We must invest in our security systems to prevent it before it’s too late.

Protecting voter registration information is the number one priority for my Office’s cybersecurity team.  That’s why we’ve been concerned with inaccurate reports regarding our voting equipment and the potential exposure of registration data. We have made a number of upgrades in Arizona’s plan for election integrity and those improvements have enhanced the security of your information.                                       

Last week the media suggested both Arizona and Illinois had suffered hacks of their elections computer systems. Those reports implied our state failed to take adequate precautions to prevent a SQL inject attack.  Those reports are inaccurate. Our computer security experts tell me that no unauthorized user ever got access to State voter registration information. At most someone stole a login ID of a county election worker. And, several months ago, we implemented all of the recommendations cited in those media reports to prevent SQL injection attacks. But still, I worry about election integrity issues every day. 

Over the next decade our state will have to develop and implement a plan to replace aging voting equipment and streamline the state’s voter data systems. We work closely and cooperatively with county election officials to ensure ballots are counted accurately. We test every counting machine before every election. Historically our counties have had to pay for new election equipment as they felt they needed it. So elections equipment is considered in the same context as the sheriff’s department budget or road paving allocations. I understand why lots of other things get replaced or updated before elections equipment but the time has arrived to focus on this issue.

Is your phone ten years old? Is your TV even 5 years old? Lots of our elections infrastructure is around ten years old. Over the past decade we’ve enjoyed huge benefits from better technology but we’ve also come to understand that those complex systems also come with vulnerabilities that bad people exploit to do bad things. Perhaps the most compelling reason to update our elections equipment is to bring the security of these systems up to date.  

The attack in June failed.  But that might be the case next time.  As sophisticated hackers around the globe continue to look for ways to steal our personal information, we must invest in our security systems to prevent it before it’s too late.