A computer science professor told the Senate Intelligence Committee Wednesday that voting machines that create an electronic record of the voters' decisions are open to fraud and computer hacking, vulnerabilities that are big enough to potentially change the outcome of some elections.
J. Alex Halderman, professor of computer science at Michigan University, said he and his team began studying "direct-recording electronic" (DRE) voting machines 10 years ago and found that "we could reprogram the machine to invisibly cause any candidate to win. We also created malicious software — vote-stealing code — that could spread from machine-to-machine like a computer virus, and silently change the election outcome."
Halderman's testimony comes as the committee is trying to assess the scope of Russia's attempts to not only spread disinformation in the 2016 elections, but also its efforts to hack into U.S. voting systems.
As a computer science professor, Halderman has not only run academic trials on hacking voting machines, he has also run real-time examples.
"The one instance when I was invited to hack a real voting system while people were watching was in Washington D.C in 2010, and in that instance it took less than 48 hours for us to change all the votes and we were not caught," Halderman said about the experiment.
The committee has heard from multiple experts who have said the Russian efforts in 2016 did not result in any changed votes. Additionally, not all states or local election jurisdictions use the DRE voting machined described by Haldeman.
But Halderman said he does not believe claims that because some voting machines aren't connected to the Internet, they are somehow safe.
"Attacking the IT systems of vendors and municipalities could put the Russians in a position to sabotage equipment on election day, causing voting machines or electronic poll books to fail, resulting in long lines or other disruptions," Halderman said.
The committee has heard testimony for months now that Russia's efforts to disrupt the 2016 elections were not a one-time attempt, and that the threats will continue to grow and become more sophisticated.