Rapid advances in the development of cyberweapons and malicious software mean that electronic-voting machines used in the 2012 election could be hacked, potentially tipping the presidential election or a number of other races. Since the machines are not connected to the Internet, any hack would not be a matter of someone sneaking through cyberspace to change ballots. Rather, the concern is that an individual hacker, a partisan group, or even a nation state could infect voting machines by gaining physical access to them or by targeting the companies that service them.
The 2010 discovery of the Stuxnet cyberweapon, which used a thumb drive to attack Iran‘s nuclear facilities and spread among its computers, illustrated how one type of attack could work. Most at risk are paperless e-voting machines, which don’t print out any record of votes, meaning the electronically stored results could be altered without anyone knowing they had been changed. In a tight election, the result could be the difference between winning and losing. A Monitor analysis shows that four swing states – Pennsylvania,Virginia, Colorado, and Florida – rely to varying degrees on paperless machines.
“The risk of cyber manipulation of these machines is quite real,” says Barbara Simons, a computer researcher and author of “Broken Ballots,” a book documenting e-voting vulnerabilities. “Most people don’t understand that these computer-based voting machines can have software bugs or even election-rigging malicious software in them.”
… “If you’re considering a malicious attack, then you’re dealing with an adversary that’s strategic about where they’re going to act,” says Edward Felten, a Princeton professor who also has analyzed cybersecurity and other e-voting machine weaknesses state by state. “An attacker might look at the odds of getting away with an attack in a particular place. Where he attacks might also depend on being able to get access to a machine through a corrupt election official or in a state where defenses are weaker.”
It’s impossible to know if newer machines and software are really secure because their source code is largely unavailable for analysis, Dr. Felten and others say. Voting-equipment makers frequently say their software is a trade secret. But some security experts say that needs to change. “Our goal should be an election so open and transparent, including the software,” says author Ms. Simon. “It’s not so much for the winners that we need it. It’s for the rest of the electorate – convincing the losers and their supporters they really did lose. That’s why it’s important.”