A computer security expert says an election server central to a bitter legal battle over the security of Georgia's election administration showed signs of tamperingelection server central to a legal battle over the integrity of Georgia elections showed signs of tampering.
The server was left exposed to the open internet for at least six months, a problem discovered in August 2016. It was subsequently wiped clean in mid-2017 with no notice, just days after election integrity activists filed a lawsuit seeking an overhaul of what they called the state's unreliable and negligently run election system.
In late December 2019, the plaintiffs were finally able to obtain a copy of the server's contents that the FBI made in March 2017 and retained.
State officials have said they've seen no evidence that any election-related data was compromised.
Logan Lamb, a security expert for the plaintiffs, said in an affidavit filed in Atlanta federal court on Thursday that he found evidence suggesting the server was compromised in December 2014. Lamb said the evidence suggests an attacker exploited a bug that provided full control of the server.
Lamb also said he determined that computer logs that would have been critical to understanding what might have been altered on or stolen from the server only go back to Nov. 10, 2016 — two days after Donald Trump was elected U.S. president. Two years later, Brian Kemp won the Georgia governor’s race by a narrow margin over Democrat Stacey Abrams.
Kemp oversaw Georgia’s elections during the 2016 race as secretary of state. Election administration was handled at Kennesaw State University by an outfit that Kemp's office dismantled after the server-wiping incident.
Additionally, Lamb found evidence that election-related files were deleted from the server on March 2, 2017, just after a colleague of his alerted KSU officials that the election server remained vulnerable to hackers.
It was Lamb who initially alerted the state elections director in August 2016 that the elections server was vulnerable to tampering.
The fact that the access logs were deleted suggests possible foul play, Lamb wrote. “I can think of no legitimate reason why records from that critical period of time should have been deleted,” he stated in his sworn statement.
A protective order prevented Lamb from speaking to a reporter about his findings.
In his original and less methodical examination of the server after he discovered it exposed online, Lamb said he found personal data for Georgia’s 6.7 million voters as well as passwords used by county officials to access election-staging files.
For the 2020 election, Georgia officials are replacing antiquated touchscreen voting machines that have long been discredited by computer scientists. But Marks’ group rejects the computerized ballot-marking devices the state has purchased to replace them.
It maintains, paralleling the findings last year of a National Academies of Sciences report, that the only secure voting solution are hand-marked ballots processed by scanners that leave a paper trail that can be audited later. A majority of the nation’s elections jurisdictions now use such systems.
A spokesman for Georgia's secretary of state, Brad Raffensperger, had no immediate comment.
“The defendants have since day one tried to do everything possible to obstruct the public, the plaintiffs and the court from seeing the shambles of what they had in an incredibly compromised election system,” said Marilyn Marks of the Coalition for Good Governance, one of the plaintiffs in the case.
Now, she said, state officials argue that because of their new system, problems with the old system aren't relevant anymore.
"Of course, that’s not true,” she added. “This was the hub of their entire elections structure.”
This story has been corrected to note that Brian Kemp was elected Georgia governor in 2018 and that the Georgia secretary of state is Brad Raffensperger