On November 6, Americans will head to the polls to vote in the congressional midterm elections. In the months before the contest, hordes of foreign hackers will head to their keyboards in a bid to influence its outcome. Their efforts will include trying to get inside the digital infrastructure that supports the electoral process.
There’s a worrying precedent here. Last year, the Department of Homeland Security notified 21 states that Russian actors had targeted their election systems in the months leading up to the 2016 US presidential election.
DHS officials said the Russians were mainly scanning computers and networks for security holes rather than taking advantage of any flaws that were discovered. Still, that’s no cause for complacency. Intelligence officials are already warning that Russia is intent on meddling in this year’s election too, and hackers from other countries hostile to the US could join in. This week, both DHS and the Federal Bureau of Investigation said Russia is laying the groundwork for broad cyberattacks against critical US infrastructure. Last year, the DHS designated voting technology as part of that vital framework.
Just interfering with close-run contests in a few swing areas could be enough to undermine confidence in the democratic process. “What computers make easier … is tampering with the voting system that can be done at the most impactful places in an effort to influence marginal races,” cautions Alexander Schwarzmann, director of the Center for Voting Technology Research at the University of Connecticut.
Since the 2016 presidential vote, much has been done to improve election security. Cybersecurity training for state and local officials has been stepped up significantly, and a body has been created to share intelligence about threats. Congress also recently allocated $380 million to states, which can use the cash to upgrade aging voting technologies, perform more post-election audits, and take other steps to bolster their defenses.
But hackers will have raised their game too, and they’ll no doubt exploit the intelligence they gleaned last time around. Here’s a brief overview of where they could do the most damage:
Voter Registration Systems
The technology: These systems keep a digital record of authorized voters in a jurisdiction and are used to populate “poll books” that election officials at precinct polling stations use to check voters in. The systems are often run on desktop computers using standard operating systems that could be vulnerable to malicious code. Many are also quite old. A report published last year by the Brennan Center for Justice at New York University Law School estimated that 41 states were still using voter registration systems built at least a decade ago.
The risks: Hackers could erase voters’ entries or create fictitious ones and then mail in votes for the fake personas. Large-scale tampering would be spotted (as would deletion of an entire database), but less blatant manipulation could be harder to pick up until the day of the vote. After the 2016 election, Illinois said hackers had accessed its voter registration system. They didn’t alter any voter data, but they did download 76,000 records. To help states try to prevent breaches, DHS is working with many of them to conduct security audits of their systems.
The technology: In many states precinct poll workers are using tablet-like electronic poll books, rather than paper ones, to verify voters. These machines are often connected to one another via local networks.
The risks: Hackers could target the networks to gain access to the machines, either shutting them down or altering the data on them. That’s why security experts are saying that all polling stations should have backup plans in place that allow them to print provisional ballots if the machines fail. The devices also pose other risks: last year, a security researcher uncovered a trove of voter data still in the memory of an electronic poll book being sold on eBay.
The technology: There are two broad types of electronic voting machines in use today. Optical-scan ballot readers scan and record paper ballots filled in by voters, while direct-recording electronic, or DRE, machines display ballot choices on a screen and record voters’ choices electronically. (Some DRE machines can also generate a paper record.)
Recommended for You
The risks: Plenty of machines run on antiquated operating systems that have known security flaws and whose creators have stopped issuing updates. This makes them particularly vulnerable to attack. Last year, hobbyist hackers attending the Defcon conference in Las Vegas were able to compromise a number of different devices and summarized the experience in a report. More recently, Alex Halderman, a professor at the University of Michigan, staged a mock election with student voters to show easy it is to hack the machines.
There are other risks, too, including the danger that hackers could compromise wireless modems in some machines that are used to transmit voting data. Optical-scan ballot readers at least have the original paper ballots to fall back on if there’s a suspicion they’ve been hacked; in the case of DREs, voters never actually fill in a ballot by hand. That’s led many election security experts to call for the machines to be scrapped.
Lawrence Norden, the deputy director of NYU’s Brennan Center, says 13 states are still using paperless systems. “I’m not hopeful that many of them will have made changes before November because there’s just not a lot of time now,” he adds. States that rely heavily on the machines, such as Pennsylvania, New Jersey, and Delaware, could still be using them for the 2020 presidential election.
Vote Tallying and Reporting
The technology: These systems typically run on computers using standard operating system software, and the devices may also be used for other things than tallying and reporting election results.
The risks: Like the computers used for voter registration, the machines are vulnerable to many different kinds of malicious activity, and hackers could target them to throw doubt on the overall outcome of elections. While this may sound unlikely, there are strong suspicions that Russian actors were behind an attack that deleted key files from the Ukrainian central election commission’s system in 2014. (Fortunately, the Ukrainians were able to restore the data from backups.)
This section doesn’t highlight another way in which hackers could cause havoc in November; instead, it’s here to make the point that robust post-election audits are going to be more vital than ever in a world in which hackers have voting systems in their sights.
Many audits are already conducted on poll results in the US, but plenty of experts are lobbying for so-called “risk-limiting audits,” which are more open-ended and onerous than traditional approaches. They involve taking paper ballots from a statistically significant random sample of precincts, tallying them, and then comparing the result with the outcome of the election calculated using the electronic records. (This, of course, assumes that paper ballots are still being generated, which would rule out the use of some DRE machines.)
The idea, which has been adopted by a few states including Colorado and New Mexico, requires an audit to be conducted of every contest, not just close-run ones. If discrepancies are discovered, then additional manual counts are conducted. This extensive—and expensive—low-tech approach may appear at odds with high-tech advances, but more robust checks are vital to counterbalance the growing power of hackers working to undermine our faith in democracy.
Keep up with the latest in cybersecurity at EmTech MIT.
Discover where tech, business, and culture converge.
September 11-14, 2018
MIT Media Lab