Marilyn R.

Marks
Charlotte, NC 28210

January 15, 2017
The Honorable Richard Burr
217 Russell Senate Office Building
Washington, DC 20510
via facsimile (202) 228-2981
and (336) 725-4493
Dear Senator Burr:
I am writing regarding the scope of the Senate Select Committee on Intelligence and its
Inquiry into Russian Intelligence Activities. Thank you for your commitment to this
critical national security concern.
The scope of the Inquiry should include thorough investigations of whether the election
system components (machines, tabulators, servers, reporting systems, voter database,
etc.) were compromised or subject to wrongful penetration attempts. There has been
considerable misinformation published on this fundamental issue since Director Clapper
testified on this topic on January 5. A Committee-supervised review is essential to
determine whether there was election system compromise.
A group of nation’s leading voting system computer science experts wrote Senator
Lindsey Graham on January 13 asking that he include this high-risk area of election
cybersecurity threats in the Armed Services Committee’s investigation. That letter is
attached (and linked here https://goo.gl/NK4IRf ) for your review of the signers’
concerns. Your joint announcement with Senator Warner suggests that the Select
Committee on Intelligence Inquiry may be an appropriate forum for such a technical and
far-reaching inquiry. I urge you to review that letter to Senator Graham for the more
detailed rationale for this request to include the safety of the voting systems in the
Inquiry.
In summary, the country’s voting systems are dangerously vulnerable to cyberattack.
The vulnerabilities are grossly underestimated and misunderstood by many officials and
the media. Whether the systems are directly connected to the Internet, or whether they
equipment is widely distributed, the systems are alarmingly easily penetrated in
manners to change the results of an election. The experts signing the January 13 letter
to Senator Graham have all demonstrated and proven such vulnerabilities. It seems
quite unlikely that meaningful testing was conducted by DHS for purposes of reaching

Marks letter to Sen. Burr

1.15.17

Page 1 of 2

any conclusions about the accuracy and fairness of the voting systems operation in the
2016 election. Yet intelligence officials, lawmakers and media continue to repeat the
likely unproven claim that such systems were tested and found to be uncompromised.
Americans deserve a voting system free from cybercrime threats from bad actors. We
also deserve accurate, well-researched answers to whether such threats compromised
our systems in 2016.
The group of voting system security experts who signed the letter to Senator Graham
are willing to offer their expertise on how reliable answers could be obtained by the
Committee to assure that the systems were not compromised in the 2016 election. Such
an inquiry by this Committee would produce the valuable by-product of essential
information on election cybersecurity risks that must be mitigated to protect future
elections.
Thank you for your consideration of this request. I am pleased to talk with you or your
staff about this at any time.
Thank you for your service and dedication to the interest of North Carolinians and all
Americans.
Sincerely,
Marilyn R. Marks

Marks letter to Sen. Burr

1.15.17

Page 2 of 2

Experts' letter to Sen. Graham

January 13,2017

Page 1 of 9

January 13, 2017
The Honorable Lindsey Graham
290 Russell Senate Office Building
Washington, DC 20510
(via email: mailto:Senator@lgraham.senate.gov)
Dear Senator Graham:
We enthusiastically support your dedicated leadership efforts to investigate the
cybersecurity vulnerabilities in our country’s 2016 election process. We are a group of
volunteer election systems technical experts and citizen advocates for secure and
transparent elections. The purpose of our letter is to encourage you to expand the
scope of your inquiries to include vulnerable elements of the election system that are
being overlooked in the public discussions.
There is a very common misunderstanding that voting systems are not vulnerable and
that it would be difficult to alter election outcomes. This meme has been repeated in
many public forums.
During the January 5 Armed Services Committee hearing on Russian hacking, we were
troubled to hear Mr. Clapper seem to affirm Senator Cotton’s statement that it “would be
most difficult for anyone including nation states to affect ballot counts,” and that there is
“no evidence that vote tallies were manipulated or altered in any way.” Such
unsupported claims have rapidly come to be much-repeated and exaggerated
assertions almost universally adopted by the media and government officials.
President-elect Trump tweeted “Intelligence stated very strongly there was absolutely
no evidence that hacking affected the election results. Voting machines not touched!”1
Speaker Ryan also appears to have similarly misinterpreted the findings, given his
statement, “We must also be clear that there is no evidence that there was any
interference in the voting or balloting process.”2 While we are aware of no evidence of
Russian hacking into the voting and tabulation systems, it is our strong belief that little
or no investigation has been conducted on the vulnerable components of the systems
that would justify such reassuring claims. Indeed, in fifteen states some of the
components of the voting systems lack the necessary evidence of voter intent to carry
out a legitimate audit.
The significant cybersecurity weaknesses in our election system are well known to
many computer security professionals as well as unfriendly nations and domestic
criminals. Yet federal, state, and private monitoring, analysis, and oversight to protect
the very foundation of our democracy is minimal. Even while the Department of
Homeland Security made its services available to election jurisdictions nationwide in the
pre-election period, to our knowledge they were not examining voting and vote tallying
systems for vulnerabilities, but rather scanning voter registration databases and
systems for breaches.

