March 25, 2020
by Carla Hay
“Kill Chain: The Cyber War on America’s Elections”
Directed by Simon Ardizzone, Russell Michaels and Sarah Teale
Culture Representation: This politically oriented documentary, which examines the effects of cyber hacking on U.S. elections, interviews a predominantly white group of people, including cybersecurity experts, government officials, journalists, university professors and hackers.
Culture Clash: Almost everyone interviewed in the documentary says that there is widespread denial or suppression of information about hacking and other manipulation of voting machines in the U.S. election system.
Culture Audience: This documentary will appeal mostly to people who want to know more about how voting in the U.S. works behind the scenes, even if what’s uncovered might be disturbing.
When people vote in elections, are their votes really safe from hacking or other illegal manipulation? Absolutely not, say the experts and other officials interviewed in the chilling documentary “Kill Chain: The Cyber War on America’s Elections.” The movie’s directors Simon Ardizzone, Russell Michaels and Sarah Teale focus on U.S. elections that have taken place since 2016. “Kill Chain” sounds the alarm that sinister forces that are inside and outside the U.S. are working to manipulate elections that are happening in 2020 and beyond.
Ardizzone and Michaels directed another HBO documentary that covered a similar topic—2006’s “Hacking Democracy,” which featured election security expert Harri Hursti (a native of Finland) showing how easy it was to hack into a voting machine. Hursti is prominently featured in “Kill Chain,” to the point where he could’ve almost been the film’s narrator. He’s definitely the star of the movie, since the filmmakers follow him going to various U.S. states to investigate the current state of voting machines used in U.S. elections and probable cases of voting fraud in recent elections.
Because voting methods in the U.S. are usually determined by counties within a state, there are vastly different voting machines that are used across the United States. Most voting machines, even if they use paper, still rely on computers for scanning. In addition, many voting places use computerized machines not just for ballots but also to verify identification and residential addresses of voters. Because the trend in newer voting machines is to become more computerized (including machines that turn votes into barcodes), several people in the “Kill Chain” documentary say these computer revamps will leave these machines more vulnerable to being hacked.
The “Kill Chain” documentary gets its name from the “divide and conquer” concept of how one entity can conquer another through a chain of events. As Hursti explains in the documentary, it’s a five step-process: (1) Reconnaissance, which is gathering information about the enemy’s landscape); (2) Identify, which is seeing who the targets are; (3) Weaponize; (4) Paralyze; and (5) Attack. When voting systems are manipulated and hacked, it means that the attacker is in the “weaponize” phase.
Throughout the movie, Russia is repeatedly mentioned as the country that’s most likely to hack a voting system—and not just in the U.S., but in other countries, particularly in Europe. However, “Kill Chain” also makes it clear that voting fraud can easily be perpetrated by Americans in U.S. elections, from the highest federal levels to the smallest local governments.
Hursti says in the beginning of the film: “This shouldn’t be a partisan issue. This is our common problem, owned by everyone living in the United States. And we have to solve it in order to preserve our way of life, our society, the rule of law, and our right to self-govern.”
He adds, “The key element to restore the votes is a removable medium,” such as flash drives or hard drives, which most voting machines have. Once those drives are removable on a voting machine, says Hursti: “Every step of the way, it’s vulnerable to attack.”
The movie shows that there are certain signs that indicate a voting site has probably been hacked: Numerous people at the site have problems with their ballots being processed. Another red flag is when voters arrive at the site, they are detained or turned away because the computer system at the site shows inaccuracies in the voters’ names or registration addresses. And these problems usually result in long lines of people waiting for several hours to cast a vote, going well beyond an acceptable wait time for casting a ballot. These long lines cause numerous people to either leave or not get a chance to vote before the polling site closes.
“When you prevent people from casting a ballot, you’ve hacked an election,” comments Sue Halper, an author and contributor to The New Yorker. Michael Daniel, who was a White House cybersecurity coordinator from 2012 to 2020, says that a voter registration database is the part of a computerized election system that is the most vulnerable to hacking.
The “Kill Chain” documentary uses the contentious 2018 election of Georgia’s governor as an example of an election that showed signs of being hacked and other voter fraud. For starters, Republican candidate Brian Kemp had a conflict of interest because in 2018, when he was Georgia secretary of state, he moved Georgia’s Center of Election Systems (CES) to his office, where he oversaw CES. Kemp’s Democrat opponent Stacey Abrams and her supporters repeatedly called for Kemp to recuse himself from overseeing the election, due to this conflict of interest. But the protests were to no avail, because Kemp stayed in the position that gave him the power to oversee the voting process of his own election.
Then, on election day (November 6, 2018), there were widespread reports of voting machine “malfunctions” and long lines in districts of Georgia that were heavily populated with people of color and/or registered Democrats. In addition, even before election day, there were reports of thousands of voter registrations being purged from computer systems and thousands of voter registrations not being processed in time for the election, mostly in areas of Georgia where there is a high percentage of people of color and/or registered Democrats.
