A recently declassified memo from the National Intelligence Council (NIC), dated January 15, 2020, has shed light on serious vulnerabilities in the U.S. election infrastructure. This document came to public attention when the Director of National Intelligence, Tulsi Gabbard, released it on March 16, 2026. The memo’s findings were alarming enough to prompt briefings for President Trump as early as February 2020, just a month after its initial publication.
The NIC’s “Key Takeaway” claims that nations such as Russia, China, Iran, and North Korea possess the capabilities to access and potentially manipulate data within U.S. election-related systems. While the memo does not specify any known plans for such actions, it recognizes that both state and nonstate groups have the tools to infiltrate this critical infrastructure.
Following the release of this memo, Chris Krebs, the former Director of the Cybersecurity and Infrastructure Security Agency (CISA), made headlines by asserting that the 2020 election was “the most secure in American history.” This statement came from a joint declaration made by the Election Infrastructure Government Coordinating Council (GCC) and the Sector Coordinating Council (SCC), which comprises representatives from federal agencies, state election officials, and private sector entities like Dominion Voting and Hart InterCivic.
But the NIC memo paints a different picture, raising questions about that very security assessment. The memorandum delves into various segments of the election system that are particularly exposed to attacks. For instance, it identifies voter registration databases as being on internet-connected systems that are both accessible and frequently updated, making them easy targets for cyber adversaries. The risk is significant: attackers could manipulate data to prevent specific groups of voters from casting their ballots or create last-minute delays on election day.
Historical context further amplifies these concerns. Reports indicate that Iran and China have successfully accessed voter registration databases. Iranian hackers were charged for such a breach back in November 2021, with evidence surfacing of China’s involvement in March 2026. This underscores a troubling trend—that threats to election integrity are not just theoretical but have real-world implications.
The memo also highlights vulnerabilities surrounding pollbooks, many of which are connected to the internet. This connectivity poses serious risks, as past incidents show that discrepancies can manifest in alarming ways, even leading to automated increments in voter tallies as polls close.
Centralized data repositories are flagged as some of the most vulnerable systems due to their ease of access and lack of security. The memo makes it clear that adversaries could exploit these systems with relative ease, manipulating voter information stored in these databases. “Vote-Administering Systems” are also noted as susceptible to localized exploitation, with specific mention of the ease with which certain voting machines can be compromised.
Interestingly, the memo cautions against the reliability of direct recording electronic machines. These machines, which digitally process and store votes, are particularly vulnerable—especially those lacking a paper backup. Even as calls for an auditable paper trail grow louder, the report indicates that many jurisdictions limit public oversight to digital images rather than the physical paper, which complicates accountability further.
The memo cautions that adversaries could manipulate voting machines if they gained physical access, raising the specter of significant election tampering. At a 2019 cybersecurity conference, hackers were able to compromise over 100 certified voting machines, demonstrating substantial flaws in the system. A former contractor testified that he could infiltrate voting systems in a matter of minutes, further emphasizing the disturbing ease of potential exploitation.
In addition, the report warns that voting machines configured at a central location may be vulnerable to insider threats. Malware introduced during the setup phase can affect multiple jurisdictions, raising the stakes of election security dramatically.
As the NIC memo unfolds its serious concerns regarding election infrastructure, it calls into question the existing narratives about election security. John Solomon suggests that the memo holds even bigger revelations, hinting that more explosive findings may yet be uncovered. The implications of these vulnerabilities extend beyond mere technical flaws; they strike at the very heart of public trust in the electoral process.
"*" indicates required fields
