CISA: Vulnerabilities in election technology have not been exploited to alter election results
The Cybersecurity and Infrastructure Security Agency (CISA) confirmed that there are vulnerabilities in election technology used in at least 16 states but claims that they haven’t been exploited.
The agency updated its "Rumor Control" website, claiming that believing that a vulnerability necessarily results in hacks and manipulation of election results is a misconception. While all technologies have vulnerabilities, election officials utilize a variety of technical controls to secure the election process.
There is currently no evidence that vulnerabilities in the ballot-marking devices provided by Dominion Voting Systems affected the process in any way, including voting system deleting, losing, or changing votes, according to CISA. Such actions would require physical access to voting equipment or other improbable conditions.
Georgia’s Dominion Voting Systems machines had previously come under the spotlight in a federal court case when a voting technology specialist identified “multiple severe security flaws” that would make the devices susceptible to cyberattacks.
However, the agency claims that such vulnerabilities must be taken seriously, with software patched in time and technical control remaining in place. The advisory notes nine vulnerabilities and possible mitigation strategies, saying that federal representatives closely cooperate with election officials to address those issues.
“These safeguards and compensating controls include measures that seek to identify and mitigate vulnerabilities prior to potential exploitation as well as those that help detect and recover from a malfunction or an actual or attempted exploitation of known or zero-day vulnerabilities,” the website says.
Additionally, CISA explains that voters can’t easily violate the integrity of the mail-in/absentee ballot request process. What is more, even if a state or local government system has been compromised, that doesn’t automatically lead to the violated integrity of one’s vote.
“Election officials have multiple safeguards and contingencies in place, including provisional ballots or backup paper poll books that limit the impact from a cyber incident with minimal disruption to voting,” CISA adds.
More from Cybernews:
Subscribe to our newsletter