Security in Omaha-Built Voting Machines Make Hacking Difficult

Aug. 13, 2021, 7 a.m. ·

Hand holds a voting ballot and enters it to a machine to scan.
Nebraska Deputy Secretary of State for Elections Wayne Bena testified on the state’s election integrity in front of the U.S. Senate Committee on Rules and Administration Wednesday.

Listen To This Story

The 2020 Presidential Elections may be over, but there’s still concerns about the voting results, like the GOP-led review of the 2020 general election in Arizona’s largest county. Cyber Ninjas, a Florida-based cybersecurity company, is preparing its findings soon. But one of the largest voter technology manufacturers in the country said the elections were the most secure in history -- and they’re a Nebraska based company in Omaha.

Election Systems and Software, or ES&S has been building voting machines, ballot marking devices, scanners and more for 40 years. The Omaha-based company serves about half of the election jurisdictions in the country, including Nebraska. Chris Wlaschin is the company’s senior vice president and chief information security officer. He said their sole business is to deliver secure and accurate elections like 2020’s.

"The 2020 November election was the most secure in our nation's history, because of the years of preparation that state and local election officials, federal government, the FBI, and election technology manufacturers, like ES&S, working together to make sure that the equipment is reliable, that the processes are repeatable, and that the elections are auditable," he said.

Every component used in ES&S machines are built in certified facilities and there’s up to 10 locks on each machine, preventing unauthorized access inside. They guard the machines, run tests, federal voting systems test labs check them again, and they send equipment to independent third party security companies like the Idaho National Lab. The federal lab that usually tests nuclear power tested their machines for eight weeks in 2019. Wlaschin said there have been no successful attacks against their equipment.

"When we develop the hardware or we write the software, it goes through thousands of hours of testing to make sure that it cannot be manipulated," Wlaschin said. "If somebody tried to hack the device or change the software, we would be able to detect it."

ES&S voting machines have four backups to recount results: an encrypted specialized USB stick, a backup stick, printed result rolls from the machine, and paper ballots. The machines are tested, before, during, and after elections and they aren’t connected to the internet or each other in any way. University of Nebraska-Lincoln Political Science Professor John Hibbing said that’s an important advantage.

"Our system is very decentralized, so we have 50 different states and the states have different units that run their own thing," Hibbing said. "So, it'd be difficult to hack all that at the same time. It's not like there's a central unit."

The Department of Homeland Security also scans the company’s corporate networks, with no compromises found so far. From the time ES&S designs a machine to the time they write software and deliver it, Wlaschin said every piece of equipment is purposely built to count votes accurately.

"Occasionally you hear about a programming error where a county ballot left off a candidate, or a race, or they were organized differently that ultimately resulted in confusing voters," Wlaschin said. "Those are isolated incidents, and they in no way imply that there's hacks against the technology. Generally they're human error, they're caught right away, and they're fixed."

Gus Hurwitz said voting machines take out the potential for human mistakes, so the elections are more reliable. He’s the Menard Director of the Nebraska Governance and Technology Center and an associate professor of law at University of Nebraska-Lincoln.

"If you have 100,000 paper ballots that you're having the Election Commission count through and process, probably, if they were to count those 100 ballots three times, they would get different results." Hurwitz said. "They be roughly the same, but there are going to be some ballots that we just make some counting mistakes. Computers don't make those sorts of mistakes."

Hurwitz and UNL professor John Hibbing said the elections are more secure now since it’s difficult for hackers to alter the electronic and paper votes. However, Hurwitz said the real threat to elections aren’t the machines, but misinformation and lack of trust in the voting process.

"If I were a malicious actor, if I were a country, the single best thing that I could do would be convince people that I might have compromised a voting machine without ever having touched it, because then people aren't going to trust it," he said. "You can have all the audits you want, you can have all the forensic analysis, all the security professionals and experts, they're never going to find anything wrong with it, because I never touched it. But, they're never going to be able to prove that I didn't get in and mess with the machine."

That seems to have been a fairly effective strategy, with millions of Americans who still believe the 2020 elections were rigged, without any evidence. But, Hibbing said despite such a high voter turnout, with more mail-in voting due to the pandemic, Nebraskans should be proud of how secure and safe the elections here and nationwide actually were.