Let’s put aside for a moment the question of whether anyone connected to President Donald Trump colluded with Russia in its attempts to hack the 2016 election. Let’s not not get into an argument about whether the effort changed any votes, not to speak of the outcome. Let’s not even worry about whether Vladimir Putin himself was involved. The fact is, the hacking was massive, sophisticated and far more widespread than previously thought. According to a new report from Bloomberg, hackers broke into the election systems in 39 states. They may not have succeeded this time in breaching the voting machines themselves or even in substantially disrupting the voter registration rolls. But next time, they could. It doesn’t take much imagination to see how that would sow chaos and undermine trust in our democracy. That’s because our disorganized, underfunded and inconsistent voting systems — not to speak of actual, organized efforts by Republican officials to purge voter rolls and keep minorities, young people and the elderly from the polls — have done more than enough in that regard already.
We see enough distrust of the system every time some polling places in Baltimore open late because not enough judges show up; imagine that multiplied thousands of times across the country in the next presidential election, with hours-long lines at the polls and voters turned away in state after state. Hackers wouldn’t need to actually change votes to influence the outcome. They could delete records of voters registered with one party or another, or they could seek to crash systems in precincts likely to vote heavily for a particular candidate. People could still vote using provisional ballots or other means, but many would simply go home. Hackers wouldn’t even necessarily have to favor one party over the other — as they are believed to have done in 2016 — in order to delegitimize the winner. Doubt about the validity of the outcome would be enough to suit the Kremlin’s goals of undermining the West.
The details that have emerged so far about the Russian effort underscore how difficult out election system is to secure. Hackers reportedly targeted employees of voting system vendors by sending them fraudulent emails designed to get them to provide their passwords. They used the information they gained through those efforts to target election officials themselves with deceptively realistic fake communications. Thousands of people work on our election systems, either as public employees or contractors; it only takes security mistakes by a few of them to provide opportunities for serious mischief.