U.S. election security incidents were minimal — and now it gets messy

Martin Shelton

Principal Researcher

A shadow of a camera man against the background of a large television, showing the projected electoral map of the United States on CNN with Jake Tapper.

Technology journalists and security experts have warned for years of risks to U.S. election infrastructure. In recent years the common wisdom of the security community held that hack-and-leak operations, exemplified by the breach of Clinton campaign chair John Podesta’s emails during the 2016 election, as well as vulnerabilities in voting machines, would undermine how journalists cover the election and the credibility of its results. The good news is that security wasn’t the problem this time, giving technology reporters a mercifully drama-free day. The bad news is that baseless claims of election fraud persist under the pretense of vote-tampering technology.

Things haven’t gone perfectly. Technical hiccups in Michigan and Georgia delayed vote tallies, but did not affect the count, fueling misinformation that these issues were caused by deliberate malfeasance. In Florida, a severed fiber cable cut off the local election office’s internet connectivity, prompting delayed reporting. In the end, these glitches ultimately had no significant impact on election results.

Indeed, even claims of election-related hacking have been unsubstantiated. In September, after rumors of hacks on voter registration databases suggested a Russian hacker obtained millions of voter records in Michigan, we quickly learned that this data was publicly available, and such a hack likely never happened.

Another widespread claim describes vote tampering software dubbed Hammer and Scorecard. According to Politifact, “Hammer” is supposedly designed to crack secured networks, while Scorecard is described to alter vote totals. Fact-checking website Snopes unpacks the evidence against this claim in some detail and indeed, even the agency the President appointed himself, the Cybersecurity and Infrastructure Security Agency (CISA), points out such claims are “nonsense.”

A screenshot from CISA Director Chris Krebs' Twitter, where he says the claims regarding Hammer and Scorecard are "nonsense."

According to a statement issued by CISA Director, Christopher Krebs, “After millions of Americans voted, we have no evidence any foreign adversary was capable of preventing Americans from voting or changing vote tallies.”

We expect that more claims concerning election-related security will continue to make headlines in weeks to come.

This was a checkpoint

So far in this election, we lack credible evidence of a major security incident. But that does not mean such incidents were impossible.

As our friends at the Electronic Frontier Foundation point out, we need further transparency into election systems, including more involvement from independent security researchers. We also need greater use of hand-marked paper ballots to help compare the results counted in voting machines against a physical tally.

For example, before certifying an election winner, the state of Georgia is conducting risk-limiting audits to verify the quality of its results. This procedure relies on taking a large, random sample of ballots, and comparing them to the reported results for statistically significant differences. Generally this requires the use of paper ballots to ensure any technical tampering won’t affect the paper copy in case of error or deliberate attacks.

By simply reporting the results, newsrooms are also an implicit part of the election process. Media organizations must defend their own infrastructure to ensure they are not implicated in the spread of disinformation.

Screenshot from the hacked Associated Press Twitter page, falsely tweeting the White House had been attacked

For example, when the Twitter account for the Associated Press was hijacked in 2013, it prompted a panic after hackers claimed there was an attack on the White House. The account was promptly taken down. The same account theft techniques may affect newsroom content management systems, and other social media credentials. And as our work becomes more distributed, anti-phishing hygiene and sharing team credentials safely really matters.

An election is just one checkpoint in many major news events. Reach out to Freedom of the Press Foundation’s Digital Security Training team to learn more about how to secure your organization.

Donate to protect press freedom.

Your support is more important than ever.