During the Arizona Senate hearing on the election audit in Maricopa County Thursday morning, audit officials reported discovery of issues such as ballot duplicates and surpluses, voter roll data, and machine security. In short: the number of votes certified didn’t match the number of ballots sent to the audit. The audit officials testifying were Senate Liaison Ken Bennett, Cyber Ninjas CEO Doug Logan, and digital security firm CyFIR founder Ben Cotton. Cyber Ninjas is conducting the audit.
The Arizona Sun Times checked the Arizona legislature website at 8 a.m. MST. The website was down. All that was displayed was an error message that said service was unavailable, likely due to a massive influx of traffic. The website remained that way until sometime after the Senate hearing began.
Senate President Karen Fann clarified that this audit wasn’t to gratify a political agenda or former President Donald Trump. She explained that this was to assure voters the protection of election integrity.
“This is not about Trump, this is not about overturning the election, this has never been anything other than determining the integrity of an election,” asserted Fann. “If we don’t have confidence in our electoral process, [then] everything we do in life is jeopardized.”
Logan reported that they’d accrued over two petabytes of data, 1,500 audit workers (1,100 of which were volunteers), and over 80,000 hours over the course of the audit.
Bennett explained the audit’s procedures. He noted that several boxes contained papers with personally identifying information (PII) out of around 1,700 boxes they received. Extraneous papers are sometimes used as stuffing for the boxes so they don’t collapse under the weight of other boxes, Bennett explained. Even so, auditors had to remove those papers. Bennett said that their workers carefully relocated the PII documents into separate boxes, making the total number of boxes just over 1,700.
On multiple occasions, Bennett emphasized that two signatures were obtained every time a box was moved. He also noted that the audit had 24 hours of armed security and live-streaming, as well as locked cages for the ballots and equipment. Only two individuals at most would hold the keys to those cages.
Bennett did note that only 52 boxes had tamper-evident tape sealing them. Reportedly, the other 1,650-odd boxes were secured with regular packing tape. Bennett promised that the auditors would seal the boxes with tamper-evident tape and a numbered seal across the top prior to their return.
One thing that Bennett noted was the difficulty the auditors had without the chain of custody documents. Although the senate earned access to those documents via subpoena, Bennett relayed that Maricopa County wouldn’t comply.
Cotton explained that the forensic digital copies of the ballots were given a digital fingerprint – meaning, if anyone else changed any of the data on any one of those copies, then it would alter the fingerprint. Cotton added that one set of copies was stored in a federal government-approved safe, while another set was used for examination.
Maricopa County election officials and Arizona Secretary of State Katie Hobbs announced last month that they would be replacing the voting machines entirely. Fann questioned why Hobbs and the officials believed there would be no way of knowing if the machines were secure. Cotton said this was false, and that there are ways to vet the machines for security purposes.
“Not a single bit of data was ever changed on any device that came into our possession,” asserted Cotton.
Election Machine Security
According to their reports, the auditors asserted that the election security systems on the machines used hadn’t been updated since 2019. Bennett said that this creates substantial vulnerability. Someone could gain access in less than 10 minutes into a system like that. He said this only emphasized the necessity for their audit team to gain access to the routers.
If the machines weren’t updated since 2019, then hackers had nearly three years to attempt to breach the system. Attempts were made, according to the auditors. Cotton explained that they discovered around 38,000 inquiries for blank passwords – something hackers may use to breach a system.
At least one attempt to hack the election system was likely successful. Bennett reminded the floor that Maricopa County’s election system was breached sometime leading up to or during the election. As first reported by Forbes, federal agents raided the home of Elliot Kerwin on November 5. The Sun Times has made multiple unsuccessful attempts to follow up with federal officials concerning Kerwin’s case.
Logan claimed that nearly 4,000 voters were registered after the deadline on October 15. Over 11,000 people disappeared from the voter rolls after voting on November 3, but re-appearing on the December 4 version of the file. Further, he said that around 18,000 individuals were recorded as having voted in the election but were removed immediately from the rolls thereafter.
