SPONSORED:

Senate Intelligence Committee members raise concerns about voting system vulnerabilities

Senate Intelligence Committee members raise concerns about voting system vulnerabilities
© Getty Images

A bipartisan group of lawmakers on the Senate Intelligence Committee raised concerns Wednesday about the election voting systems provided by one of the largest vendors in the United States, questioning whether the company is doing enough to safeguard itself from hackers. 

Four committee members wrote in a letter they were disappointed that Election Systems & Software (ES&S) has not agreed to undergo independent testing to determine the security level of its systems.

The letter comes after an annual hacking conference earlier this month appeared to reveal security vulnerabilities in ES&S voting systems.

ADVERTISEMENT

"We are concerned that ES&S and other election system providers may not be prepared for the growing threats to our elections,” Senate Intelligence Committee Vice Chairman Mark WarnerMark Robert WarnerHillicon Valley: Senate Intelligence Committee leaders warn of Chinese threats to national security | Biden says China must play by 'international norms' | House Democrats use Markup app for leadership contest voting Senate Intelligence Committee leaders warn of Chinese threats to national security Defense policy bill would create new cyber czar position MORE (D-Va.) and Sens. Susan CollinsSusan Margaret CollinsThe Hill's Morning Report - Presented by Mastercard - Congress inches closer to virus relief deal Lawmakers pressure leaders to reach COVID-19 relief deal Biden says GOP senators have called to congratulate him MORE (R-Maine), James LankfordJames Paul LankfordEthics experts ask Senate to investigate Graham's probe of mail-in voting The Hill's 12:30 Report - Presented by Capital One - Pfizer unveils detailed analysis of COVID-19 vaccine & next steps GOP senators congratulate Harris on Senate floor MORE (R-Okla.), and Kamala HarrisKamala HarrisBiden officially clinches Electoral College votes with California certification Hillicon Valley: Senate Intelligence Committee leaders warn of Chinese threats to national security | Biden says China must play by 'international norms' | House Democrats use Markup app for leadership contest voting Trump campaigns as wild card in Georgia runoffs MORE (D-Calif.) wrote in a letter to the company.

The senators criticized ES&S for its refusal to allow independent testing of its systems at the popular DEFCON convention, where hackers attempted to find ways to exploit voting technology.

"We are disheartened that ES&S chose to dismiss these demonstrations as unrealistic and that your company is not supportive of independent testing," the lawmakers wrote in their letter to CEO Tom Burt. "We believe that independent testing is one of the most effective ways to understand and address potential cybersecurity risks.”

Sen. Ron WydenRonald (Ron) Lee WydenHillicon Valley: Government used Patriot Act to gather website visitor logs in 2019 | Defense bill leaves out Section 230 repeal, includes White House cyber czar position | Officials warn hackers are targeting vaccine supply chain Government used Patriot Act to gather website visitor logs in 2019 Despite veto threat, Congress presses ahead on defense bill MORE (D-Ore.), a member of the Intelligence panel, separately slammed ES&S on Wednesday for failing to provide answers to basic questions about its cybersecurity practices.

“It is inexcusable that American democracy depends on hackable voting technology made by a handful of companies that have evaded oversight and stonewalled Congress. That must end,” Wyden said during a Senate Rules Committee hearing, according to a transcript of his remarks.

Wyden and other lawmakers became alarmed by some of the company's practices after The New York Times reported in February that ES&S had installed remote access software onto the voting technology it sold. The company later admitted to installing such software on a "small number" of election management systems between 2000 and 2006.

ES&S quickly pushed back on the lawmakers' claims that they do not independently test their products. 

"Any assertion that our products are not thoroughly and independently tested is erroneous," the company said in a statement. "In fact, ES&S products are certified by the U.S. government, which conducts testing independent of our own testing. In addition, our products are tested by a number of third-party experts."

The election systems company offered to meet with each senator to discuss how they could take further measures to ensure U.S. elections are secure.

"We look forward to fully addressing each question expressed in their letter, and extend an invitation to each Senator to meet with us to discuss all of the protective steps we have taken and continue to take to ensure the integrity of America’s democracy," the statement continues.

The criticism from the senators comes amid heightened fear that foreign adversaries may seek to interfere in the 2018 midterm elections and other subsequent U.S. elections.

“As members of the United States Senate Select Committee on Intelligence, we agree with the conclusion of the Intelligence Community: America’s elections are the target of unprecedented attacks by foreign adversaries,” the four senators wrote in their letter to Burt. “Free, fair, and trusted elections are the bedrock of our democracy, and safeguarding our elections is an urgent national security priority."

Microsoft announced earlier this week that it had shut down six websites created by a hacking group known as "Fancy Bear," which has been linked to Russia's intelligence agency. The hackers targeted two conservative think tanks that have been critical of the Kremlin, in addition to targeting the U.S. Senate, though Microsoft said the attacks were not specific to a "particular" office or senator.

Fancy Bear is an active, powerful hacking group whose attacks have included the successful hack of the Democratic National Committee (DNC) in 2016.

Special counsel Robert MuellerRobert (Bob) MuellerBarr taps attorney investigating Russia probe origins as special counsel CNN's Toobin warns McCabe is in 'perilous condition' with emboldened Trump CNN anchor rips Trump over Stone while evoking Clinton-Lynch tarmac meeting MORE, who is investigating Russian interference in the 2016 election, indicted a dozen Russian intelligence officials for their involvement in the DNC hack.

-- Updated 5:35 p.m.