Lawmakers have asked some of the nation’s largest voting machine manufacturers whether they’ve ever shared sensitive data with Russian entities as fears of foreign election meddling linger eight months from midterms.
Democratic Sens. Amy Klobuchar of New Mexico and Jeanne Shaheen of New Hampshire sent letters to three major election equipment vendors — Election Systems & Software, LLC; Dominion Voting Systems, Inc.; and Hart InterCivic, Inc. — inquiring about any arrangements that would have resulted in them sharing source codes or other sensitive or proprietary details with Russian firms or figures, their offices announced Wednesday.
“Foreign access to critical source code information and sensitive data continues to be an often overlooked vulnerability,” the senators wrote. “Further, if such vulnerabilities are not quickly examined and mitigated, future elections will also remain vulnerable to attack. The 2018 election season is upon us. Primaries have already begun, and time is of the essence to ensure any security vulnerabilities are addressed before the 2018 and 2020 elections.”
Major tech firms in the U.S. and abroad have previously opened up their software to Russian authorities so that they can be examined for vulnerabilities before being sold domestically, Reuters reported in January.
The practice raised the question of whether election equipment vendors have acted similarly.
“While some companies maintain this practice is necessary to find defects in software code, experts have warned that it could jeopardize the security of U.S. government computers if these reviews are conducted by hostile actors or nations,” the Democrats wrote.
Specifically the senators want to know if companies have shared their source code, sensitive voting data or software that runs on their products with any Russian entity, as well as whether the firms have taken any steps to “upgrade existing technologies in light of the increased threat against our elections.”
“We have yet to formally receive the letter from the senators, but we are confident that Dominion Voting can provide a reassuring response,” Kay Stimson, the company’s vice president of government affairs, told The Washington Times on Thursday. “The company has not had any business dealings with the Russian Federation.”
ES&S said in a statement that it “look[s] forward to responding to Senators Klobuchar and Shaheen and will be happy to make our response public at that time.”
Hart InterCivic said it “has not and will not share any sensitive information” with Russian entities.
“We only share sensitive information about our voting systems as required for testing and certification by the U.S. Election Assistance Commission (EAC) and by certain U.S. state election divisions which have similar testing and certification protocols,” the company said.
Combined, the companies are responsible for providing voting machines and software used by 92 percent of the eligible U.S. voting population, according to the senators.
U.S. officials have concluded that Russian hackers attacked election systems in at least 21 states during the 2016 U.S. presidential race amid a multi-pronged state-sponsored interference campaign allegedly authorized by President Vladimir Putin. The hackers successfully breached either voter registration databases or election websites in seven states, albeit without altering any votes, NBC News reported last month.
Russia is expected to meddle in the November mid-terms, according to multiple U.S. intelligence officials.
“We have seen Russian activity and intentions to have an impact on the next election cycle,” CIA Director Mike Pompeo testified before the Senate Intelligence Committee last month.
Russia has denied hacking American targets. On Monday, Mr. Putin’s spokesman told reporters that the U.S. has a “rich tradition of meddling in the internal affairs and electoral processes in many countries throughout the world.”
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.