Skip Navigation
Analysis

Hold Cyber Ninjas Accountable

The shady cybersecurity firm should be barred from federal contracts.

July 19, 2022

You’re read­ing The Brief­ing, Michael Wald­­­­­­­­­­man’s weekly news­­­­­­­­­­­­­­­­­­­let­ter. Click here to receive it every week in your inbox.

As Congress’s investigation shows, the attempt to subvert American democracy did not start on January 6. It didn’t end then, either. 

Arizona voted for Joe Biden in 2020. But last year, in an effort to stir doubt about the result and about the electoral system as a whole, pro-Trump Republicans in the Arizona Senate announced an “audit” of the election in Maricopa County, which Biden carried by more than 45,000 votes. The legislature hired a Florida-based security consultancy called Cyber Ninjas — amazingly, not a pseudonym — to conduct it.

Cyber Ninjas had no experience auditing elections. But the company’s CEO, Doug Logan, was spreading election misinformation on social media and had links to prominent pro-Trump conspiracy theorists. 

The Cyber Ninjas “audit” — quotation marks cannot express how little this thing resembled a legitimate audit — was farcical from the outset. People pored over ballots looking for evidence of bamboo fibers. Aha! That would mean the ballots had really been sent from China, which must have been secretly rigging the election, no doubt with Italian intelligence and Hugo Chavez. (Alas, no bamboo was found.) 

The company worked to keep its procedures secret. Cyber Ninjas tried to stop election security experts from witnessing the process. Election documents weren’t properly protected. Doors remained unlocked, and outsiders had easy access. The auditors didn’t even have the right color pens — blue and black ink, which are legible by machine tabulators and can thus spoil a ballot, are supposed to be kept out of an auditing site. This is just a small sample of the many ways in which Cyber Ninjas demonstrated its incompetence. The audit cost millions of dollars. 

In September 2021, after dragging the circus-like review on for months, Cyber Ninjas issued its conclusions. Guess what: Biden won, by more votes than first tallied. 

But the result of the audit wasn’t the point. The goal was to kick up dust, throw out innuendo, and discredit elections. The report was laced with nonsense. For example, Cyber Ninjas recommended that Arizona review more than 10,000 voters simply because each of them shared a name and birth year — not even birthday — with another voter in the system. In a state with 4 million registered voters, there’s nothing suspicious about that level of overlap. 

When an Arizona state court ordered Cyber Ninjas to release public records, the company refused. It was assessed a $50,000-per-day fine, which eventually rose into the millions of dollars. The CEO shut Cyber Ninjas down.

This week, the Brennan Center and our partners All Voting Is Local Arizona, Arizona Democracy Resource Center, Living United for Change Arizona, and Mi Familia Vota sent a letter to federal officials requesting that both Cyber Ninjas and Doug Logan be barred from federal government contracts for up to three years. 

Such bans are a powerful tool for government accountability and ethics. Federal law states that a contractor is subject to the measure if it receives a civil judgment for violating the law. The refusal of Cyber Ninjas to divulge public documents is in clear violation of the legal standards. Logan and his company also failed to meet the basic requirements of competence and responsibility. 

Expect election deniers to follow the same script in coming years. Spew doubt. Spin conspiracy theories. Hope the voters shrug about the whole thing. It’s critically important that everyone — the Justice Department, Congress, and all of us — do what we can. Bad faith actors who undermined our elections and smeared our election officials must be held to account. As America moves to hold the president and his closest advisers responsible, let’s not forget the wider sphere of malefactors who supported him.