As Election Day gets closer, one issue looms large for voters and election officials alike: cybersecurity. Hoping to quell fears about foreign hackers and repel potential threats, many states and counties are beefing up their plans to deal with cyberattacks. They’re shoring up systems to protect their voter databases and hiring security experts to assess the strength of their defenses. They’re coordinating with social-media organizations to stamp out deliberately fraudulent messages that could mislead voters about how to cast a ballot. And they’re banding together to share information and simulating how to respond to potential emergencies. One simulation-based exercise, held by the Department of Homeland Security in mid-August, gathered officials from 44 states, the District of Columbia and multiple federal agencies, the DHS says. “There absolutely is more emphasis on contingency planning” since 2016, says J. Alex Halderman, a professor of computer science at the University of Michigan.
Verified Voting in the News
In my community, we vote by filling in circles on a paper sheet that goes into a scanner — we have a paper trail. Can such a process still be hacked? Yes, though paperless voting machines can more easily be hacked. Professors Ronald Rivest of MIT and J. Alex Halderman of the University of Michigan explained on Sept. 13 in a session at EmTech MIT on how hackers can alter elections. According to Rivest, about 80% of voting jurisdictions in the U.S. have some sort of paper trail in the event of voting-machine hacks. If, however, you vote in Delaware, Georgia, Louisiana, New Jersey, South Carolina, or Nevada, there is no way to hand-count the votes should the need arise; votes are electronically recorded. The map below reveals that many other states use a mixture of paper and paperless voting systems.
When voters go to the polls in five states, a verified paper trail will not follow them. At a time of heightened concerns over election interference, election-security experts have called for that to change, suggesting paper results – visually confirmed by voters – would help state officials recover in the event of meddling or simple mistakes. “That presents a greater risk because there’s no way to detect if things have gone wrong,” said Marian Schneider, former deputy secretary of voting and administration in Pennsylvania and the president of the group Verified Voting. Paper ballots – or, at least, auditable paper trails, in which voters can see their choices recorded on a printed roll of paper – have been recommended by experts from Homeland Security Secretary Kirstjen Nielsen to the Brennan Center for Justice’s Democracy Program to the Defending Digital Democracy Project at Harvard’s Belfer Center. A large swath of Americans, however, will vote without them.
National: How to hack an election—and what states should do to prevent fake votes | MIT Technology Review
Donald Trump won the 2016 presidential election thanks to the votes of just 107,000 people in three states. The intricacies of the Electoral College help create situations where a relatively small number of US citizens can decide who wins the presidency. How susceptible could these votes be to tampering? The answer: a lot more than you might realize. In a live demonstration at MIT Technology Review’s EmTech conference today, J. Alex Halderman, professor of computer science and engineering at the University of Michigan, showed just how easy it would be to meddle with vote tallies to directly change election outcomes. Halderman brought an AccuVote TSX machine to the stage in a live demonstration of the dangers. He had three volunteers use the machine to vote in a mock election between George Washington and Benedict Arnold. Cameras pointing at the screen and projected above the stage showed the three voters casting their ballots for Washington. Yet when Halderman printed the returns from the machine, the reported result was a two-to-one victory for Arnold.
More than one-third of counties that are overseeing elections in some of the most contested congressional races this November run email systems that could make it easy for hackers to log in and steal potentially sensitive information. A ProPublica survey found that official email accounts used by 11 county election offices, which are in charge of tallying votes in 12 key U.S. House of Representatives races from California to Ohio, could be breached with only a user name and password – potentially allowing hackers to vacuum up confidential communications or impersonate election administrators. Cybersecurity experts recommend having a second means of verifying a user’s identity, such as typing in an additional code from a smartphone or card, to thwart intruders who have gained someone’s login credentials through trickery or theft. This system, known as two-factor verification, is available on many commercial email services. “Humans are horrific at creating passwords, which is why ‘password’ is the most commonly used password,” said Joseph Lorenzo Hall, the chief technologist at the Center for Democracy and Technology in Washington, D.C., who has pushed for security fixes in the voting process. This means increasingly we need something other than passwords to secure access to our accounts, especially email, which tends to undergird all our other accounts.”
