With primary elections ongoing, and November quickly approaching, voters are worrying about hacking and how it might affect voting outcomes. From databases on personal voter info to ballot machines, the entire infrastructure continues to be insecure. Let’s look at a few major vulnerable points and what can be done to shore up security:
The 2016 Vote
A plethora of evidence points to Russia hacking the 2016 election, but what exactly did they do? We know that online systems of 21 states were scanned by Russians, but no information was actually stolen.
Illinois, however, was hit with an attack compromising up to 200,000 personal voter records, though no records were changed. Meanwhile, in Arizona, an election official opened a malware-infected email, compromising the official’s credentials. The system itself, however, was not compromised.
On a higher level, the Election Assistance Committee, a federal agency that regulates voting machine security, discovered a Russian-speaking hacker had obtained 100 EAC employee credentials and was looking to sell them. VR Systems, an election system provider for eight states, was also targeted by a Russian phishing scam. At least one of the seven targeted accounts was compromised.
Whether any of this swayed the vote is moot; the point is that the systems are still vulnerable.
One threat is hackers gaining access to voter information databases, such as what happened in Illinois. In theory, information could be changed. Database management is key here. Not only should access be limited, but passwords should be secure and changed often enough to confuse hackers.
After the databases, the next point of security that’s troublesome is the voting machines themselves. Voting data is sent from voting machines to a central tabulating computer. The problem is that the Department of Homeland Security revealed that a number of rogue Stingrays, cellphone simulators, were discovered in Washington, D.C. They do not know who is operating the devices.
Stingrays could intercept results by mimicking cellphone towers. The results could then be altered, shifting the vote in favor of a candidate or bill.
The DS200 is a popular voting machine that optically scans paper ballots. It’s air gapped — there is no connection to the internet — but it can transmit unofficial results via modem. The problem, Princeton computer scientist Andrew Appel told the New Yorker, was that there was nothing stopping the poll workers from also sending the official votes via modem. The information could be encrypted, both sender and receiver would need to know the encryption, and a Stingray could still intercept the data.
While Elections Systems and Software, the DS200 makers, claim this would be extremely rare, it could still happen. Still, New York, Maryland, Virginia, and Alabama prohibited the use of modems to transmit elections results.
There are 13 states that contain counties where the voting machines don’t use ballots at all. These are the most vulnerable, as paperless touchscreen machines are insecure. The actual vote can’t, for example, be verified by a hard copy. The voter may touch one candidate’s name, but the machine could record a different vote; there would be no marked copy to prove who the voter actually voted for. This could be accidental, or it could happen thanks to the introduction of malicious code. This is not a hypothetical, either, as a machine in Pennsylvania’s Venango County “flipped” votes, where touching a candidate on the touchscreen caused the vote to count for another candidate.
Worse yet, there’s no actual way to know if the vote was truly counted or not. Again, with no paper copy to back the vote up, the machine could tell the voter their choices were recorded, but then throw out all or part of the vote.
In 2017, because of these concerns, 22 voting stations in Virginia converted to paper ballots, and decertified their touchscreen-only machines. While going paper-only is the most secure option, it’s also more time-consuming.
Striking a balance between security and ease of use for both voters and poll takers is tricky. It’s clear that the Russian hack of the 2016 election should join the likes of other major security breaches that shaped history, such as the Sony breach, which leaked employee data, or the Target data breach, which leaked 40 million credit and debit card records. However, unless voting data and machines are made more secure, future votes could be just as fraught with hacking, possibly changing the outcome and altering the future of voters.
Hacking the Vote: Security Vulnerabilities and the Future of Voting was originally published in Hacker Noon on Medium, where people are continuing the conversation by highlighting and responding to this story.