Modems help election officials report results quickly, but security experts say they’re too dangerous to trust.
An election worker loads ballots into a scanning machine at the Miami-Dade County Board of Elections, in October 2020, in Doral, Fla. | Lynne Sladky/AP Photo Types Of Voting Machines
There’s a largely overlooked hacking target that could help those who want to sow doubt about vote tallies in the November midterms: cellular modems that transmit unofficial election-night results.
The modems, which send vote data from precincts to central offices using cellphone networks, help election officials satisfy the public’s demand for rapid results. But putting any networking connection on an election system opens up new ways to attack it that don’t require physical access to machines, and security experts say the risks aren’t worth the rewards.
“You’re counting on a bunch of infrastructure to deliver data back and forth, and it’s well within the capabilities of nation-state hackers to break into that infrastructure,” said Dan Wallach, a Rice University computer science professor who has repeatedly exposed flaws in election equipment.
While tampering with unofficial results wouldn’t actually corrupt an election’s outcome, it could fuel misinformation about both the accuracy of the vote tally and the integrity of the process. That’s a particular concern since the 2020 election, in which then-President Donald Trump seized on large discrepancies between early returns and final vote counts to falsely allege widespread fraud.
At least six states — Florida, Illinois, Iowa, Massachusetts, Michigan and Minnesota — use modems to transmit results in a combined 36 counties, according to a POLITICO survey. Rhode Island uses them statewide, and Washington, D.C., uses them citywide. Wisconsin, which the nonprofit election integrity group Verified Voting identified as using modem-equipped devices, did not respond to inquiries about whether its counties use the feature.
While there’ve been no reports of modems being hacked in previous elections, the vulnerabilities are well known, and hackers have the tools to exploit them.
And the mere existence of these modem vulnerabilities could make it easier for Trump allies to disrupt the midterm elections and future contests with more unfounded hacking claims, say some former election officials.
“In the current hyperpolarized atmosphere, modems in voting machines are now not only a potential target for cyberattacks, but, perhaps more importantly, information operations seeking to cast doubt on the legitimacy of U.S. elections,” said David Levine, a former election director for Ada County, Idaho. He’s now a fellow at the Alliance for Securing Democracy working on elections integrity issues.
“Modem use expands the threat surface area [that] election officials are forced to defend against all hazards including cyber, operational mistake[s], misinformation and fairy tales,” said Noah Praetz, former election director for Cook County, Ill.
Florida — the site of a tight Senate race in November between Republican incumbent Marco Rubio and Democrat Val Demings — uses modems in 18 counties, including Broward, the second-most populous.
These states have persisted in using the modems even though the hacking risk has been established for years. The Senate Intelligence Committee recommended in a 2019 report on Russia’s interference in the 2016 election that officials remove or disable any wireless networking capability in their voting machines. Multiple states — including Alabama, California, Colorado, Maryland, New York and Virginia — have banned modems.
Modems remain popular for two major reasons: time and distance.
Americans don’t like waiting to learn who won an election. “There is an appetite in the public for immediate results, and [using modems] is the best way to do that,” said Paul Lux, the election supervisor in Okaloosa County, Fla., which uses modems to transmit its election results.
The main alternatives are calling in vote totals or driving memory cards to the central office. The former process is error-prone, and multiple counties said the latter process would create hourslong delays.
In Okaloosa County, which stretches from the Gulf of Mexico to the Alabama border, only one major road connects the election office in the north with the 68 percent of registered voters who live in the south, Lux said. If poll workers had to deliver results by hand, he said, he wouldn’t be able to report results until 11 p.m.
Mark Ard, a spokesperson for Florida Secretary of State Cord Byrd, said that without modems, some counties might not be able to report results until the day after an election. And delays create misinformation risks as well. Trump and other 2020 election deniers seized on delays as another excuse to claim the results were rigged.
Ard and election officials in other states that use modems told POLITICO they believe the security risks are overblown.
“I’ve been at this job now 10 years, and we’ve used modems as far as I can remember, and we’ve never ever had an issue,” said Travis Weipert, the election supervisor in Johnson County, Iowa.
Some officials argued their modems avoid security risks by using special networks set up for that purpose. But those systems are no panacea, Wallach said, because they’re still “placing a lot of trust in [telecom companies], and that’s exactly the kind of thing that nation-state adversaries can and do regularly compromise.”
Hackers could break into the telecom networks carrying the modems’ transmissions and manipulate them en route, similar to how Ukrainian officials have used their control of their own networks to intercept invading Russian soldiers’ phone calls. Attackers could also use portable devices that emulate cell towers to intercept modem transmissions.
“We now have to worry about anybody getting access to a communication network that is fundamentally open,” said Matt Blaze, a Georgetown University computer science and law professor who studies voting systems.
Officials also cited encryption as a way to shield vote data from tampering in transit. But encryption isn’t foolproof either. In 2007, researchers discovered that voting vendor Hart InterCivic had misconfigured its modems’ encryption so that the modems failed to verify their connections.
There’s also a chance that hackers could use a modem connection as a foothold for planting malware on the equipment that regional offices use to tally the final counts. But it’s unlikely this would compromise official results, because of two key safeguards: paper ballots and post-election audits that double-check the tallies of those ballots. That said, some states don’t require audits, and some Americans still vote on paperless electronic voting machines.
Many security experts are optimistic that modems will eventually disappear as part of a broader push to protect elections. “The direction that we’re going is very encouraging,” Blaze said. “Removing modems … is part of that trend.”
There have been a few moves already. In 2018, Harris County, Texas, ditched the modems that Wallach and his colleagues had discovered were insecure more than a decade earlier. Michigan is phasing out modems in the five counties that still use them. And Santa Rosa County, Fla., won’t use its modems to transmit results in November after doing so in seven elections since 2018. “We have a lot of people that are just concerned,” said election supervisor Tappie Villane.
But none of the other election offices that discussed their modems with POLITICO said they saw a reason for a change.
Eventually, some of the officials sticking by modems will have to abandon them. Last year, the U.S. Election Assistance Commission added a ban on modems to a set of voluntary guidelines that many states use as the basis for their voting system testing programs.
Electronic Voter Identification System It will take years, however, for new equipment to be certified to the updated guidelines, and even then, some states may choose not to incorporate the modem ban into their own regulations.