In April, voting machine vendor ES&S (44% US election equipment) admitted in a letter to Sen. Wyden that it “installed REMOTE-ACCESS SOFTWARE on election-management systems it sold over a period of 6 years”! ES&S previously lied about this to the NYT! motherboard.vice.com/en_us/article/… 1/
2/ “It’s not clear why ES&S would have only installed the software on the systems of “a small number of customers” and not all customers, unless other customers objected or had state laws preventing this”
3/ Election management systems “sit in county election offices and contain software that in some counties is used to program all the voting machines used in the county; the systems also tabulate final results aggregated from voting machines.”
4/ “ES&S customers who had pcAnywhere installed also had MODEMS on their election-management systems so ES&S technicians could dial into the systems and use the software to troubleshoot, thereby creating a potential port of entry for hackers as well.”
5/ “Motherboard asked a Michigan spokesman if any officials in his state ever installed the pcAnywhere software that ES&S recommended they install, but got no response.”
6/ “If an attacker can gain remote access to an election-management system through the modem and take control of it using the pcAnywhere software installed on it, he can introduce malicious code that gets passed to voting machines to disrupt an election or alter results.”
7/ “Wyden told Motherboard that installing remote-access software and modems on election equipment “is the worst decision for security short of leaving ballot boxes on a Moscow street corner.”
8/
“In 2006, the same period when ES&S says it was still installing pcAnywhere on election systems, hackers stole the source code for the pcAnyhere software, though the public didn’t learn of this until years later in 2012 when a hacker posted some of the source code online.”
“In 2006, the same period when ES&S says it was still installing pcAnywhere on election systems, hackers stole the source code for the pcAnyhere software, though the public didn’t learn of this until years later in 2012 when a hacker posted some of the source code online.”
9/ ES&S defended its installation of pcAnywhere, saying that “other voting system manufacturers” did it too!!!
10/ Motherboard asked two of the other top voting machine vendors—Hart InterCivic and Dominion—if they (like ES&S) had installed remote access software onto election management systems, but “neither responded”!!!
11/ IT Professor & election equipment expert Doug Jones says that “Certainly, [Diebold Election Systems] did the same, as “many of their contracts with customers included the requirement of a remote-login port allowing [the company] to have remote access...” #gapol @markniesse
12/ “Although Wyden's office asked ES&S to identify which of its customers were sold systems with [remote access software] installed, the company did not respond”!!
13/ “All of this raises questions about how many counties across the US had remote-access software installed ... and whether intruders had ever leveraged it to subvert elections.”
14/ Thank you to @r_mccormick for bringing this jaw dropping article to my attention and to @kimzetter for writing it!
15/
16/ Related Thread
17/ Related:
18/ More on ES&S and its election equipment.
19/ I discuss ES&S’s history and ties to Council for National Policy in this sourced article. medium.com/@jennycohn1/up…
20/ Related Thread about ES&S and its popular DS200 scanners that were “upgraded” in 2015 to include cellular modems!
21/
22/
23/
24/
