Members of a group advising Miami-Dade on how to improve its elections want the county to try get ahead of the curve of fraudsters who have attempted to manipulate the system by submitting phantom absentee-ballot requests online.
“Folks are always going to try to figure out weaknesses in the system in order to sway it to their advantage,” County Commissioner Dennis Moss, one of the group’s members, said at a meeting Wednesday.
The elections department, he said, should work proactively to foresee where would-be computer hackers might try to attack next.
They have already attempted one scheme: submitting thousands of phony ballot requests online for unsuspecting voters. More than 2,500 such requests were flagged by the department last summer because they originated from only a handful of Internet Protocol addresses.
An investigation by the Miami-Dade state attorney’s office prompted by a Miami Herald article that revealed that some of those IP addresses could be traced locally has engulfed the campaign of Congressman Joe Garcia. The Miami Democrat fired his former chief of staff after the chief admitted to Garcia that he coordinated the submission of nearly 500 fraudulent ballot requests.
In a separate investigation last month, prosecutors searched the home of a campaign aide to Miami Commissioner Francis Suarez, who is running for city mayor, for submitting 20 ballot requests for voters. State law requires voters or their family members to submit requests themselves.
In December, a grand jury convened by State Attorney Katherine Fernández Rundle to examine problems with voting by mail recommended bolstering online security.
The state attorney’s office declined to comment Wednesday on the status of either ongoing investigation.
Elections Supervisor Penelope Townsley said her office has been looking into ways to beef up the security features of its online ballot-request form. Last month, commissioners delayed until September a measure directing the department to take steps to strengthen the online process.
“It’s quite costly,” Townsley warned.
Still, Mayor Carlos Gimenez, who convened the advisory group after last November’s troubled general election, said he would schedule a more in-depth discussion about online-request security for the group’s next meeting in the fall.
“We don’t want to publicize how we’re going to try to stay ahead,” he said.
But the county should be able to predict, for example, that if fraudsters know they were caught using, say, 10 IP addresses for a certain number of ballot requests, then next time, they may try to use 100 IP addresses.
“Those kinds of things we’ve got to get on top of,” Gimenez said. “And the people that we catch — they need to be prosecuted.”