As the Senate’s audit of Maricopa County’s 2020 General Election gets set to move back into Veterans Memorial Coliseum this coming weekend, a recently retired college professor who also served as an investigator and special agent for various state agencies says there is nothing wrong with people asking questions about the safety and integrity of the county’s IT protocols.
Charles Loftus retired last week from Arizona State University where he had been teaching criminal justice, including domestic terrorism and white collar crimes. He also spent several years working for the Arizona Attorney General’s Office and other agencies on anti-money laundering operations, health care fraud investigations, and inquiries into the misappropriations of government money.
In most of those cases, computers or other electronic devices were used to commit or further the criminal activities. And in some of those cases, the crimes involved the computers themselves – or more specifically the valuable data files contained within those computers, including ones owned by government entities.
Loftus says public officials are becoming more concerned with data security thanks to several well-publicized breaches the last few years. But it is a never ending job, he told Arizona Daily Independent, “because every time a vulnerability is found it can be fixed, but then every time you install a new computer program it creates new vulnerabilities.”
Loftus has been following the Senate’s ongoing audit of how Maricopa County conducted the last general election. That includes the debate about whether any of the Dominion Voting System equipment was ever connected to the internet, either knowingly or surreptitiously.
It is important, Loftus said, to get those answers. “It needs to be verified that no external electronic mechanism” was present during the election, he said. And it is important to quell concerns that nefarious internet activity occurred, which requires a review of the appropriate county routers.
Loftus also said more questions should be asked about the “intrusion” someone committed last fall into the Maricopa County Recorder’s Office website. County officials acknowledged in December that the FBI was notified when staff members determined someone breached the website between Oct. 21 and Nov. 4.
Those same county officials stated no confidential voter files were accessed during the breach, although “publicly accessible” voter information was likely viewed, if not even copied. The statement did not mention the circumstances under which the intrusion was discovered or what specific public data was accessed.
A search warrant executed by the FBI in November at the Fountain Hills home of an IT professional led to the seizure of multiple computers, hard drives, memories, and other items. No additional information has been released by county officials, and requests for comment from the FBI or the U.S. Attorney’s Office have gone unanswered.
Whether someone was simply testing the county’s internet security protocols or had a more sinister intent is not known, but Loftus says the fact Maricopa County has made recent public claims that its routers are interconnected between multiple departments is reason to look into the breach further.
It is even possible that the intruder got into the voter information as a red herring to cover up another purpose, “just to see where else they could get into,” Loftus said.