If there is a weak spot in the voting process, it could be the practice followed in more than half the states of allowing overseas voters, including members of the U.S. military, to return their ballots online, experts say. Twenty-two states and the District of Columbia permit some registered voters living outside of the U.S. to cast their pick for president by email, according to data compiled by the National Conference of State Legislatures. Another 30 states permit the return of some ballots by fax, while five states allow ballots to be uploaded through a web portal. The changes were implemented to make voting easier, but, with polls showing increasing concerns about rigging and hacking of the system, the one area with the most vulnerability may be this relatively small cache of ballots, the experts said. Most U.S. voting electronic machines aren’t internet-enabled, meaning that they would have to be physically accessed to tamper with the results. The few that do have wireless or other network capabilities generally are paper-ballot scanners that leave a physical trail that can be checked in a recount or audit.
The return of ballots by email or over the web, however, is an exception, as the identity of the sender and the security of his or her ballot can be difficult for election officials to verify. The population of overseas voters casting ballots online remains very small and those voters would still need to properly registered under state law to send ballots—meaning widespread online fraud by a cyber-adversary would be very difficult.
But the hacking and publication of emails from top Democratic Party figures by actors allegedly linked to the Russian government has exposed the vulnerability of email as a communication system.
“When you send an email with an attachment, it doesn’t necessarily mean that an adversary can’t necessarily get in the middle of that transmission and change your attachment en route,” said Ben Cotton, the chief executive of CyTech Services and an expert on cybersecurity. More than a dozen states even ask voters to waive their right to a secret ballot when casting a vote electronically.
Full Article: Web-Based Overseas Ballots May Be Most Vulnerable to Tampering – WSJ.