tampering and what, if anything, can be done to
use American-made parts.
The executives said the machines they
manufacture include, to some extent,
components from China but said using
foreign suppliers isn’t unique to the voting
equipment industry.
SolarWinds, a Texas company, was breached by
suspected Russian hackers to deliver malware
and gain access to networks of businesses and
governments, including the U.S. departments
of Commerce, Treasury and Justice as part of a
large-scale cyberespionage campaign.
Brandon Wales, the acting director of the U.S.
Cybersecurity and Infrastructure Security
Agency, said recently there was “no evidence
that any election systems were compromised” as
part of the hack.
Election officials have spent years working
to boost their cybersecurity defenses after it
became clear in late 2017 that Russian hackers
had scanned state and local voter registration
systems in the run-up to the 2016 election —
and penetrated a few. Tens of millions of dollars
have been spent to educate and train state and
local election officials, add security defenses
such as firewalls, and conduct security reviews
and testing.
Also Wednesday, the U.S. Election Assistance
Commission approved the first update in 15 years
to a series of voluntary guidelines used by most
states to certify voting machines. The guidelines
include several security improvements, including
a recommendation for states to adopt a strategy
to reduce supply chain risks.
Image: John Bazemore,