At an impromptu press conference earlier this fall, former CU regent and 2022 GOP gubernatorial candidate Heidi Ganahl laid out a litany of concerns about what she claimed were potential vulnerabilities in the upcoming election.
During the press conference and in interviews after, both Ganahl and supporters repeated a long-running claim regarding election security: that ballot countering machines can connect to Wi-Fi, and therefore can be hacked into.
“I'm very concerned that Colorado's elections are not quite the gold standard we proclaim, but a bit of fool's gold,” Ganahl said. “Any wireless remote access hardware (or) software should be removed from all voting equipment immediately to restore some measure of justified trust and confidence in our upcoming election,”
Colorado’s election officials say it’s just not technically feasible for a hacker or group of hackers to do what Ganahl and others fear, but, as county clerks replace their equipment, they hope the new generation of machines puts this issue to rest once and for all.
What is in the old machines
Most of the computers involved in Colorado’s elections are originally made by Dell, according to documents from the Secretary of State's office, and configured by Dominion Voting Systems. Until recently, that hardware included a network interface card.
Those cards, though, are only one of five different pieces of hardware and software a device must have in place to be able to connect to the internet.
In an email to CPR News, the Colorado Department of State explained that no voting equipment in Colorado has ever been allowed to be connected to the internet, as stated in Rule 20.5.3 of Colorado’s Election Laws, and that there are systems in place to make sure it doesn’t happen.
“Department civil servants, accompanied by background checked county clerk or designee, ensure that any wireless capability is disabled during the ‘trusted build.”’ the Colorado Department of State wrote in an email.
The trusted build is a regular update conducted between elections. The process is highly controlled and takes place in a secure environment. (Former Mesa County Clerk Tina Peters was recently given a nine-year sentence in part for helping sneak an unauthorized person into her county’s trusted build in 2021.)
That hasn’t stopped election skeptics from worrying the machines’ Wi-Fi capacity could be triggered remotely.
“There are some people with really creative ideas, and I appreciate their creativeness,” said Carly Koppes, the Weld County Clerk and Recorder. “But the reality is that there are layers upon layers of security measures around it, to where if this is a component that has wifi in it, it is nearly impossible to get in there and expose it.”
Koppes added that most clerks are open to showing and explaining to community members how the system and tabulation machines work.
“Most of us offer tours during the election. So if you do not trust it, and are adamant about it, please come in and let's talk about it,” Koppes said. “I will walk you through exactly what you are questioning and show you, this is how this actually operates.”
Those familiar with the technology also point out that the kind of fraud people fear would require someone to breach the security of thousands of individual machines across the country.
“Hacking voting machines on a scale that would have national impact would require coordination across multiple states, (plus) knowing the details of their particular machines and voting processes and so many other factors,” explained Chris Nelson, a principal DevOps engineer with an interest in coding and hacking, specifically in election security. “A conspiracy that size that is successful and undetected is really hard to comprehend.”
Nelson has over 25 years of experience in network security and RF hacking, which involves Wi-Fi, and has attended multiple DEF CON conferences, the annual hacker convention that focuses on cyber security. Since 2017, a feature of the convention has been the Voting Village, where hackers explore different aspects of election security and report vulnerabilities they find.
“Why hasn’t (election tampering) been done widespread? I think for a few reasons. Physical access to the machines is controlled tightly and the multiple well-thought-out fail-safes, like physical ballot auditing,” Nelson said.
Boulder County Clerk and Recorder Molly Fitzpatrick also noted that in Colorado tabulation numbers are backed by the paper ballots. If someone were inside the tabulation machines, flipping votes, post-election audits would spot the difference.
“The really great thing about Colorado is that we vote on paper. We can compare the tabulation report to the physical paper ballot, and that’s what we do as part of our regular election process,” Fitzpatrick said. “That is the ticket to voters understanding that the tabulation system is working properly.”
New machines aim to remove doubts
Clerks are clear that the safeguards in place have kept their machines free from hacking. But as they have started upgrading their equipment over the past year, they’re moving to machines that don’t include wifi software or hardware.
“Equipment comes to the end of life and the vast majority of counties now have equipment that doesn't even have the capability (to connect to Wi-Fi),” explained Fitzpatrick. “There's nothing to go in and disable because it doesn't even exist on the new equipment.”
Only two of Colorado’s counties, Douglas and Garfield, use equipment from a maker other than Dominion. Instead, they use the ClearBallot Clear Vote 2.3 system, which is restricted from connecting to wifi through an encrypted closed wired ethernet. According to the Clear Ballot Group, there are no wireless or internet connections in their machines.
Many layers of security prevent in-person tampering too
While internet rumors have swirled around the wifi capacity dormant in older voting equipment, the most likely way someone could try to hack into the system would be through a physical connection, according to Nelson, the network security expert.
“With physical access to a machine and without worrying about getting caught, hacking voting machines is doable to varying degrees,” Nelson explained. “But the caveat there is important: physical access to do whatever you want.“
To prevent that, counties keep their machines in secured rooms with 24-hour video surveillance. Some counties across the state also take extra measures to ensure the hardware security of tabulation machines.
In El Paso County, the CPU, or “the brain” of the tabulation machines, is inside a security cage, like the ones used in data centers. El Paso County also has port locks on their CPUs, which add additional security control and prevent unauthorized devices from accessing the machine.
No election staff, judge or watcher can access these components, Steve Schleiker, the El Paso County Clerk and Recorder, explained via email.
And even if someone was able to gain physical access, Nelson said they would still have to figure out a way to get the system to do what they want. “That is to say, it’s not as simple as just saying, ‘Okay, make all votes go to Ron Swanson.’”
Anyone who does try to mess with the state’s election equipment is also taking a big legal risk.
After Tina Peters’ arrest, Colorado made it a felony to improperly access voting equipment, facilitate access to voting equipment without authorization and publish voting system passwords online. And at the federal level, the U.S. voting system was declared critical infrastructure in 2017, alongside nuclear power plants and national banks, unlocking additional protections.
Doug Spencer, an election law expert at the University of Colorado Boulder, said in the case of tampering with elections, the justice system is on guard.
“These are not small crimes. These are not small allegations. These are not small issues. And we talk about them very seriously,” Spencer said. “I think we have very strict laws. I think that the laws protect us against widespread voter fraud.”
For Spencer, Colorado’s handling of the Peters case shows the system is working.
“I do think, in Peters’ conviction and for people who broke into the Capitol on January 6th, those send a signal to people that this is not a game and it's not tolerated,” Spencer said.
