Back in 2018 a security researcher in Georgia named Logan Lamb discovered a serious security vulnerability in an election server in his state. The vulnerability allowed him to download the state’s entire database of 6.7 million registered voters and would have allowed him or any other intruder to alter versions of the database distributed to counties prior to the election. Lamb also found PDFs with instructions and passwords for election workers to sign in to a central server on Election Day as well as software files for the state’s ExpressPoll pollbooks—the electronic devices used by poll workers to verify voters’ eligibility to vote before allowing them to cast a ballot.
The unpatched and misconfigured server had been vulnerable since 2014 and was managed by the Center for Election Systems, a small training and testing center that until recently occupied a former two-story house on the Kennesaw State University campus. Until last year, the Center was responsible for programming every voting machine across the state, raising concerns that if some adversaries had been able to penetrate the center’s servers as Lamb had done, they might have been able to find a way to subvert software distributed by the center to voting machines across the state.
The server was left exposed to the open internet for at least six months, a problem the same expert discovered in August 2016. It was subsequently wiped clean in mid-2017 with no notice, just days after election integrity activists filed a lawsuit seeking an overhaul of what they called the state’s unreliable and negligently run election system.
In late December 2019, the plaintiffs were finally able to obtain a copy of the server’s contents that the FBI made in March 2017 and retained — after the state allegedly dragged its feet in securing the image.
State officials have said they’ve seen no evidence that any election-related data was compromised. But they also long refused to submit the server image for an independent examination.
Logan Lamb, a security expert for the plaintiffs, said in an affidavit filed in Atlanta federal court on Thursday that he found evidence suggesting the server was compromised in December 2014. Lamb said the evidence suggests an attacker exploited a bug that provided full control of the server.
The server was never fixed and there is a huge chance that they had the same issue.
Given the fact that the Commonwealth site reported about this recently, we can tell that the issue was never addressed later on.
Printscreen from the Commonwealth site:
Link to the site:
We should inform Lin Wood he is the attorney handling Georgia.