Could hackers swing a U.S. election? With the 2016 presidential race already well underway, it’s time for us to take cyber threats to our electoral process much more seriously. Over the years, a number of security researchers, ‘ethical hackers’ and government agencies have warned about the risks, but little has been done to prevent these attacks. Hacking just a few electoral districts could allow an attacker to swing an election in a close race. The U.S. has had close elections multiple times in the past. In 1960, John F. Kennedy squeaked out a victory over Richard Nixon by just 0.1%. In the 2000 presidential election, the decision came down to just a few votes in Florida. In the end, the Supreme Court had to determine the winner.
The election system is particularly vulnerable because it involves a combination of state, local, and federal government agencies with their own systems, software, hardware, and security protocols. Often, government departments are running old “legacy” computer systems that are extremely vulnerable to malware and hacking; and even if they have new systems, these are often put into place without a comprehensive security audit and performance review.
Who exactly is in charge of securing these overlapping networks isn’t always clear in government either. These agencies typically face tight controls on their budgets which make it difficult to spend on needed security controls. Government departments also have a lot of publicly accessible systems, like electronic voting machines, that give access to bad actors.