Election-day activities center on polling places and their voting machines, and this is where the public interest in vote security is most acute. Each state is in charge of acquiring and managing voting machines, and many states have different types of machines within their borders. The wide variety of voting machines used across the United States, rather than deterring hackers, actually helps empower them if they want to change the outcome of people’s votes, say many cybersecurity experts. Many voting machines are so old that modern security has not yet caught up to them.
Concerns about the fragility of US electronic voting systems to cyberattacks go back to 2002 when the Help America Vote Act was passed mandating the replacement of lever-based machines and punchcards with more modern voting equipment. Those concerns have been greatly amplified this election season with reports of attacks on voter registration systems in some 20 states and intrusions into the Democratic National Committee’s computers by hackers believed to be out of Russia.
Fear that hackers could exploit vulnerabilities in our voting systems could undermine voter confidence this November, especially if the vote ends up being close. The good news is that it is also helping fuel an important discussion about how the U.S. should secure its elections.
Standardizing voter registration processes, voting machines and vote tabulation is the key to eliminating most vulnerabilities plaguing U.S. elections, according to several cybersecurity experts. These standardizations would embed security, enable backups and eliminate many backdoors through which hackers and vote fraudsters currently can warp the results of an election. While voting is administered at the state and local levels, these remedies would need to be applied nationwide.
With Donald Trump already talking about the presidential election being rigged, Symantec has set up a simulated voting station that shows how electronic systems might be hacked to alter actual vote tallies for just a few hundred dollars. They found that while it’s possible to change the number of votes cast for each candidate, it would be very difficult to do so on a large enough scale to swing the election one way or the other.
The Department of Homeland Security on Saturday urged state election officials to seek assistance in boosting cyber security ahead of November’s elections, after hackers tapped into voter registration systems in a small number of states. In a statement, Homeland Security Secretary Jeh Johnson said 21 states have sought the Department’s assistance to improve cyber security. Johnson said hackers have been scanning state computer systems, a possible prelude to actual cyber attacks. “These challenges aren’t just in the future — they are here today,” Johnson said.
We can bank online and we can shop online so why can’t we vote online? To answer that question, we first need to agree on what it means, said David Dill, a computer science professor at Stanford and the founder of the Verified Voting Foundation. In other words, what do people mean when they ask: “Why can’t we vote online?”
This article was originally posted in the September 16 issue of NCSL’s The Canvas.
After multiple hacks of Democratic Party e-mail systems and fears of Russian cyber attacks on the U.S. election, paper ballots have taken on an unexpected appeal. Online voting software companies are convinced convenience-loving Americans will increasingly push to cast their ballots on smartphones and laptops, and they’re working to make that happen. But voter advocates, election officials and others are still leery of the risks involved in conducting elections over the all-too-vulnerable internet.
State information technology officials have strengthened their defenses against hackers and cybercriminals who attack their computer networks millions of times a day, but admit they’re not fully prepared for increasingly complex threats that could expose the personal information of their residents.