After Fann asked for a logical explanation for the voters who disappeared for nearly a month from the voter rolls, Logan said that there couldn’t be one.
The auditors reported that “many [duplicate] ballots” didn’t have serial numbers on them, totaling somewhere in the thousands.
There is absolutely no evidence of problems with the election in Maricopa County…
— JackHeald.com · One Point Three Percent 🧰⚔️ (@JackHeald5) July 15, 2021
On Election Day, Logan reported that around 168,000 ballots were printed on demand.
Logan also reported that their team noticed that most ballots were showing signs that they were out of calibration. That means that the ballots weren’t printed correctly: little plus signs on either side of the ballot should fall in the center of a target on the other side, designed like a gun scope. He said that the average ballot was out of calibration by 1,024 percent. The greatest discrepancy they found was 3,200 percent out of calibration. Ballots that are out of calibration could cause an over-vote or cause someone to vote for an unintended candidate, Logan explained.
In accordance with law, the county said it used ballot paper thick enough to prevent bleed-throughs. However, the auditors claimed that they found significant numbers of bleed-throughs. Anything from ballpoint pens to Sharpies could cause a bleed-through, they said. Logan provided an example, replicated below:
Doug Logan: This is an actual ballot in Maricopa County with bleed through that would have been counted as an over vote. pic.twitter.com/dMaS0cvbFL
— Audit War Room (@AuditWarRoom) July 15, 2021
Maricopa County poll workers handed out Sharpies to voters on Election Day. Some voters reported that their ballots were accepted, but their votes weren’t counted because they’d used Sharpies. The ensuing commotion over the use of Sharpies caused SharpieGate to emerge, a theory that the vote-scanning machines couldn’t read ballots marked by Sharpies. Some of those voters who’d complained about their votes not being counted due to Sharpie markings took their grievances to court. Last month, the Maricopa County Superior Court dismissed one of those cases for lack of jurisdiction.
Signature matching processes for mail-in ballot envelopes broke down and dissipated completely, according to Logan. He explained that their intelligence reflected officials instructing workers to look for 20 points of comparison on signatures at first, then 10, then 5, and then the workers were told to let every single mail-in ballot through without points of comparison.
According to the auditors, they also discovered tens of thousands more mail-in ballots received and counted than were mailed out. Logan reported that they discovered a surplus of over 74,000 ballots.
What Remains to Be Audited
In order to finalize their report, Logan said they would need access to the splunk logs, chain of custody documents, all portable media and external drives, router configuration files or data, the network diagram, backups of election management data, digital copies of all election policies and procedures utilized, all files transmitted for duplicating or spoiling ballots, records of all paper distributed to vote centers, information and guidelines on adjudication of ballots, total count of all ballots sent to eligible voters on the voter information portal (UOCAVA), and a full backup copy of database of voter rolls.
Get the portable drives! These were taken off site nightly “for security” by county employees & Dominion contractors per Election Director Scott Jarrett. Why would Maricopa County only send 1 when clearly there are at least 3?! #AmericasAudit @AuditWarRoom pic.twitter.com/aUeaBdwBaY
— Dr. Kelli Ward 🇺🇸 (@kelliwardaz) July 15, 2021
Splunk logs are responsible for indexing all types of data, such as streaming, machine, and historical data.
Concerning the election policies and procedures, which are normally public record, Logan indicated that all aspects of those aren’t immediately accessible publicly. He said that public information on ballot storage requirements, for one, didn’t include specific guidance and trainings.
In closing, Fann said that they weren’t implying any intentional misdoings occurred. Fann wondered why Maricopa County resisted working with the auditors, noting that they and Arizona Secretary of State Katie Hobbs support election integrity.
“I do not know why Maricopa County has fought this so hard,” remarked Fann.
For safety purposes, Bennett, Logan, and Cotton were escorted out at the end of the meeting first by security.
Those in attendance applauded the three men as they were escorted out.
Watch the hearing below:
– – –