Security experts say that election hardware and software should be subjected to transparency and rigorous testing, but only by credentialed professionals. Yet nearly all of the partisan reviews have flouted such protocols and focused on the 2020 results rather than hunting for security flaws.
In Arizona, the firm chosen by the Republican-led Legislature, Cyber Ninjas, had no previous experience auditing elections, and its chief executive has promoted conspiracy theories claiming that rigged voting machines cost Mr. Trump the state. The company also used Republican partisans to help conduct its review in Maricopa County, including one former lawmaker who was at the Jan. 6 protest in Washington that preceded the Capitol riot.
Let Us Help You Protect Your Digital Life
In Wisconsin, the Republican Assembly speaker, Robin Vos, is pushing for a review of the 2020 results to be led by a former State Supreme Court justice who claimed in November that the election had been stolen. And in Pennsylvania, the Republican leader of the State Senate has announced hearings that he likened to a “forensic investigation” of the election, saying it could include issuing subpoenas to seize voting machines and ballots.
Christopher Krebs, the former head of the federal Cybersecurity and Infrastructure Security Agency, said such reviews could easily compromise voting machines. “The main concern is having someone unqualified come in and introduce risk, introduce something or some malware into a system,” he said. “You have someone that accesses these things, has no idea what to do, and once you’ve reached that point, it’s incredibly difficult to kind of roll back the certification of the machine.”
Decertifying machines effectively means replacing them, often in a hurry and at great cost. Philadelphia’s elections board rejected an earlier G.O.P. request for access to the city’s election machines, saying it would cost more than $35 million to buy new ones.
In Arizona, Secretary of State Katie Hobbs, a Democrat, told Maricopa County in May that her office would decertify 385 machines and nine vote tabulators that had been handed over for the G.O.P.-led election review.
“The issue with the equipment is that the chain of custody was lost,” Ms. Hobbs said in an interview. “The chain of custody ensures that only authorized people have access to it, so that that vulnerability can’t be exploited.”