Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Denver news in your inbox
Catch up on the most important stories affecting your hometown with Axios Denver
Des Moines news in your inbox
Catch up on the most important stories affecting your hometown with Axios Des Moines
Minneapolis-St. Paul news in your inbox
Catch up on the most important stories affecting your hometown with Axios Twin Cities
Tampa Bay news in your inbox
Catch up on the most important stories affecting your hometown with Axios Tampa Bay
Charlotte news in your inbox
Catch up on the most important stories affecting your hometown with Axios Charlotte
Photo: Brendan Smialowski/AFP/Getty Images
Election Systems and Software (ES&S) admitted to installing remote access software on election management systems sold to “a small number of customers between 2000 and 2006,” which could open it up to manipulation by a hacker. The admission came in a letter to Sen. Ron Wyden (D-Ore.) obtained by Axios and first detailed by Kim Zetter in Motherboard.
Why it matters: Remote access meant those systems, which, among other tasks, have tabulated votes from voting machines, could have hypothetically been manipulated by a hacker.
The intrigue: Zetter wrote an earlier story for the NYT on the use of remote access software in voting machines, in which ES&S denied installing the software.
What they're saying:
- ES&S's letter to Wyden explained the use of remote access software on these machines as an "accepted practice."
- Sen. Wyden said, "Installing remote-access software and modems on election equipment is the WORST decision for security short of leaving ballot boxes on a Moscow street corner. Congress MUST pass my bill to require paper ballots and audits."
The impact:
- More than 60% of votes tabulated across the country in 2006 used ES&S election management systems.
- ES&S says the software was configured to not allow incoming connections, which significantly reduces the risk of an attack but does not outright eliminate it.
- ES&S says it stopped installing this vulnerable software in 2007, which is when new Voluntary Voter Systems Guidelines from the Election Assistance Commission went into effect.
- ES&S wrote in the letter that it has confirmed that the election management systems with the remote-access software installed are no longer using the application today.