In the months leading up to November’s midterm elections in the US, hordes of foreign hackers will head to their keyboards in a bid to influence the outcome. Their efforts will include trying to get inside the digital infrastructure that supports the electoral process.
There’s a worrying precedent here. Last year, the Department of Homeland Security (DHS) notified 21 states that Russia had targeted their election systems in the months leading up to the 2016 presidential election.
DHS officials said the Russians were mainly scanning computers and networks for security holes rather than taking advantage of any flaws they discovered. Still, that’s no cause for complacency. Intelligence officials are already warning that Russia is intent on meddling in this year’s midterm elections, too—and most of the digital technology that will be used predates the launch of the first iPhone in 2007. Here’s what cyberattackers might target.
The Technology: These systems keep a digital record of authorized voters, and data from them populates “poll books” used to check people in at precinct polling stations.
The Risks: Many voter registration systems are old: a report last year by the Brennan Center for Justice at New York University School of Law estimated that 41 states were still using ones built at least a decade ago. They are hosted on servers and need connectivity to receive voter data and transfer it to poll books. Hackers who gain access to them could erase voters’ entries or create fictitious ones and then mail in votes for the fake personas. That could tip the balance in tight races.
This makes the systems tempting targets. In his indictment of 12 Russian hackers in July, US special counsel Robert Mueller alleged that they penetrated the website of one (unnamed) state board of elections in 2016 and stole partial Social Security numbers, driver’s license numbers, and other data for around half a million voters.
The Technology: In many states, precinct poll workers use tablet-like electronic poll books, rather than paper ones, to verify voters. These machines are often networked to one another and run tailor-made software.
The Risks: Hackers could target the networks to gain access to poll books, either shutting them down or altering data that’s on them. They could also break into the systems of companies that develop software for the poll books and insert malicious code.
Compromising poll books could cause chaos during an election. For instance, voters may be told that they’ve already voted when in fact they haven’t. Ideally, all polling stations should have backup plans in place that allow them to print provisional ballots if the machines fail.
The Technology: The US uses two main types of electronic voting machines. Optical-scan ballot readers scan and record paper ballots filled in by voters, while direct-recording electronic, or DRE, machines display ballot options on a screen and record voters’ choices electronically. Only some DRE machines produce paper records too.
The Risks: Voting machines are programmed with the ballot design, which includes names of the races and candidates involved. The design is set up on election management systems at a central election office or a vendor. The information is typically then transferred to each machine by officials using memory cards or USB keys. Hackers can target the central computers to spread malicious code to multiple machines, or they can target individual devices.
If officials suspect optical-scan ballot readers have been hacked, they can check the paper ballots; with DREs, there’s sometimes no paper record to look at. Paperless machines are still used in 13 states, and five rely solely on them.
The Technology: The software managing vote tallying and reporting typically runs on computers using standard operating systems.
The Risks: Hackers could target the software to throw doubt on the outcome of elections. While this may sound unlikely, there are strong suspicions Russian hackers were behind an attack that deleted key files from the Ukrainian central election commission’s system in a 2014 vote.
The good news is that almost all US states check outcomes against reports from individual precincts before certifying official results. So any confusion sown by an attack on vote tallying and reporting software should eventually be resolved as long as the underlying voting processes remain secure.
Beyond all these risks, plenty of other nightmare scenarios could affect the different stages reviewed here. They include distributed denial of service attacks, which knock web-connected systems out of action by flooding them with fake traffic, and ransomware attacks, which use malware to encrypt data—or, in the worst case, destroy it.
This story is a modified and updated version of Here's how hackers could cause chaos in this year's US midterm election