The civic experience of interacting with analogue voting interfaces is as Australian as the democracy sausage. Voters are confronted with tiny pencils, plus physical security measures that involve huddling in a cardboard booth and origami-scale folding. The use of paper ballots – and human counting of those ballots – creates one of the most secure electoral systems imaginable. And the Australian tradition provides another sometimes under-recognised component of electoral security: compulsory voting. This practice secures against the voter suppression tactics used to undermine elections in the United States. In the digital era, smartphones are so prevalent that it might seem tempting to move to voting online. In 2013 the Australian Electoral Commission (AEC) explored internet voting. But cyber security experts say: if it ain’t broke, don’t fix it. The problems the US has had with electronic voting provide a perfect illustration of what can go wrong. Every year hackers and cyber security experts from across the globe converge “In Real Life” (IRL) on Las Vegas to attend one of the world’s largest and longest-running annual hacker conventions: DefCon.
Election hacking has recently gained prominence at DefCon. In 2017 the “Voting Machine Hacking Village” area revealed the cyber vulnerabilities of US election equipment, databases and infrastructure. One participant even “RickRolled” a machine by replacing the voter profile with Rick Astley playing his song “Never Gonna Give You Up”.
The DefCon Voting Village showcased electoral system vulnerabilities again this year, as Young DefCon attendees aged 8-16 competed for prize money to hack into replicas of election results websites to manipulate vote tallies. It took an 11-year-old just 10 minutes to hack into one of the systems.
Recent announcements from the White House indicate that cyber-vulnerable elections are more than child’s play. Earlier this month the Trump administration outlined approaches to bolster defence against cyber operations targeting elections.