The recent news that thirty electronic voting machines of five different types had been hacked for sport at the Def Con hackers’ conference in Las Vegas, some in a matter of minutes, should not have been news at all. Since computerized voting was introduced more than two decades ago, it has been shown again and again to have significant vulnerabilities that put a central tenet of American democracy—free and fair elections—at risk. The Def Con hacks underscored this. So did the 2016 presidential election, in which the voter databases of at least twenty-one and possibly thirty-nine states, and one voting services vendor, came under attack from what were apparently Russian hackers. Last September, then-FBI Director James Comey vowed to get to the bottom of “just what mischief” Russia was up to, but, also sought to reassure lawmakers that our election system remained secure. “The vote system in the United States…is very, very hard for someone to hack into because it’s so clunky and dispersed,” Comey told the House Judiciary Committee. “It’s Mary and Fred putting a machine under the basketball hoop in the gym. These things are not connected to the Internet.” Comey was only partially correct. Clunky and dispersed, American elections are run by the states through three thousand individual counties, each one of which is responsible for purchasing and operating the voting machines set up by Mary and Fred. But Comey missed a central fact about many of those machines: they run on proprietary, secret, black-box software that is not immune to hacking, as Def Con demonstrated.
Additionally, the votes registered by touchscreen machines, some of which keep no paper record of their transactions, as well as ballots read by optical scanning machines—the two technologies most widely used at the moment—are typically counted by a central tabulator that is connected to the Internet. And these are just the most obvious weak points. As University of Michigan computer science professor J. Alex Halderman told the Senate Intelligence Committee last June:
A small number of election technology vendors and support contractors service the systems used by many local governments. Attackers could target one or a few of these companies and spread malicious code to election equipment that serves millions of voters. … Before every election, voting machines need to be programmed with the design of the ballot, the races, and candidates. This programming is created on a desktop computer called an election management system, or EMS, and then transferred to voting machines using USB sticks or memory cards. These systems are generally run by county IT personnel or by private contractors. Unfortunately, election management systems are not adequately protected, and they are not always properly isolated from the Internet. Attackers who compromise an election management system can spread vote-stealing malware to large numbers of machines.
… At the moment, about a quarter of voting machines do not keep a paper record of votes cast. Five states are completely paperless, while fourteen are partially paperless, and either way a meaningful statewide audit is impossible. As Barbara Simons, the president of the non-partisan group Verified Voting, pointed out to me in an email, “Some [of the 14], such as Pennsylvania, are critical swing states. Eighty percent of Pennsylvania voters are still stuck with unreliable, insecure, ancient, paperless voting machines, making Pennsylvania a prime target for mischief.”