Experts' letter to Sen. Graham

January 13,2017

Page 2 of 9

Unfortunately, the full scope of that threat to the election process is not well understood
by many decision-makers and their advisors. Contrary to the claims made during and
following the hearing, as citizen experts in election mechanics, we know that it is not at
all difficult to manipulate election results through cybersecurity intrusions.
We would be happy to brief you with the extensive research that has proven this fact.
Although there may be “no evidence” currently presented of manipulation of the 2016
election, we are confident in our view that no one has performed the required extensive
testing to provide such assurances. We write to implore you and the Committee to
increase the scope of your investigation to include such essential testing before drawing
conclusions. Both the Committee and the public deserve well-researched
documentation to confirm any conclusion of “no manipulation” of voter databases or
vote tallies.
The chronic vulnerabilities of the election system mechanics are misunderstood by
many government officials and media, some of whom have recently sought to calm
voters’ fears by inaccurately claiming that the voting machines and tabulators are
protected from cyberattacks because such machines are purportedly never connected
to the Internet. These claims, even repeated by EAC officials,3 are simply inaccurate.
An Internet connection is not necessary for malware to infect an entire county’s
machinery, as was dramatically demonstrated by the Stuxnet virus. Additionally, many
components actually are connected to the Internet, sometimes in violation of state laws.
These and other inaccurate claims should be debunked in a Congressional investigation
of our election system cybersecurity risks, as we hope your Committee will undertake.
Former CIA Director James Woolsey recently commented on CNN about allegations of
Russian hacking: "Well, the degree to which they intervened in the process is something
we really need to get a handle on, but at this point, it doesn't look as if they were
interfering with the voting, and in so far as that's the case, it's a very different thing than
if they were hacking into the voting machines and by the way, they shouldn't be involved
period, but we have to make sure that two years from now and four years from
now we are protecting our voting machines and a lot of people and counties and
so forth have added essentially touch screens and you can't check up on hacking
with that. You gotta have some kind of a paper trail...." 4
We wholeheartedly agree with Mr. Woolsey’s views concerning the need for voting
system protection. Given the inherent risks, the 2016 election data must be promptly
studied by objective investigators and scientists under Congressional authority. We are
certain that alarming cybersecurity weaknesses will be exposed when the systems are
scrutinized by independent experts. In our view, a broad-based in-depth investigation
would demonstrate the urgent and compelling need for legislation providing both
resources and statutory requirements for enhanced election cybersecurity, whether
future threats emanate from foreign states or domestic criminals. We encourage you to
incorporate election system cybersecurity in the Committee’s investigation.

Experts' letter to Sen. Graham

January 13,2017

Page 3 of 9

On January 6, DHS Secretary Johnson declared that he would designate election
systems as “critical infrastructure.” We urge the Committee to ensure that harmful
practices are not permitted to be built into that designation that would shield public
election system records from public scrutiny. It is essential that the public be able to
verify the proper operation of voting systems without engaging in FOIA challenges. It is
critical that the working policies in this designation provide clarity and transparency.
That goal is likely to require Congressional support and oversight.
We are eager to be of assistance. Some of us are computer security and voting
systems experts available to lend our expertise to this urgent mission. We can
recommend other nationally recognized scientists and experts to advise the technical
efforts of the Committee on these election system topics. We would be delighted to
meet with you or your staff in Washington or South Carolina to further outline our
perspective on the urgent need for these issues to be addressed as a national security
matter.
We have included an appendix that lists some of the critical components of our voting
systems, together in some cases with some high level recommendations for protecting
those systems from cyber-threats.
Thank you for your leadership and for your consideration of this critically important
matter.
Sincerely,
The Undersigned

