HARRISBURG, Pennsylvania (Reuters) - U.S. election officials responsible for managing more than a dozen close races this November share a fear: Outdated voting machines in their districts could undermine confidence in election results that will determine which party controls the U.S. Congress.
In 14 of the 40 most competitive races, Americans will cast ballots on voting machines that do not provide a paper trail to audit voters’ intentions if a close election is questioned, according to a Reuters analysis of data from six states and the Verified Voting Foundation, a non-political group concerned about verifiable elections.
These include races in Pennsylvania, New Jersey, Texas, Florida, Kansas and Kentucky. Nationwide, of 435 congressional seats up for grabs, 144 are in districts where some or all voters will not have access to machines using paper records, the analysis shows. While something could go wrong in any of those districts, it is in the close elections where a miscount or a perception of a miscount matters most.
Most of the dozen-plus state and local election officials interviewed by Reuters said they worry about bad actors hacking the older electronic voting machines to alter ballots, and then being unable to verify the results because there will be no paper trail. But the officials worry most about voters losing trust in elections, because officials would not be able to visibly demonstrate that the tally was indeed accurate.
“Voter confidence is a really big thing, and it’s the battle I worry about losing,” said Pennsylvania’s elections commissioner, Jonathan Marks. His state has four of the country’s most hotly contested elections – all of them in counties that use the older machines.
While there is no evidence that any voting machines were hacked in the 2016 presidential election of Donald Trump, there is increased anxiety, in large part because of U.S. intelligence findings that Russia actively sought, mostly through manipulation of social media, to sow distrust.
Trump himself has been accused by opponents of undermining confidence in the U.S. election system by falsely claiming that Hillary Clinton’s victory in the popular vote was due to massive voter fraud in favor of his Democratic opponent. No evidence of such fraud has been found.
Most election officials interviewed by Reuters said they neither have the time nor the money to install voting machines that have a verifiable paper backup in time for the 2018 election. Officials believe paper is the best way to verify disputed election results because it can be physically examined and counted.
The Department of Homeland Security declared last year that Russian hackers had probed election-related computer systems in 21 of the 50 states during the 2016 election and that a small number were compromised. U.S. officials said, however, there was no evidence votes were altered in 2016.
Intelligence agencies expect more meddling leading up to the 2018 elections. “The intelligence community has been clear that the threat and desire to undermine confidence in our democratic institutions remains,” said Matt Masterson, senior cyber security adviser in the Department of Homeland Security.
Voting machines are generally not connected to the internet and therefore are difficult to hack. But even if hackers don’t get in during the moments they might be linked to the internet, if voters are led to believe that the results are faked or mistallied, the mistrust of the system could undermine faith in elections, said Washington State Secretary of State Kim Wyman.
“If people perceive somebody cheated, then it’s as if somebody cheated,” said Wyman.
Many states switched to electronic voting machines after paper ballot disputes cast a pall over Republican George W. Bush’s victory over Democrat Al Gore in 2000. But with cybersecurity a nascent concern at the time, securing machines against potential hackers was largely an afterthought.
Last fall, Virginia became the only state since the 2016 election to replace all of its paperless touchscreen machines after its board of elections decertified them.
The state acted after hackers at the annual Def Con hacking conference in Las Vegas demonstrated how they could quickly break into electronic machines, including some of the models used in Virginia. Other states ordered their counties to upgrade, but they were delayed by lack of money and the difficult logistics of procuring new equipment.
For the most part, the Def Con exercise discovered vulnerabilities by physically accessing voting machines, in some cases literally pulling them apart to find security weaknesses.
Earlier this year, Congress appropriated $380 million to upgrade election systems across the country, but state and local officials say the amount is both too little and comes too late for them to buy new machines for the 2018 election.
In Pennsylvania, for instance, the state has ordered local jurisdictions, which are charged with administering elections, to update their systems by 2019. It will cost up to $150 million, said Kathy Boockvar, Pennsylvania’s senior adviser to the governor on election modernization, but the federal government funding provides only $14 million of it.
To help states shore up their systems in the meantime, DHS offers states weekly updates on cyber threats and sends computer experts to check the security of local systems, said Masterson, the cybersecurity adviser at Homeland Security.
Florida hired a cybersecurity firm to analyze its systems.
In Kentucky, the state brought in federal advisers to train county election chiefs on security risks. It plans to train another 15,000 poll workers before November’s election, said Alison Grimes, Kentucky’s secretary of state.
Reporting by Sharon Bernstein in Harrisburg, Pennsylvania, Dustin Volz in Washington, D.C., Jim Finkle in Montreal, and Grant Smith in New York; Editing by Damon Darlin and Ross Colvin