide great elections for Mesa voters,” Griswold said in a statement. Peters “is not fit to serve” as the designated election official, she said.
Colorado Secretary of State Jena Griswold said she alerted federal election security officials of the breach and was told it was not viewed as a “significant heightening of the election risk landscape at this point.” This past week, Mesa County commissioners voted to replace voting equipment that Griswold had ordered could no longer be used.
Geoff Hale, who leads the election security effort at the U.S. Cybersecurity and Infrastructure Security Agency, said his agency has always operated on the assumption that system vulnerabilities are known by malicious actors. Election officials are focused instead on ways they can reduce risk, such as using ballots with a paper record that can be verified by the voter and rigorous post-election audits, Hale said.
He said having Dominion’s software exposed publicly doesn’t change the agency’s guidance.
Security researcher Jack Cable said he assumes U.S. adversaries already had access to the software. He said he is more concerned the release would fan distrust among the growing number of people not inclined to believe in the security of U.S elections.
“It is a concern that people, in the pursuit of trying to show the system is insecure, are actually making it more insecure,” said Cable, who recently joined a cybersecurity firm run by former CISA Director Christopher Krebs and former Facebook security chief Alex Stamos.
Concerns over access to voting machines and software first surfaced this year in Arizona, where the Republican-controlled state Senate hired Cyber Ninjas, a firm with no previous election experience, to audit the Maricopa County election. The firm’s chief executive also had tweeted support of conspiracy theories surrounding last year’s election.
After the county’s Dominion voting systems were turned over to the firm, Arizona’s top election official said they could not be used again. The GOP-controlled Maricopa County Board of Supervisors voted in July to replace them.
Election technology and security expert Ryan Macias, in Arizona earlier this year to observe that review, was alarmed by a lack of cybersecurity protocols. There was no information about who was given access, whether those people had passed background checks or were asked to sign nondisclosure agreements.
Cyber Ninjas did not respond to an email with questions about the review and their security protocols.
Macias was not surprised to hear that copies of Antrim County’s election management system had surfaced online given the questionable motives of the various groups conducting the reviews and the central role that voting systems have played in conspiracy theories.
“This is what I anticipated would happen, and I anticipate it will happen yet again coming out of Arizona,” Macias said. “These actors have no liability and no rules of engagement.”
The Daily Beast reports on this Tina Peters QAnon character. MAGA Election Clerk Tina Peters Accused of Not Counting Ballots in Local Races:
Seated onstage at the most-hyped election conspiracy event of the year, the clerk of Mesa County, Colorado, Tina Peters, described herself as a crusader for election security.
[B]ut at home in Mesa County, some current and former officials have a different recollection of Peters’ tenure overseeing elections.
During Peters’ first year as clerk, in 2019, her office was blamed for leaving more than 570 uncounted ballots in a box, long past an election. Less than a year later, one of her office’s drop boxes leaked ballots, sending some floating in the summer breeze. Now Peters has gone underground, reportedly hiding in a safe house provided by Lindell, after she allegedly participated in a breach of Mesa County voting machine data this year. That data soon wound up on conspiracy websites, making Peters a folk hero among the MAGA/QAnon set and the subject of an FBI investigation.
Peters (who did not return requests for comment) took office in 2019, after her predecessor, Sheila Reiner, reached her term limit. What followed was an unusually bombastic tenure in a typically low-drama role.
While overseeing the November 2019 general election, Peters’ office forgot to count 574 ballots, instead leaving them unattended in a drop box outside her office for months. That slip-up coincided with a rush of departures from Peters’ office. In December 2019, nearly 20 of Peters’ 32-person staff had departed, the Grand Junction Daily Sentinel reported at the time. More staff quit days after the missing ballots were discovered, in late February 2020, bringing the departure count over two dozen.
The Colorado Secretary of State’s Office told Peters to get her act together.
“The Secretary of State’s Office appointed someone to be in the [clerk’s] office to help with the election,” Amanda Polson, who served as elections director under Reiner, told The Daily Beast.
Patti Inscho, a Democrat and an experienced former Mesa County Clerk employee, was hired to help Peters with elections. But just two months into Inscho’s role, Peters fired her, accusing her of not doing assigned work—an allegation Inscho firmly denied. The rift turned ugly, with a Peters staffer filing a criminal complaint against Inscho for allegedly not working during a pandemic, the Colorado Sun previously reported. Police dismissed the report.
“Tina didn’t want to fight facts,” Inscho told The Daily Beast. “She wanted to damage people. She did and said a lot of things about me that are untrue. It hurt my reputation, and it’s hard to fight back against.”
Polson, who had been hopeful about Inscho’s hiring, saw her termination as a bad omen.
“Essentially, that person [Inscho] got shut out,” Polson said. “Nothing had improved in the office. She was still, we thought, not handling the ballot issue correctly. There are some lines you can’t cross in an election administration. That is one of them: not counting ballots that should be counted.”
