US officials and cyber experts warned Tuesday that the voting debacle in the Democratic caucuses in Iowa underscored the vulnerabilities in the country’s election infrastructure in everything from hacking to trust-eroding conspiracy theories.
The technology problems which have prevented a complete vote count in the first test for the 2020 election were founded on what experts described as a poorly-tested, poorly performing vote reporting smartphone app.
“We have every indication that our systems were secure and there was not a cyber security intrusion,” the Iowa Democratic Party said in a statement.
But specialists said that the episode has shown how vulnerable state-based voting is to unproven systems.
“Given the amount of scrutiny that we have on election security these days, this is a concerning event. It really goes to the public confidence of our elections,” acting Homeland Security Secretary Chad Wolf told Fox News.
– ‘Continuing chaos’ –
“The continuing chaos in Iowa is illustrative of our overall failure to take sufficient steps to protect the integrity of our election systems,” said Democratic Senator Mark Warner, co-chair of the Senate Cybersecurity Caucus.
“We need to look holistically at protecting the security, integrity, and resiliency of election systems — from registration systems, to e-poll books, voting machines, tabulation machines, and election night reporting systems.”
The 2016 national election hangs over the coming November presidential and Congressional contests.
The US government says Russian hackers broke into Democratic party communications and systems, stealing documents and emails which were released on WikiLeaks to embarrass the party.
The hackers, which US intelligence says were tied to Russian spy agencies, also made repeated efforts, some partly successful, to break into systems in all 50 states, according to a Senate investigation.
The activity exposed a large gulf between federal cybersecurity efforts and those in the states — where distrust of federal involvement, even assistance, was widespread.
– 2020 threat –
US intelligence officials believe that Russia and other countries are preparing to interfere in the 2020 election, from hacking to disinformation.
And weaknesses are still widespread, especially at local levels.
The McAfee cybersecurity group reported that “significant majorities” of the official election websites in the 13 states viewed as crucial battlegrounds in the presidential race had fundamental security issues.
Many of the websites do not use “https” encryption, McAfee said.
Many also do not use the US government-vetted “.gov” address which can assure users that it is an authentic election website.
Both measures help “prevent malicious actors from launching copycat web domains posing as legitimate county government sites,” McAfee said.
Out of 1,117 counties, 83 percent of websites didn’t use “.gov” and 46 percent lacked “https” protection.
Alex Stamos, director of the Stanford Internet Observatory and former Facebook security chief, describes risks from voter registration rolls to failing voting machines to the possible injection of ransomware into voting systems.
All of that, he says, can be exacerbated by online distortion and false news reporting.
“The largest external risk to American democracy is an attack that combines a technical assault against our widely distributed and poorly secured election infrastructure with disinformation that American partisans will happily amplify,” he said on Twitter Tuesday.
– ‘Rampant’ misinformation –
The issue of fake news was present Tuesday with widespread rumors and conspiracy theories swirling around the Iowa vote.
“This chaos has created an environment where misinformation is now running rampant online, further undermining confidence in the democratic process,” Warner said.
“As we get further into the 2020 primaries, what happened in Iowa is an early warning sign that Congress, local officials, and the social media platform companies have much more work to do to ensure the integrity of our elections.”