Experts' letter to Sen. Graham

January 13,2017

Signatories
(Affiliations for informational purposes only)
Duncan Buell
Professor
Computer Science and Engineering
NCR Chair in Computer Science and Engineering
University of South Carolina
buell@acm.org
803.777.7848
JoAnne Day
Julie Hussey
League of Women Voters of South Carolina
POB 8453
Columbia, SC 29202
jvday@yahoo.com
copresident.lwvsc@gmail.com
803-251-2726
J. Alex Halderman
Professor
Electrical Engineering and Computer Science
University of Michigan
Ann Arbor MI
Eleanor Hare
Associate Professor Emerita of Computer Science
Clemson University
864.654.4417
eleanorhare@gmail.com
Frank Heindel
171 Hobcaw Drive
Mount Pleasant SC 29464
Candice Hoke
Co-Director, Center for Cybersecurity & Privacy Protection
Professor of Law
C|M Law, Cleveland State University
216.687.2313 office
216.798.4643 mobile
shoke@me.com
s.hoke@csuohio.edu

Page 4 of 9

Experts' letter to Sen. Graham

January 13,2017

Joseph Kiniry
CEO and Chief Scientist, Free & Fair
Principal Investigator, Galois
kiniry@freeandfair.us
kiniry@galois.com
421 SW 6th Ave., Suite 300
Portland OR 97204-1622
Marilyn Marks
Executive Director, Rocky Mountain Foundation
Marilyn@AspenOffice.com
7035 Marching Duck Drive E504
Charlotte, NC 28210
704.552.1618
Neal McBurnett
Elections Integrity Consultant
Boulder CO
http://neal.mcburnett.org/
Stephanie Singer
Former Chair, Philadelphia County Board of Elections
Data Strategist
Portland, OR
sfsinger@campaignscientific.com
Jason Grant Smith
I Voted? Director/Producer
Jason@ivotedmovie.com
Philip B. Stark
Associate Dean, Mathematical and Physical Sciences
Professor, Department of Statistics
University of California
Berkeley, CA 94720-3860 | 510-394-5077
statistics.berkeley.edu/~stark |
@philipbstark

Dr. Daniel M. Zimmerman
Computer Scientist
Galois / Free & Fair
dmz@acm.org
503.808.7224

Page 5 of 9

Experts' letter to Sen. Graham

January 13,2017

Page 6 of 9

Appendix 1: Components and architectures at risk
We urge you to include the following components and architecture of the nation’s voting
systems in the scope of the Armed Services Committee investigation. Please consider
incorporating both domestic and foreign intruder-generated election system risks in the
scope of the committee’s or appropriate sub-committee’s investigation. End-to-end
election system framework should be assessed for vulnerabilities and included in riskmitigation efforts in resulting legislation. In addition, the Committee should address both
the threat of corruption—the purposeful changing of results—and the threat of
disruption, including the introduction of chaos and uncertainty into the election process,
that would create significant public distrust in the results of the election.
Cybersecurity threats can significantly undermine the election system through attacks
on any of the following components:
--electronic voting machines,
--on-line and electronic ballot marking devices,
--ballot scanning software,
--vote tabulation software,
--Internet voting applications,
--on-line voter registration applications,
--voter registration databases,
--on-line absentee ballot requests and issuance,
--voter information communications,
--electronic poll-book applications,
--confidential voter information files,--automatic signature verification equipment,
--results reporting applications, and
--post-election audit programs.
Our experts are prepared to provide extensive specific, technical information on how
these component weaknesses can be exploited.
Appendix 2: Analyzing vulnerabilities revealed by the 2016 election
Security risks have multiplied as computers have been integrated into all components of
the election system, although few resources have been devoted to system
modernization and security. From on-line voter registration and electronic poll-book
maintenance to computerized vote tabulation and results reporting, the opportunities for
electronic compromises of the system grow every year. The growing number of voters
permitted to vote via Internet poses an increasing cyber-threat.
We believe that significant federal resources and legislation will be required to
adequately mitigate material risks that will be exposed in an investigation by a
Congressional Committee. We would encourage such a committee to include the
following topics in its investigation and assessment of the 2016 election:

