Wisconsin Recount: The Alex Halderman Affidavit on Russian Hacking

  1. Home
  2. Politics
By Louise Mensch | 12:28 am, November 26, 2016

The recount in Wisconsin, should it occur, is already causing plenty of heartburn in the press. Jill Stein has called for it and raised plenty of money in so doing. More to the point, Stein attended a dinner last winter where she was a guest of Vladimir Putin, and it has long been thought that Russia’s aim in hacking the election was to sow chaos even more than it was to elect Donald Trump.

The President-Elect is already proving in many of his choices, meanwhile, that he is his own man.

But Alex Halderman’s involvement raises the recount petition to fresh levels of credibility.

Secretary Clinton did not ask for the Wisconsin recount and it was only at the very last minute that Jill Stein even began to discuss it. Her motives were questioned on Twitter, but Halderman’s were not.

However, the presence of Prof. Halderman in the affidavit section of the petition should reassure all those who might prefer a recount, in an election which we already know was hacked by Russia, for purely neutral purposes. The DNI has said that Russia’s attacks on the DNC and John Podesta were:

intended to interfere with the US election process… only Russia’s senior-most officials could have authorized these activities.

The US Government has also noted that Russians, if not the Russian Government, have successfully attacked the voter registration databases of two states, and attempted to attack twenty more.

Here is Halderman’s affidavit (I omit the legal preamble on his qualifications).


Context: cybertattacks in the 2016 presidential election

6. The 2016 presidential election was subject to unprecedented cyber attacks apparently intended to interfere with the election. This summer, attackers broke into the email system of the Democratic National Committee, and, separately, into the email account of John Podesta, the chairman of Secretary Clinton’s campaign. The attackers leaked private messages from both hacks. Attackers also infiltrated the voter registration systems of two states, Illinois and Arizona, and stole voter data. The Department of Homeland Security has stated that senior officials in the Russian government commissioned these attacks. Attackers attempted to breach election offices in more than 20 other states.

7.. Russia has sophisticated cyber offensive capabilities, and has shown a willingness to use them to hack elections elsewhere. For instance, according to published reports, during the 2014 presidential election in Ukraine, attackers linked to Russia sabotaged Ukraine’s vote-counting infrastructure, and Ukrainian officials succeeded only at the last minute in defusing vote-stealing malware that could have caused the wrong winner to be announced. [Exhibit G] Countries other than Russia also have similarly sophisticated cyber warfare capabilities.

8. If a foreign government were to attempt to hack American voting machines to influence the outcome of the presidential election, one might expect the attackers to proceed as follows. First, the attackers might probe election offices well in advance, to find ways to break into the computers. Next, closer to the election, when it was clear from polling data which states would have close electoral margins, the attackers might spread malware into voting machines into some of the states, manipulating the machines to shift a few percent of the vote to favor their desired candidate.

This malware would be likely to be designed to remain inactive during pre-election tests, perform its function during the election, and then erase itself once the polls closed. One would expect a skilled attacker’s work to leave no visible signs, other than a surprising electoral outcome in which results in several close states differed from pre-election polling.

The vulnerability of American voting machines to cyber attack.

9. As I, and other experts, have repeatedly documented in peer-reviewed and state-sponsored research, American voting machines have serious cybersecurity problems. Voting machines are computers with reprogrammable software. An attacker who can modify that software by infecting the machines with malware can cause the machines to provide any results of the attacker’s choosing. As I have demonstrated in laboratory tests, in just a few seconds, anyone can install vote stealing malware on a voting machine that slightly alters the electronic records of every vote.

10. Whether voting machines are connected to the Internet is irrelevant. Shortly before each election, poll workers copy the ballot design from a regular desktop computer in a government office and use removable media (akin to the memory card in digital camera) to load the ballot design onto each machine. That initial computer is almost certainly not one secure enough to guard against attacks by foreign governments. If technically sophisticated attackers infect that computer, they can spread vote-stealing malware to every voting machine in the area. Technically sophisticated attackers can accomplish this with ease.

11. While the vulnerabilities of American voting machines have been known for some time, states’ responses to these vulnerabilities have been patchy and inconsistent at best. Many states, including Wisconsin, continue to use out of date machines that are known to be insecure.

Examining the paper record is the only way to ensure the integrity of the results. 

12. Paper ballots are the best and most secure technology available for counting votes. Optical scan voting allows the voter to fill out a paper ballot that is scanned and counted by a computer. Electronic voting machines with voter-verified paper audit trails allow the voter to review a printed record of the vote he has just cast on the computer. Only a paper record documents the vote in a manner that cannot be later modified by malware or other forms of cyber attacks.

13. One explanation for the results of the 2016 presidential election is that cyber-attacks influenced the results. This explanation is plausible, in light of other known cyber attacks intended to affect the outcome of the election; because of the profound vulnerability of American voting machines to cyber attacks; and the fact that the skilled attacker would leave no outward or visible evidence of an attack other than an unexpected result.

14. The only way to determine whether a cyber-attack affected the outcome of the 2016 presidential election is to examine the available physical evidence – that is, to count the paper ballots and paper audit trail records, and review the voting equipment, to ensure that the votes cast by actual voters match the results determined by the computers.

For ballots cast through optical scanners, a manual recount of the paper ballots, without relying on the electronic equipment, must occur. Using electronic equipment to conduct the recount, even after first evaluating the machine to a test deck, is insufficient. Attackers intending to commit a successful cyber-attack could, and likely would, create a method to undermine any pre-tests. For votes cast on electronic voting machines, the paper audit trail records must be counted, since the electronic records stored in the machines could have been manipulated in an attack. Voting equipment that might yield forensic evidence of an attack includes the voting machines, removable media, and election management system computers. Paper ballots, paperboard trails, and voting equipment will only be examined in this manner if there is a recount.

15. A recount is the best way, and indeed the only way, to ensure public confidence that the results are accurate, authentic, and untainted by interference. It will also set a precedent that may provide an important deterrent against cyber attacks on future elections.

For many this affidavit will provide a sobering overview of how easy and how plausible it would be for Russia to have hacked our presidential election.

The most compelling lines in Prof. Halderman’s affidavit, however, may be the last ones; that a paper audit would show foreign hackers that the US is willing to check to ensure it has correct results, and the consequences for being caught would be disastrous.