CISA noted that they would attempt to finish their “coordinated vulnerability disclosure” process quickly, but told Judge Totenberg that the report should not be released to the public before they had completed their work, stating that it could otherwise endanger election integrity. File photo: M_Agency, Shutter Stock, licensed.
WASHINTON, D.C. – A federal cybersecurity agency is currently opposing the release of a report on voting machines used by Georgia and other states that alleges security vulnerabilities, saying its release could “undermine election security” until such time as the agency has had a chance to assess the data and correct any potential security flaws.
The report has been sealed since July as a federal lawsuit has been ongoing in Atlanta that has been challenging the security of the voting machines that Georgia has been utilizing for their elections. The individual who authored the report, J. Alex Halderman – a voting technology expert and the University of Michigan’s Center for Computer Security and Society’s director – has stated in court documents that he discovered “multiple severe security flaws” while examining Dominion Voting Systems machines over a period of 12 weeks.
These flaws, Halderman said, could potentially allow “bad actors” to install “malicious software” in the voting machines and change votes.
The plaintiffs in the case – who are described as voters and election security advocates – have been insisting that a redacted version of the report be released to state and federal election security officials; attorneys representing Georgia have objected, despite Secretary of State Brad Raffensperger himself calling for the report’s release.
SPONSOR: UNITED PATRIOT
However, on February 2, U.S. District Judge Amy Totenberg ruled that the report could be viewed by the U.S. Cybersecurity and Infrastructure Agency (CISA), which has stated that they will analyze the report and work with Halderman and Dominion in order to identify any security flaws and correct them.
CISA noted that they would attempt to finish their “coordinated vulnerability disclosure” process quickly, but told Judge Totenberg that the report should not be released to the public before they had completed their work, stating that it could otherwise endanger election integrity.
“Premature disclosure of Dr. Halderman’s report, even in redacted form, could, in the event any vulnerabilities ultimately are identified, assist malicious actors and thereby undermine election security,” CISA said in court documents.
Halderman said that he was in favor of the unredacted report being released right away, since “there remain serious risks that policymakers and the public need to be aware of.” However, Halderman had previously stated that his examination of Georgia’s Dominion Voting Systems machines did not produce any evidence that their purported security flaws had been used to alter the results of the 2020 election.