Experts' letter to Sen. Graham

January 13,2017

Page 7 of 9

--detect attempts to access or compromise the voter registration system or database,
--detect attempts to access or compromise vote recording and tabulating system
components,
--information obtained by DHS after its offer to assist states in protecting voting
systems,5,6
--analysis of selected counties’ electronic voting system logs to review for unexpected
events,
--electronic audits7 of vote data in selected counties employing touchscreen technology,
--attempts to infiltrate voting system vendors’ information systems,8
--statically significant anomalies in under-votes, over-votes or results, and their likely
causes, and
--a post-election audit should be performed for the presidential contest in selected
counties. 9
Appendix 3: Suggestions for mitigating some of the cybersecurity threats.
We are confident that thoughtful, measured federal legislation can serve to mitigate
many of the cybersecurity risks to elections. Badly needed new equipment funding
could provide the mechanism for imposing security standards in federal elections for
states choosing to obtain grants for funding. Needed provisions include:
--providing funding for new election systems that meet specified security and voter
privacy requirements,
--requiring paper ballots and prohibiting touchscreen machines for federally-funded
equipment,10
--prohibiting Internet voting,11
--mandating post-election manual audits of results on new equipment,
--requiring anonymous/secret ballots,
--protecting private voter information,
--requiring fundamental transparency that would permit public verification of results
without formal recounts,
--providing funding for federal technical assistance and guidelines for election
cybersecurity reviews and risk assessment, and
--providing funding for cybersecurity safeguards of the voter registration system.
We recognize that any federal legislation must be crafted within Constitutional restraints
respecting the states’ responsibilities to conduct their elections.
Appendix 4: Additional resource references
Scores of articles have been recently published, highlighting the increasing national
security risks of cyberattacks on our election framework. We have included links to
several of the articles that you may find helpful in the end notes and references A-F
here.

Experts' letter to Sen. Graham

January 13,2017

Page 8 of 9

A. Post-recount, experts say electronic voting remains ‘shockingly’
vulnerable
https://www.the-parallax.com/2016/12/30/electronic-voting-shockinglyvulnerable/
B. Recount 2016: An Uninvited Security Audit of the U.S. Presidential
(Talk by Dr. Alex Halderman and Matt Berhard on findings in 2016 presidential
recount efforts)
https://www.youtube.com/watch?v=PUUJqUXlEzg
C. Hacking a voting machine http://www.rawstory.com/2016/08/computerexpert-hacks-into-common-voting-machine-in-minutes-to-reveal-shocking-2016election-threat/
D. Politico: States unprepared for Election Day cyber attack
http://www.politico.com/story/2016/10/states-unprepared-for-election-day-cyberattack-230415
E. PBS Newshour: Here’s how hackers might mess with electronic voting on
Election Day http://www.pbs.org/newshour/updates/heres-how-hackers-couldmess-with-electronic-voting/
F. Documentary: I Voted? http://www.ivotedmovie.com Executive produced by
Katie Couric, this non-partisan documentary examines the capture and counting
of ballots in American elections.

End notes:
1

https://twitter.com/realDonaldTrump/status/817701436096126977

2

http://www.speaker.gov/press-release/statement-ic-report-russian-hacking

3

C-Span-- Cybersecurity and Voting Machine Security (October 4, 2016)
(Dr. Alex Halderman)
https://www.c-span.org/video/?415879-4/washington-journal-j-alex-haldermancybersecurity-voting-machines
Timestamp 4:50-- inaccurate EAC statement re: protection of voting systems

4

Woolsey to CNN (12/30/16)
http://edition.cnn.com/TRANSCRIPTS/1612/30/cg.01.html [16:16:31]
5

ABC News: Nearly Every State Has Asked for Federal Help to Protect Voting
Systems From Hacks

Experts' letter to Sen. Graham

January 13,2017

Page 9 of 9

http://abcnews.go.com/Politics/state-asked-federal-protect-voting-systemshacks/story?id=43197682
Yahoo News: Russian Hackers Targeted Nearly Half of States' Voter Registration
Systems, Successfully Infiltrated 4
https://gma.yahoo.com/russian-hackers-targeted-nearly-half-states-voter-registration113205790--abc-news-topstories.html
6

7

Auditing a DRE-based election in South Carolina
http://www.lwvsc.org/files/fiveauthor.pdf
8

CNN: Feds believe Russians hacked Florida election-systems vendor
http://www.cnn.com/2016/10/12/politics/florida-election-hack/
9

USAToday Column Rivest/Stark: Still Time for an Election Audit
http://www.usatoday.com/story/opinion/2016/11/18/election-audit-paper-machinescolumn/93803752/
10

James Woolsey to CNN on need for paper ballots:
Woolsey, ”Did they go further and use the computers to do something effective this last time
around? It looks like they may have tried but not succeed. And what we have to worry about is
what our weaknesses are in that dimension. So one of the things we've absolutely got to do is get
away from having a quarter of our voting machines be touch screen only and not have paper
backup. Those changes were made after the craziness of year 2000 and the change of some of
them were made in the wrong direction ...
Without a paper backup, you can't have a voting count that means a damn thing.”
http://www.cnn.com/TRANSCRIPTS/1612/16/acd.01.html
10

Heritage Foundation--Hans von Spakovsky: Dangers of Internet Voting
http://www.heritage.org/research/reports/2015/07/the-dangers-of-internet-voting