The Nov. 6 presidential election is the first in which almost half the states will permit Americans in the military or overseas to cast ballots via e-mail or online, raising concerns that voting may be vulnerable to hacking or cyber attacks. The BGOV Barometer shows that 23 states and the District of Columbia will permit some degree of Internet-enabled voting for armed forces personnel and U.S. citizens living abroad, according to data compiled by the Overseas Vote Foundation. Among contested states in the presidential race, Nevada, Colorado, Iowa and North Carolina will allow e-mailed ballots, raising the possibility that the winner of a state’s electoral votes might depend on a few thousand electronic ballots. “From a security point of view, it’s the riskiest form of voting ever invented,” said David Jefferson, a director of the Verified Voting Foundation, a Carlsbad, California-based non- profit that works to improve the security of online and electronic balloting.
While the probability of an organized hacker attack may be low, “the potential damage is so large that we have to treat it as a threat to U.S. national security,” said Jefferson, a computer scientist at the Lawrence Livermore National Laboratory, in Livermore, California. Jefferson called for banning the e-mailing of voted ballots. He said cyber attacks can alter ballots or make them disappear and can compromise voter secrecy.
… The increasing use of Internet-based ballot return is a worrisome trend to J. Alex Halderman, a professor of electrical engineering and computer science at the University of Michigan, who in 2010 led a team of researchers that hacked into a District of Columbia online voting system during a mock election being held as a test. In two days, Halderman’s team changed votes and rigged equipment so it could determine how everyone voted. It took an additional two days for elections officials to respond to the hacking even though Halderman’s group tweaked the system to play the University of Michigan fight song whenever someone cast a ballot. The District canceled plans to use the system in a real election.
E-mail is even less secure than an Internet voting system, Halderman said in an interview. “It’s a dangerous trend that its use is increasing,” Halderman said. “I would be more and more concerned as these numbers grow because we’re seeing increasingly close elections.”