The voting results were so close that it took 10 days and a recount for the official tally to be announced. Kemp ended up winning by 1.4% more votes than Abrams. The political group Fair Fight Action, which is backed by Abrams, then sued the Georgia board of elections in November 2018, and included allegations of voter suppression in the complaint. As of this writing, the lawsuit has not been resolved.
As a result of these numerous claims that the election was tainted by voter fraud and problematic AccuVote machines, Georgia stopped using AccuVote machines. However, the documentary mentions that Georgia is now using Dominion’s barcode voting machines (which make the votes impossible to count by human eyes), thereby making the vote counting more computerized and more susceptible to hacking. It cost Georgia about $106 million to switch to these new voting machines, according to the documentary.
“Kill Chain” shows Hursti on that 2018 election day in Gwinnett County, Georgia, at one of the voting sites experiencing machine “malfunctions” and extremely long lines. (Many people were waiting up to five to seven hours to vote, according to news reports.) At the voting site, Hursti speaks to Gwinnett County Democratic Party chair Gabe Okoye, who expresses complete surprise when Hursti tells him that the county is using the same type of voting machine that Hursti was able to hack into in 2006.
In a separate post-election trip to Georgia, Hursti meets with Marilyn Marks of the Georgia-based grassroots organization Coalition of Good Governance, who was working at a voting site in Clarke County on that 2018 election day. She noticed that out of the seven machines used on that day at a heavily Democratic precinct, one machine was churning out ballots that were overwhelmingly showing votes cast for Republicans. The voting site’s exact voting results were public information.
For this trip to Georgia, Hursti invited Professor Philip Stark, who works in the statistics department at the University of California at Berkeley, and Stark’s assistant Dr. Kellie Ottobani, to run the statistics to find out the odds of that voting machine’s results being accurate at that polling site on that day. They found that there was less than a one-in-a-million chance that this outlier machine gave accurate results, based on the number of registered Democrats and Republicans who could vote at that voting site on that particular election day.
So with all this real and potential hacking going on, what’s being done about it? According to the people interviewed documentary, the companies in the business of making the machines want to do nothing. (The filmmakers note in the documentary that several of these companies were asked to participate in the film, but declined.) Some of the biggest suppliers of voting machines and/or software are companies such as Dominion Voting Systems, Election Systems & Software (ES&S), VR Systems and AccuVote.
Jake Stauffer, director of operations at cybersecurity firm Coherent Cyber, tells a story about how his company started a testing plan for voting machines, and the plan was approved by the state of California. Coherent Cyber used the testing plan on Dominion and ES&S voting machines and found “multiple vulnerabilities” (his words) that would allow hackers to change an election or shut the system down. But when those vulnerabilities were pointed out to Dominion and ES&S, both companies shut down the investigation and said that Coherent Cyber’s services were no longer needed.
Stauffer says, “How can a vendor sell a voting system with this many vulnerabilities? I can’t find a straight answer.” Jack Braun, who was the Department of Homeland Security White House Liaison from 2009 to 2011, agrees that companies that manufacture and sell voting machines and voting software cannot be counted on to take responsibility for hacking problems, since these companies usually deny that the problems exists. Braun says that these companies are the opposite of transparent when it comes to reporting security breaches with their machines or software.
What are politicians or other government officials doing about this problem? U.S. Senators such as James Lankford (a Republican from Virginia), Amy Klobuchar (a Democrat from Minnesota) and Mark Warner (a Democrat from Indiana) are among the co-sponsors of a bill called the Secure Elections Act, which gives the Department of Homeland Security the primary responsibility within the federal government for sharing information about cybersecurity hacking and vulnerabilities with federal entities and election agencies. “Kill Chain” notes that U.S. Senate Majority Leader Mitch McConnell (a Republican) has repeatedly blocked this bill.
Lankford, Klobuchar, Warner and U.S. Senator Ron Wyden (a Democrat from Oregon) are all interviewed in the documentary. Warner says the the U.S. should’ve seen warning signs that Russia would interfere in U.S. elections because back in 2011, Russia’s deputy defense minister Gen. Valery Gerasimov publicly made statements saying that Russia might not be able to compete with Western countries when it comes to military weapons, but Russia could compete when it comes to “cyberwars, disinformation and sowing dissension.”
Ion Sancho, who was supervisor of elections in Leon County, Florida, from 1988 to 2016, gives his own Russian hacking story in the documentary. In an interview with Hursti, Sancho says that sometime in 2016, he and other election supervisors were summoned by the FBI into a top-secret meeting, where on a conference call, the FBI issued a warning that a foreign power had penetrated an election vendor in Florida.
