The user manual for Dominion Voting Systems machines guides users on how to connect to the internet, and the machines, used by multiple states, were connected to the internet during the election, a cybersecurity expert said on Nov. 30.
“The Dominion suite user manual is about an inch and a half thick. My team went back through the user manual and looked at all the instances where in the user’s manual, it tells operators to connect the ethernet cords to the router, and it is, the systems are connected to the internet,” Phil Waldron, a cybersecurity expert and retired Army colonel, told a public hearing in Arizona.
“Our teams looked at spirographs on the Dominion network on Election Day and showed the increased web traffic, internet traffic on Election Day for Dominion servers,” he said. “In a nutshell, these systems are not what you’ve been told, if you’ve been told anything. They are connected to the internet. There is no transparency of how the voter information is processed, moved, and stored. And, as a matter of fact, these companies have refused to allow any type of inspection into their code and they always decry, it’s our IP, it’s IP protection.”
Dominion didn’t respond to a request for comment.
A similar charge was made by Patrick Colbeck, a poll watcher in Detroit, in a legal case. He said election systems there appeared to be connected to the internet on Election Day.
Waldron told state legislators and others at the hearing, an unofficial event held at the Hyatt Regency in Phoenix, that voting systems from Dominion and several other companies used by state and local governments “were built to be manipulated.”
“They’ve been used in elections around the world with questionable results. We believe that these same questionable results are present in this election,” he said.
Votes can be adjusted by administrators or hackers who can easily get access to the systems by grabbing login credentials through malware, according to the expert. At Def Con in 2019, hackers hacked into voting machines within minutes.
Waldron’s team of white-hat hackers found that malware called a Q snatch records login credentials. If it’s activated, a person anywhere in the world can get the username and password and gain access to the systems. Hackers have the ability to download spreadsheets of votes, change them, and re-upload them.
White-hat hackers are computer experts who probe systems for vulnerabilities to expose them to companies or agencies so they can fix them.
The team looked at machines and software used in Michigan and found the initial vote counts changed in recounts by hundreds of votes.
At the operator level, the software can be corrupted and manipulated with a device as small as a USB drive, which is used to boot up and run the machines, Waldron said.
Waldron said the findings clash with the statement issued by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and other members of the Election Infrastructure Government Coordinating Council, which declared after the election that it “was the most secure in American history.”
“There is no evidence that any voting system deleted or lost votes, changed votes, or was in any way compromised,” the joint statement added.
The agency failed to mention that Dominion is one of the members of the council. Its director, Christopher Krebs, was fired by President Donald Trump.
Dominion told media in an emailed statement before the hearing that it served just one of Arizona’s counties, Maricopa County, and that Maricopa County’s post-election hand count audit showed a 100 percent match with the counts from Dominion machines.