Why Russian Hackers Probably Can’t Mess with the U.S. Election
The risk of psychological damage is far greater than any technological threat.
State-sponsored Russian hackers appear to be behind attacks on voter databases in Arizona and Illinois. The incidents are a stark reminder of the vulnerabilities in our country’s voting process, even when hackers use fairly standard tools. But the greatest threat to American democracy isn’t technical in nature, security experts say—it’s psychological.
In a warning the FBI posted last month, it suggested that voter databases in two states had been attacked by hackers, and as many as 200,000 voter records look to have been stolen in the attack on the Illinois voter database. In Arizona, one employee’s login information was compromised after the person downloaded malware, but no information was stolen.
Reporting on the incidents has mostly focused on the worry that hackers could foul up an election by tapping into databases and deleting voter registration records. But voter databases actually get hacked kind of often. And even if records were deleted, any voters whose records weren’t on file when they showed up at a polling station could still submit a provisional ballot that could then be verified.
The greater threat, then, as Wired reports, is what might happen if voters lose confidence in the nation’s electoral process:
“The thing that I’m worried about is not the technical disruption of the election itself. That’s still extremely unlikely,” says [cybersecurity researcher Thomas Rid of King’s College in London]. “The pattern we see is to call things into question, to sow doubt, to create uncertainty. This could be another way to create uncertainty in the minds of a lot of people … You can’t patch this psychological vulnerability.”
It’s understandable that concerns around election security would be high, especially after Russian hackers stole e-mails from the Democratic National Committee and used them to embarrass the party during its convention earlier this summer. These latest incidents are indeed worrisome. But not, perhaps, for the reasons we might at first think.
Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.Subscribe today