Sancho says, “It didn’t take us long to figure that they were talking about GIU, Russia’s military intelligence service, and the vendor was a Tallahassee vendor (VR Systems), which did all the programming for the majority of the counties in the state of Florida.” (The documentary also notes that VR Systems also supplies voting machines and services to the states of New York, California, Virginia, West Virginia, Illinois and North Carolina.) Sancho goes on to say that Reality Winner—the former National Security Agency intelligence contractor who went to prison for leaking NSA documents that showed Russian interference in the 2016 U.S. presidential election—is a “heroine” for leaking the documents.
In order to illustrate how widespread the denial is over hacking of the voting system, the documentary shows a video montage of several government officials—including former FBI director James Comey and Election Assistance Commission chairman Thomas Hicks—giving Senate testimony saying some version of, “The voting system is not connected to the Internet,” as a way of denying that the system could be hacked. But then, after the video montage is played, Hursti shows several examples of exactly how voting machines are connected to the Internet and can be hacked.
In one example, Hursti and his business partner Maggie MacAlpine go to an Ohio business called eCycle Solutions that sells recycled products from a warehouse and on eBay. Hursti and MacAlpine buy some outdated voting machines called the AccuVote TSx, which is a type of voting machine that’s still being used in several U.S. counties. Hursti takes the computers and shows them to Professor J. Alex Halderman from the University of Michigan’s school of computer science and engineering, and they do an on-camera demonstration of how the computers need the Internet to process the information and can be hacked.
An even more dramatic demonstration of how voting machines are very easy to hack comes about midway through the documentary, when Hursti goes to Def Con (the annual computer-hacker convention in Las Vegas) and invites attendees into a room filled with different types of voting machines that are currently used in U.S. elections. With help from hacker Jeff Moss, also known as the Dark Tangent (who co-founded the hacker conventions Def Con and Black Hat), Hursti tells the Def Con hackers that they have free reign to hack into the voting machines and show how it can be done. (The documentary notes that the companies whose machines were used were invited to this demonstration too, but they all declined to attend.) The Def Con “hackathon” test of the voting machines showed that all of the machines in the test were “effectively breached,” according to the documentary.
Douglas Lute, the U.S. Ambassador to the North Atlantic Treaty Organization from 2013 to 2017, comments: “We need to shift the mentality away from the Internet being secure and no one is able to tamper with the American election system to the reality that has been demonstrated in 2016.”
One of the most memorable parts of the documentary is toward the end, which features an interview with a hacker in India who uses the alias Cyber Zeist. He does the interview while wearing a disguise and in entirely dark shadows so his face can’t be seen. However, his voice doesn’t seem to be altered.
Cyber Zeist gives a disturbing account of how he was able to hack into the elections computer system for the state of Alaska, and that he could’ve made a fortune (“millions”) from what he was able to find. “I could’ve made any changes to the system,” he brags. Cyber Zeist claims he just “looked around” and didn’t steal information, but Hursti believes that Cyber Zeist dropped enough hints in the interview to admit that a tool was deployed during the hacking session, and that Cyber Zeist might activate this tool later.
The documentary shows Hursti in Alaska meeting with former Anchorage Daily News reporter Nathaniel Herz, who plays excerpts of an audio recording of an interview that he did with former Alaska Elections director Josie Bahnke, who had the position from 2013 to 2018. In the interview, Bahnke says that during her tenure, the Alaska Elections website was hacked by Russians and an IP address from India, but that “there was no breach” because she claims that nothing was altered or stolen. The documentary doesn’t prove that Cyber Zeist was involved in hacking Alaska Elections, and lets viewers draw their own conclusions over how credible this mystery hacker is.
Although “Kill Chain” certainly delivers on presenting several points of view on cyber hacking of elections, what’s missing from the documentary are investigations on what can really be done to combat the problem. The documentary instead wastes some time showing Hursti going back to his hometown in Finland and visiting with his mother. He and his mother look through old photo albums and scrap books together. The only reason this hometown footage seems to be in the documentary is to show the audience that Hursti was a child prodigy in computer science. Instead of this filler and unnecessary footage, the documentary should have shown something more substantial, such as a look into what any grassroots organizations or coalitions are in the U.S. are doing to have voting systems that are the least likely to be hacked, since decisions about voting machines are made on the local level.
The closest the documentary offers to possible solutions is when it shows comments from some of the interviewees (such as statistics professor Stark), who believe that the best voting system to have is a voting system that can leave a paper trail where people can count paper ballot votes by hand, in case there are any disputes. Even though making voting machines more computerized is supposed to make the process easier, the more computerized these machines become, the more likely the election system can be hacked.
After watching this documentary, many people will probably feel the same way that University of Pennsylvania security researcher Sandy Clark feels, when she says: “I feel like we’re in terrible danger of losing what it means to be a democracy. If elections can be altered in a way that’s undetectable, how does one trust the results of their election? Democracy functions on trust. Without that trust, things descend into chaos and anarchy. Those of us who know how vulnerable the systems are in the elections are terribly afraid right now.”
HBO will premiere “Kill Chain: The Cyber War on America’s Elections” on March 26, 2020.