In May 2020, Polson formally began an effort to recall Peters. The campaign took issue with Peters’ handling of the lost ballots, as well as her staff turnover, a series of controversial business expenses (including more than $3,000 in food), and her decision not to oversee a pair of town-level elections. (The towns were forced to oversee their own elections, costing them two to three times the typical cost of a county-run vote.)
Soon the recall campaign had another data point: a ballot drop-off box, installed by Peters’ office for the 2020 primary election, appeared defective, sending completed ballots blowing across a parking lot. Peters claimed the leak was staged and blamed a local couple who’d reported the issue. The couple denied the allegation in an interview with the Daily Sentinel, where a reporter also noted ongoing issues with ballots becoming lodged in the drop box.
Polson was joined in her signature-gathering campaign by Inscho and even, on occasion, Peters’ predecessor Sheila Reiner. “I agreed with the group that things weren’t being done properly,” Reiner told The Daily Beast. “I didn’t believe that Tina was doing a good job.”
She said she collected some signatures for the recall, but was not one of its organizers. Still, her involvement cost her. Reiner said she was antagonized by Peters loyalists who objected to the recall.
“I’m a Republican,” she said. “There are some other Republicans that felt like that I wasn’t being loyal to the brand, let’s put it that way.” [The Trump personality cult.]
Peters sometimes joined the counterattack on her critics. When the state appointed the treasurer of a nearby county to act as an independent overseer on the recall, Peters filed an official complaint about the treasurer’s political affiliation (a former Republican, current Democrat). That treasurer, Teak Simonton, said the allegation was baseless—in part because Simonton’s role mostly consisted of verifying signatures and other hard-to-fudge tasks.
“I think she probably knows as well as anyone that there’s really nothing that can be handled inappropriately based on one opinion on the situation,” Simonton told The Daily Beast. “The law is very straightforward and very detailed on exactly how you administer and verify signatures. So her concerns were really unwarranted. Anything that would have been done was verifiable and transparent. It’s my guess that she was hoping to bolster her position by diminishing my engagement because I’m a Democrat.” (Simonton was also tasked with compiling a report on Peters’ office, in which she praised Peters’ staffers but criticized the clerk as “distrusting, frequently rude and antagonistic.”)
Ultimately, the recall effort fell approximately 1,200 signatures shy of the 12,129 signers needed to advance by August 2020.
“I honestly believe that had there not been a pandemic, had there been big gatherings, that we would have passed that petition,” Inscho said. “We would have reached enough names. It was just too hard with everything shut down.”
Frustrated, the recall organizers had little recourse but to watch Peters settle in to administer the 2020 general election.
“Those of us who were involved in recall, it was very taxing on us, mentally and physically,” Polson said. “We all took a giant step back and figured that, if the recall failed, she was really someone else’s problem at that point. We had done what we could to deal with it and it didn’t work.”
When Donald Trump won Mesa County in November 2020, but not Colorado or the U.S. at large, Peters promoted an election conspiracy theory on Twitter. And by May 2021, investigators allege, she became personally involved in the intrigue.
On, or shortly before May 25, Peters or someone in her office switched off security cameras that monitored the county’s voting machines, Colorado Secretary of State Jena Griswold alleges. On the 25th, Peters is accused of allowing an unauthorized person, who used the name “Gerald Wood,” to access the machines and make copies of data, which were soon leaked to Ron Watkins, a conspiracy theorist who previously acted as an administrator for the fringe forum 8kun. Watkins and fellow travelers like Lindell attempted, unsuccessfully, to argue that the leaked data suggests malfeasance by voting machine company Dominion. (Dominion is suing Lindell and other election conspiracy theorists for defamation.)
Soon after the breach became public, Peters rode Lindell’s private jet to his “Cyber Symposium” in South Dakota, where she made her speech about “discrepancies” in Mesa County voting data. (For good measure, Peters also used taxpayer money to buy a United Airlines ticket to the symposium, which she listed in business expenses as a “conference,” the Daily Sentinel reported. Even larger is the cost of replacing 41 pieces of voting technology that were compromised during the breach.)
Although Peters denies wrongdoing in the data leak, the breach is now the subject of investigations by local, state, and federal investigations. And Peters is nowhere to be found. Last week, Lindell told Vice that he was helping Peters hide in an undisclosed location (originally Texas, he said, but she has since moved due to security concerns).
For Peters’ critics back home, it’s the latest development in an election security saga that should have ended one or two ballot fiascos ago.
“It’s kind of horrifying to watch. Several of us on the recall committee worked at the elections office. Seeing the work and trust that we built come crashing down was really hard to watch,” Polson said. “We figured something worse was going to happen. It was just a matter of when and how and what.”
There needs to be deep background checks on election workers to prohibit MAGA/QAnon “Big Lie” conspiracy theorists from serving in elections divisions or the county recorders offices in Arizona. We cannot have these seditionists of American democracy and saboteurs of elections access to voting systems and election management.
Discover more from Blog for Arizona
Subscribe to get the latest posts sent to your email.