No evidence of cyber attack in Durham’s 2016 election, feds say
There’s no evidence that the 2016 Election Day problems in Durham were the result of cyber hackers, according to the federal government.
Special Counsel Robert Mueller’s report on Russian election interference said a company — whose description closely matched the company that provided voter check-in software for Durham and other North Carolina counties in 2016 — was targeted by hackers. And Durham experienced widely reported issues with that check-in software during the 2016 elections.
State officials have long said they believed the problems were just due to human error, however, and not anything malicious like foreign hackers. But after the Mueller report’s findings on election interference became public earlier this year, officials at the Department of Homeland Security agreed to look into the Durham situation.
On Monday, putting an end to their months-long investigation, they announced they had found nothing to indicate a cyber attack.
Phillip Lehman, chairman of the Durham County Board of Elections, called the report “compelling evidence that there were no cyberattacks impacting the 2016 election in Durham.”
“As we have acknowledged, there was human error in the preparation of electronic poll books,” Lehman said in a news release announcing the investigation’s findings. “Since that time, the Durham County Board of Elections has implemented additional training, security measures and staffing changes. Elections in 2017, 2018 and 2019 were conducted efficiently and accurately with no significant incidents.”
What the investigation found
The unclassified, heavily redacted version of the Homeland Security election hacking investigation report available to the public says the investigators were “unable to identify any artifacts suggesting the presence of malware or unauthorized remote access.”
The investigators did find a new user account that was created on Election Day, which they flagged in the report. They also said one account — it’s unclear if it’s the same one, since any account names are redacted — was used to upload a file to a desktop computer in the Durham election office.
Homeland Security officials deemed that computer “a high value target.” However, they said, they couldn’t determine what was in that file.
They also said someone used that desktop computer to access a personal email account on Election Day and then visit at least two websites, whose names were also redacted. But the investigators didn’t raise alarm over that, saying the outside websites didn’t appear malicious based on several testing methods.
Security improvements
Karen Brinson Bell, executive director of the N.C. State Board of Elections, said Monday that state and county officials will continue working to improve poll workers’ training before the 2020 elections.
“This issue highlights the importance of poll worker training by elections officials and the vendors whose products are used in North Carolina,” she said in the news release. “Election security is an ongoing process, and the State Board will continue to work with the 100 county boards of elections and our state and federal government partners to improve security at every step in the voting process.”
Homeland Security gave tips to state and local officials — which were redacted from public view for security reasons — and Bell said that Durham has already implemented “many” of them and is working on others.
With the 2016 problems that Durham experienced, the software in question couldn’t have been used to change any votes. It was used only to check voters in when they came to vote. However, the glitches still caused chaos, forcing voting to stop for a short time before being extended later into the night by an emergency court order.
The problems with the software included it “erroneously identifying voters as having already voted, identifying registered voters as unregistered, and prompting poll workers to ask voters to present an ID when IDs were not required to vote at that time,” according to the Homeland Security report. That matches previous reporting by The News & Observer and other news media.
Elections officials didn’t keep track of how many voters were turned away from the polls while the software was broken and never returned.
Redacted report
Homeland Security gave the report to Durham officials, who then gave it to state officials around Thanksgiving, said Patrick Gannon, a spokesman for the state elections board.
They spent the last five weeks reviewing the report and making the necessary redactions before showing it to the public.
”We wanted to be careful that we did not release information that could put the State Board or any counties at risk of a cyberattack in the future,” Gannon said in an email.
He added that there are “no other incidents like this one still outstanding” in North Carolina.
For more state government news, listen to Domecast, the politics podcast from The News & Observer and the NC Insider. You can find it on Megaphone, Apple Podcasts, iHeartRadio, Stitcher or wherever you get your podcasts.
This story was originally published December 30, 2019 at 5:14 PM.
