On Monday, the Washington Post reported that some election officials and intelligence officials have doubts about the ability of systems in the USA’s states and provinces to defend themselves against a sustained attack by a state-level actor. “America doesn’t have its act together,” Ion Sancho, a Florida election supervisor, fretted to the paper. “We need a plan.” Despite the warnings, it would be incredibly difficult for a foreign power to directly tamper with a U.S. state’s election results. Still, voter rolls themselves could be vulnerable in a number of states. Under the Help America Vote Act of 2002, each state must have one centralized, digital database of voters. One way that a malicious actor could impact an election (presidential or otherwise) would be to tamper with the registrations of a demographic group associated with the opponent of a candidate favored by the adversary.
… “You don’t connect your election management system to the internet just as you don’t attach your voting machines to the internet,” Pamela Smith, president of Verified Voting, a nonprofit organization devoted to accurate, fair elections, told Observer by phone. “Most states carry a prohibition against connecting any part of the voting system to the internet.”
… A state level actor (most finger Russia) with aims to undermine a rival power might not even need to successfully tamper with results in order to achieve espionage goals. As The Post reports, Russia might want to do it, for example, to undermine the United States’ efforts to spread democracy abroad. Doing so probably won’t help it to work much better here.
“Just casting doubt can be a big problem,” Smith said.