With the Democratic National Committee cyberattack far more widespread than originally thought, fears of foreign power using cyber-espionage to influence this November’s election are growing, and real. It’s also prompted concern that hackers may shift focus to an even more vulnerable target: your vote. Voters in 43 states will cast their ballot for the next president using aging electronic voting machines, many now ten years old with dated software lacking proper security. Despite machine manufacturers’ repeated claims of their integrity, high-profile studies have shown hackers can alter vote tallies on these notoriously-penetrable machines within minutes. Tactics available to hackers are numerous and growing: A distributed denial-of-service (DDoS) attack would disable voting machines or the back-end servers, preventing voters from participating in the election. Deleted voting records ahead of Election Day would expunge names from the registered voter rolls. And malware could be used to “steal” an election by tampering with voting machine hardware or software.
… Our government security professionals need the visibility to closely monitor voting machines systemwide. They must be able to stop a breach no matter where it starts and otherwise ensure the integrity of the voting system through audit trails, paper back-up ballots, and other forms of assurance to the voting public. And we must require streamlined, consistent protocols so the leaders of our patchwork state-run voting systems are held accountable for audits and paper trails to demonstrate the integrity of any given vote. The federal government also has a responsibility to start treating election security as national security, and to share national threat intelligence and countermeasures with states and local governments.