Arizona Senate President Karen Fann (R) joined by Judiciary Committee Chairman Warren Petersen (R) held a long-awaited hearing on July 15th where they received a detailed briefing on the Arizona Senate’s Audit of the 2020 Election in Maricopa County. Senate Audit Liason and Former Secretary of State Ken Bennett, Cyber Ninjas CEO Doug Logan, and CyFIR founder Ben Cotton presented absolutely DEVASTATING findings from the audit which is still being held back by Maricopa County’s refusal to obey the Legislature’s legal orders and subpoenas.
Kyle Becker of BeckerNews summed it up nicely in a single tweet:
NOW I get why Maricopa County and Biden admin fought tooth and nail to prevent an independent audit. 74,000 absentee ballot mail-in records missing, 25K duplicates, voter rolls a mess, bleed throughs, tens of thousands of ballots on demand, admin passwords issues. A disaster.
— Kyle Becker (@kylenabecker) July 15, 2021
Bear in mind as you read through these stunning revelations that according to Politico, the election in Arizona was decided by 10,457 votes over Trump, a 0.3% margin. When you’ve continually heard that there was no “meaningful” electoral fraud or that the amounts “wouldn’t impact” the election, remember that number: 10,457 votes.
Starting off the hour-long hearing Senate President Fann remarked on the audit,
“It’s taken longer than anticipated and we need answers”
First Let’s Talk About Duplicate Ballots in Arizona
Ken Bennett began the briefing by breaking down the numbers and particular processes involved. Bennett revealed that “We found thousands of duplicate ballots where those serial numbers are not on them. So it’s created a great difficulty matching up the ballots with their duplicates”
Forensic Cybersecurity expert, CyFIR founder Ben Cotton explained that the system images provided for the audit were flawed from the beginning,
“They (Maricopa County) did not use a forensically secure process to image those systems. So the dates and times on those cloned systems were altered by the cloning process.”
Cotton continued, explaining that in an ongoing battle between auditors and Maricopa County Board of Commissioners as well as the Maricopa County Sheriff’s Department, the routers utilized at the primary counting facility and the router configuration files have not been provided as ordered,
“We have not received the router configuration files, we have not received the router data, And Mr. Bennett and myself were in multiple conversations with County officials who agreed to provide that data to us.”
“It’s critically important to substantiate some findings that we are seeing through the keyword searching and the processes already mentioned. There are a number of things that we know have occurred as a matter of fact which need to validate that information.”
Forensic Expert Confirms: AZ Election System Was BREACHED
“We know through public record, public statements that an element of the election system was actually compromised or breached during the course of the November 2020 election. It is a matter of public statement by Maricopa County as well as legal action and law enforcement action surrounding that particular incident. The registration server that was public-facing did have unauthorized access to that. In cybersecurity terms, it was breached.”
“The county has accepted that as an unauthorized breach. Because they actually issued a letter to a small subset of the voters who were affected by the breach and they issued that in January of 2021. In that letter, they acknowledged that there was unauthorized access to the server in November 2021.”
The hearing confirmed that this was the very same breach reported in December 2020 when The GOP Times wrote,
Neonnettle.com reported that “At the Kerwin residence, they were looking for any evidence within the seized computers that showed they’d been used to access the IT network at the office, as well as “protected voters’ information” and any indication that it had been disseminated to other people.”
“According to the warrant, the “subject devices” seized will “then be searched for records relating to violations of 18 U.S.C Section 1030 (computer intrusion) and 18 U.S.C. Section 1030(b) & 371 (conspiracy to commit computer intrusion)”, which occurred from October 21, 2020, through November 5th, 2020. The mention of conspiracy suggests there may be multiple suspects.”
— Forbes (@Forbes) December 4, 2020
“The second item, is it has become readily apparent in the course of our analysis that there are severe cybersecurity problems with the way the election management system and network was maintained.”
JUST IN: Maricopa County cyber expert Ben Cotton says "We're seeing anonymous logins at the system level that do not follow that pattern of normal Windows behavior" pic.twitter.com/I8WF8TPy14
— National File (@NationalFile) July 15, 2021
Audit Shows: The Most BASIC Security Procedures Were Ignored
The next point raised according to Ben Cotton is easily the most disturbing: even the most rudimentary forms of basic computer maintenance that you average PC user can carry out were not utilized in these voting systems, leaving gaping, massive vulnerabilities which can be easily exploited to gain access to the election system.
“The last time that the antivirus was updated on these systems was the date that the Dominion software was installed on the systems. That happens to be August of 2019. There have been no Operating system updates or patches on this system since that same date. What that creates is a tremendous vulnerability to anyone who could get access through a system. Such as, if for example, the registration server was serving as a ‘jump box’ in other words it was dual networked so it was public-facing and also private facing into the election system. If someone accessed that system they would have no difficulty at all effectively penetrating and getting system-level access at the current patch state and antivirus state of these systems.”
“The vulnerabilities that exist on these systems would take an average script kiddie less than 10 minutes to get access to these systems.” Cotton told the Senate Hearing.
HYPR Security Encyclopedia tells us that a “script kiddie” is “A disparaging term often used to refer less experience malicious hackers who use existing software to launch hacking attacks. While security professionals tend to craft their own tools, script kiddies pick up off-the-shelf exploits, scripts, and tools to attack a target. Considered less skilled than professional penetration testers, or white hat hackers, script kiddies usually don’t understand the inner workings of software and computer networking.”
In other words, an Amateur could hack the Arizona Election system.
At the close of the hearing, Bennett, Logan and Cotton requested that Maricopa County Election officials be subpeonaed again.