A federal agency is reviewing a so-called secret report on alleged vulnerabilities in Georgia’s voting equipment.
The Cybersecurity and Infrastructure Security Agency, an arm of the Homeland Security Department, is assessing the fresh doubts being cast on the security of Dominion Voting Systems and is asking a judge to hold off on ordering the release of the report authored by Alex Halderman, a computer science professor at the University of Michigan, which could have implications for election technology used in states across the country.
“Such premature disclosure increases the risk that malicious actors may be able to exploit any vulnerabilities and threaten election security,” the CISA said in a court filing Thursday.
Halderman, an expert for plaintiffs in a long-running lawsuit seeking to get Georgia to ditch electronic voting machines in favor of hand-marked paper ballots, was granted access to Dominion voting equipment in Fulton County for 12 weeks and produced a 25,000-word “secret report” that has been filed under seal, according to the Atlanta Journal-Constitution.
Georgia Secretary of State Brad Raffensperger, a Republican official who has vehemently defended the integrity of the 2020 election in the face of fraud claims by former President Donald Trump and his allies, has criticized Halderman and called for the report’s release, insisting that media reporting about it are sowing distrust ahead of the 2022 midterm elections. Raffensperger said in a statement last month that the report is “not an objective, academic study by a non-biased actor.”
ANTRIM COUNTY VOTING MACHINE REPORT FROM MICHIGAN REFERRED TO JAN. 6 COMMITTEE
Dominion, which has filed a wave of high-dollar defamation lawsuits over claims of alleged fraud in the 2020 election, also cut at the credibility of Halderman’s review in Georgia and voiced support for releasing his findings.
“Security assessments of any system, including voting systems, should always include a holistic approach of all safeguards in place, including procedural and technical safeguards. There is a reason why US voting systems rely on bipartisan election officials, poll-watchers, distributed passwords, access controls, and audit processes. The review conducted in the Curling case did not take this approach,” John Poulos, president and CEO of Dominion, said in a statement released by Raffensperger’s team. “Dominion supports all efforts to bring real facts and evidence forward to defend the integrity of our machines and the credibility of Georgia’s elections.”
Halderman also wrote a report released by the Michigan Department of State arguing that human error led to early tabulation errors in Antrim County, Michigan, in the 2020 election cycle. He acknowledged vulnerabilities in the election technology, but similar to what he said about the 2020 election in Georgia, he stressed that “there is no evidence that any of these problems was ever exploited in Antrim County.”
U.S. District Judge Amy Totenberg, who is presiding over the Georgia case, allowed the release of the report to the CISA and was asked last week by David Cross, an attorney for the plaintiffs, to release a redacted version of the report within 30 days. “Sending it to CISA for this purpose so that they can basically make the independent decision of how to do that balancing act is appropriate,” Cross said. “The public is entitled to have an understanding of the general matters covered in the report.”
CLICK HERE TO READ MORE FROM THE WASHINGTON EXAMINER
Lawyers representing CISA said in a court filing that any disclosure, even in redacted form, should wait until after the agency and the vendor complete a review and noted it will provide an update to the court within 30 days. “CISA’s goal is to disclose any confirmed vulnerabilities and associated mitigations to the public in a coordinated way, so the entire cyber ecosystem can benefit while minimizing the risk of harm to election security,” the filing said.
An agency spokesperson told the Washington Examiner: “CISA works regularly with companies and researchers to identify, mitigate, and disclose vulnerabilities in a timely and responsible manner. We are working through the established Coordinated Vulnerability Disclosure Process with the relevant parties pursuant to the Court’s authorization. Otherwise, we are not able to comment on ongoing litigation. For more information on the vulnerability disclosure process, please visit cisa.gov/coordinated-vulnerability-disclosure-process. As the Sector Risk Management Agency for election infrastructure security, CISA will continue to work closely with state and local election officials and the vendor community to help them ensure the security and integrity of our elections.”
