Millions of voters have cast their ballots in Georgia using machines that offer a now-common experience: Press the touch screen, record your choice on anything from a local mayoral race to a presidential election.
It is a simple action that belies the complex system that supports it. And it is a system that is under increasing attack.
Georgia’s aging election system has flaws that could be exploited if a malicious hacker ever breached it, experts say. It’s a fear that has escalated with regular news reports about alleged attempts by Russian hackers to meddle in the 2016 presidential election, an issue raised again last week by the release of a leaked National Security Agency document.
There is no evidence Georgia’s more-than-a-decade-old system has been hacked, officials in Georgia and experts say. Georgia has employed an ongoing, multilayered effort to secure the system’s safety and integrity.
Officials here are well aware of the threats that loom on the cyber horizon. Voter confidence in the system is most important to them. But putting in a new, updated one — with its myriad components — would cost tens of millions of dollars.
That day may soon be approaching.
Georgia last overhauled its system in 2002, at a cost of at least $54 million, when it committed to the electronic voting machines that voters use today. They were state-of-the-art then, a nod to the booming use of technology. Still, a number of experts and advocates say the machines are missing an important check-and-balance: paper.
It’s a complaint some have made against the touch-screen system since it was installed.
“A paper ballot is verifiable, created in a secure environment,” said Marilyn Marks, the executive director of the Rocky Mountain Foundation.
She was one of the plaintiffs in a recent lawsuit that tried to force the state to switch to hand-counted paper ballots ahead of the nationally watched June 20 runoff election in Georgia’s 6th Congressional District.
A Fulton County judge dismissed that request Friday, as early voting over the past two weeks has soared to more than 93,000 ballots cast in the district in Atlanta’s northern suburbs in the contest pitting Republican Karen Handel against Democrat Jon Ossoff.
While the lawsuit was dismissed, concerns with the system remain.
“I think this is a serious issue,” Superior Court Judge Kimberly Esmond Adams said during the hearing on the case. “It seems to me the state of Georgia would be well-served to implement a paper ballot audit trail.”
If that happened, it would need buy-in from the the very top of Georgia’s government.
“If people want to change the law, change the system, we can certainly look at doing that,” said Georgia Secretary of State Brian Kemp, the state’s top election official. “I’m certainly open to that, but that’s going to take a lot of money, it’s going to take a big effort. You’ve got to have the governor on board, secretary of state, you’ve got to have the Legislature, and there’s a lot of work.”
“But I do know this,” Kemp added, “our system’s secure. There’s no evidence that our system is not working correctly. … They haven’t been hacked, they haven’t been infiltrated and that’s something that really over the last four years we’ve spent a lot of time working on.”
The news three months ago of a potential data breach at Kennesaw State University’s Center for Election Systems raised alarms that for critics of Georgia’s system is still ringing.
As many as 6.5 million voter records were potentially vulnerable in what the Federal Bureau of Investigation later said was a probing of the center’s system by a “security researcher” that broke no federal law. But critics said the incident raised serious questions.
According to top state officials, the center had received a warning before the presidential election that a server system used by its election center may be vulnerable to unauthorized access. The probing incident in early March, they said, was the second contact by the researcher about the problem, although they said it was only the first time they heard of a problem from university officials.
While the center itself is locked to the outside and requires badge access, an incident report about the breach cited concerns inside the center that included an unlocked IT closet and wires plugged into an internet port that had not been documented.
The more than 27,000 machines in Georgia are self-contained and never connected online — not during testing and not during an election. That means they can’t be directly accessed from the outside.
The state says all machines are tested at least five times around elections to show they are working properly and accurately. That’s important, since the operating software used to run the machines is Windows 2000 — software no longer supported by Microsoft.
Access to the machines is limited when they are not in use for voting. They are kept locked, with additional plastic seals affixed to the machines that would need to be broken to get into them.
For critics, however, that doesn’t make the system safe. They say, for instance, someone could indirectly get into the system through a rogue memory card or other device inserted in one of the voting machines.
Critics say, at the very least, the state should run a technical review of the entire system to check for cyber penetration and add preventive measures to protect against both malicious attacks and unintended problems.
State officials cited the consistent testing they do, including both before and after elections. Those audits and tests have to come back clean for the machines to stay in use.
Edward W. Felten, a cybersecurity expert from Princeton University who has studied electronic voting systems, said Georgia is overrelying on the machines’ reporting that everything is fine.
“You’re asking the machine itself whether it has honestly reported the results,” said Felten, who in lab settings has been able to corrupt similar machines with malware that he said would be almost undetectable during regular operation. “My opinion is that the system cannot be safely and accurately used.”
Neither Felten nor others, however, could say whether the system was actually infected. Felten knew of no examples of active attacks on these types of machines currently.
Merle King, the executive director of Kennesaw’s election systems center, said the system was certified to federal standards when it was adopted in 2002. Those standards were set under 1990 federal guidelines. Kemp, citing certifications the state has issued as recently as 2015, says the system also meets requirements under state law.
Felten said the state’s certification is too old and should be redone to account for updates. He said it is “not generally” common practice to do separate certifications and piece them together.
According to a Reuters analysis last year, about 44 million voters across the nation — or about 25 percent — rely on similar paperless systems, including in Pennsylvania and Virginia.
When Georgia committed to the machines, it eliminated a paper trail of recorded votes. Cybersecurity experts say one way Georgia could mitigate concerns about the machines is by having some sort of paper trail that voters could verify as being correct.
Esmond Adams, the judge, seemed to give credence to this view in her ruling, saying “plaintiffs’ concern that” the direct-recording electronic voting system lacks a way for a voter to verify his or her vote is “legitimate.”
Georgia tried to do that about a dozen years ago, attaching paper spools to the machines as part of a pilot program in three counties. It went poorly enough that the state dropped the idea. Auditing the spools from one precinct took almost six days, Cobb County Elections Director Janine Eveler said. It was, she said, “quite cumbersome.”
That doesn’t mean there aren’t paper ballots in use today, such as absentee ballots voters can request by mail ahead of an election.
But wholesale change in Georgia requires a new system and, as Kemp said, both sign-off from lawmakers and the governor as well as the money to pay for it.
Until then, voters overall appear comfortable casting their votes on the machines — even as some recognize why there are concerns.
“I think that is going to be the issue going forward for the next generations,” said Justina Moore, a stay-at-home mom from east Cobb County who voted Saturday. “That’s a whole new internet piracy thing. It’s going to be a future concern.”
Support real journalism. Support local journalism. Subscribe to The Atlanta Journal-Constitution today. See offers.
Your subscription to the Atlanta Journal-Constitution funds in-depth reporting and investigations that keep you informed. Thank you for supporting real journalism.
Channel 2 Action News reporter Aaron Diamant contributed to this article.