According to Motherboard-Vice.com, the nation’s top voting machine maker has admitted in a letter to a federal lawmaker that the company installed remote-access software on election-management systems it sold over a period of six years, raising questions about the security of those systems and the integrity of elections that were conducted with them.
ES&S, the top voting-machine maker in the country between 2000 and 2006, installed pcAnywhere on its systems. The company’s machines were used in a number of states, and at least 60% of all ballots cast in the US in 2006 were tabulated on ES&S election-management systems.
ES&S customers who had pcAnywhere installed also had modems on their election-management systems so ES&S technicians could dial into the systems and use the software to troubleshoot, thereby creating a potential port of entry for hackers as well.
In a letter sent to Sen. Ron Wyden (D-OR) in April and obtained recently by Motherboard, Election Systems and Software acknowledged that it had “provided pcAnywhere remote connection software … to a small number of customers between 2000 and 2006,” which was installed on the election-management system ES&S sold them. It’s not clear why ES&S would have installed the software on the systems of only “a small number” of customers and not all customers, unless other customers objected or had state laws preventing this.
The company told Wyden it stopped installing pcAnywhere on systems in December 2007, after the Election Assistance Commission, which oversees the federal testing and certification of election systems used in the US, released new voting system standards.