The Iowa Democratic Party declined to allow officials at the Department of Homeland Security to vet the app intended to tally the votes during Monday’s botched first-of-the-nation caucuses.
The new mobile app, created by tech firm Shadow, is currently being blamed for the unprecedented chaos during the first nominating contest of the 2020 election, when “inconsistencies” in reporting delayed the results. Party officials said they expect results to be released Tuesday afternoon, though precinct results are still being reported.
Acting DHS chief Chad Wolf told Fox News on Tuesday that the Cybersecurity and Infrastructure Security Agency, which was established in 2018, offered to test the app from a “hacking perspective.”
“They declined, and so we’re seeing a couple of issues with it,” Wolf said. “Right now, I’d say we don’t see any malicious cyber activity going on.”
Troy Price, the chair of the Iowa Democratic Party, said in a statement on Tuesday morning that officials have “every indication” the app was not hacked, noting the systems were tested by independent cybersecurity consultants prior to the caucuses on Monday. But, he said there were “inconsistencies” in the results, the underlying cause of which was “coding issues.”
“We determined with certainty that the underlying data collected via the app was sound,” Price said. “While the app was recording data accurately, it was reporting out only partial data. We have determined that this was due to a coding issue in the reporting system. This issue was identified and fixed. The application’s reporting issue did not impact the ability of precinct chairs to report data accurately.”
In two separate payments last year, the Iowa Democratic Party paid Shadow, a tech firm that last year joined with ACRONYM, a liberal nonprofit group focused on digital messaging, more than $63,000 for “website development,” according to state campaign finance records. According to the Huffington Post, citing a source with knowledge, those payments were for the app the caucus site leaders were supposed to use to upload the results at their locales.
During an interview with NPR in January, Price declined to provide more details about which company designed the app, or about what specific measures had been put in place to ensure the security of the system. The party worked with the national party's cybersecurity team, and with Harvard University's Defending Digital Democracy project, NPR reported.
The app was supposed to streamline the voting contest: Caucus-goers would still make their preferences known on paper, but those tallies would then be transmitted from the apps on precinct volunteers’ smartphones to the computers and websites that report the results.
Cybersecurity experts previously questioned the party’s decision to withhold certain details about the app and how they planned to protect it from possibly malicious intrusions.
“If there is value, there will be an attack,” Duncan Buell, a computer science professor and voting security expert at the University of South Carolina, told Politico, prior to the Iowa caucus chaos. “And whether to change the results or just to disrupt the process, there is value in attacking the Iowa caucus.”