A federal judge who’s considering whether Georgia should have to switch from electronic voting machines to paper ballots for the November election called the situation “a catch-22.” Voting integrity groups and individuals sued state and county election officials, arguing that the touchscreen voting machines Georgia has used since 2002 are vulnerable to hacking and provide no way to confirm that votes have been recorded correctly because they don’t produce a paper trail. They’ve asked U.S. District Judge Amy Totenberg to order Secretary of State Brian Kemp, the Republican candidate for governor, to implement the use of paper ballots for the Nov. 6 midterm elections.
Voting machines that do not provide a paper trail or cannot be independently audited should immediately be removed, concludes a new report from the National Academies of Sciences, Engineering, and Medicine.
A new report from the National Academies of Sciences, Engineering, and Medicine is recommending the use of human-readable paper ballots as the best way to protect the security and integrity of US elections, at least in the immediate future. In fact, the committee behind the report wants election officials to consider ditching voting methods that do not provide a reliable paper-verifiable audit trail as early as the upcoming 2018 midterms and for all local, state, and federal elections by 2020. It also does not want jurisdictions to permit the use of the Internet and Internet-connected systems to return marked ballots until “very robust guarantees” of security and verifiability are developed. Other recommendations include the need for states to mandate risk-limiting audits prior to the certification of election results and routine assessments of the integrity of voter registration systems and databases.
With the midterm elections just around the corner, Barbara Simons, author of the election security book “Broken Ballots,” explains why some voting computers remain inherently flawed. The genesis of problems with today’s voting machines was the controversy involved in counting certain paper ballots in the 2000 presidential election in Florida, Simons explains. “What we really have are voting computers, and anybody who has been reading the news for the past few years understands that computers are vulnerable to attack by hacking; they’re also vulnerable to software bugs and other unintentional errors that can occur,” Simons says in an interview with Information Security Media Group. “And yet as a result of this early, wrong perception that paper was not a good technology to use for voting, many of these initial voting computers that came out were paperless, which meant that it was impossible to do a recount.”
Greasing the machinery of democracy can be tedious business. Aside from the occasional recount or a hanging chad, the bureaucrats who run state elections don’t usually see much drama in their work. But this year’s all-important midterms are no ordinary election cycle. So it was that election administrators from all 50 states received rarified, red-carpet treatment outside Washington earlier this year, as federal intelligence gurus granted them secret clearances for the day, shuttled them to a secure facility, and gave them eye-opening, classified briefings on the looming threat. The message, participants said, was chilling. Officials from the FBI, the Department of Homeland Security, the National Security Agency and other agencies warned that the Russians had already shown they could hit hard in the 2016 presidential campaign, and they have been preparing to hit even harder — and no doubt in different ways — this time around. “This was a first for me,” Steve Sandvoss, who heads the Illinois elections office and attended the briefing, said in a recent interview. “I came out of there with the understanding that the threat is not going to go away.” The midterms will determine control of Congress, where a flip to the Democrats in the House or the Senate would no doubt intensify the pressure Trump is already facing from Special Counsel Robert Mueller’s Russia investigation.
Something strange happens on election night. With polls closing, American supporters of both parties briefly, intensely align as one: We all want to know who’s going to win, and we don’t want to wait one more minute. The ravenous national appetite for an immediate victor, pumped up by frenzied cable news coverage and now Twitter, means delivering hyper-updated results and projections before any official tally is available. But the technologies that help ferry lightning-quick results out of polling places and onto CNN are also some of the riskiest, experts say. It’s been almost two years since Russian military hackers attempted to hijack computers used by both local election officials and VR Systems, an e-voting company that helps make Election Day possible in several key swing states. Since then, reports detailing the potent duo of inherent technical risk and abject negligence have made election security a national topic. In November, millions of Americans will vote again — but despite hundreds of millions of dollars in federal aid poured into beefing up the security of your local polling station, tension between experts, corporations, and the status quo over what secure even means is leaving key questions unanswered: Should every single vote be recorded on paper, so there’s a physical trail to follow? Should every election be audited after the fact, as both a deterrent and check against fraud? And, in an age where basically everything else is online, should election equipment be allowed anywhere near the internet?