How vulnerable is the U.S. presidential election to hackers? It’s a topic being discussed widely in advance of Tuesday’s voting day.
When it comes to the security of electronic voting machines, there is considerable concern. Vulnerabilities open individual locations to vote tampering, depending on other security controls around the handling of the machines. But it would be highly unlikely for enough voting machines to be compromised to swing an entire state election.
One big reason for this is that the system is highly decentralized, with tens of thousands of precincts running election sites around the country. Because of the decentralized nature and varying processes from locality to locality, it’s much more likely that tight local or state elections could be altered rather than a national election.
But can votes be electronically altered? It’s no secret how vulnerable many experts view electronic voting machines to be. In fact, for more than 15 years now, computer scientists have been documenting the vulnerabilities. As recently as this past Friday, cybersecurity firm Cylance disclosed an electronic voting machine flaw.
The proof-of-concept video below demonstrates the techniques Cylance researchers used to compromise a Sequoia AVC Edge Mk1 voting machine. The video shows a proof-of-concept attack that could involve someone re-flashing the firmware with a PCMCIA card and thereby altering votes. The attack is reportedly successful at changing both the public vote counter and the “protective” vote counter, which is a system used to validate the official vote tally.
Ever since the presidential election recount in Florida in the year 2000, debates about the efficiency and security of the voting system have ensued. Following that election and the infamous recount, Congress passed the Help America Vote Act that required the modernization of voting systems.
Supported by a few billion dollars in funding, local jurisdictions moved away from paper-based systems to electronic and optical voting systems. Some jurisdictions now use optical scanners that count paper ballots; others use touchscreen voting (like the one shown above) that operates much like an ATM.
As I reported in 2004, E-Voting Systems Face Security Questions, more than one-third of local election districts were using or planning to use electronic voting systems that year. At the time, security researchers criticized these systems for not being encrypted, having poor passwords and being vulnerable to tampering.
A year earlier, an Ohio-funded report identified security problems among machines built by many of the leading manufacturers at the time: Diebold Election Systems, Election Systems & Software, Hart InterCivic, and Sequoia Voting Systems. This study and others caused many states to take a pause on electronic voting systems.
So what’s happened since then? As the Cylance demonstration shows, troubling vulnerabilities remain.
The good news is that many of these machines are not connected to the Internet, at least not persistently. Also, because of security concerns, many states did switch to paper-based systems. In addition, because these voting machines are not centrally managed, hackers have no central place to breach and alter the election broadly.
That doesn’t mean shenanigans aren’t possible. It’s within the realm of possibility that a machine could be remotely hacked and results changed, especially if an insider is involved — but it is also highly unlikely.
There are other ways attackers could mess with the vote, of course. There are denial of service attacks against systems that are critical to the voting process, but this too is unlikely to flip a election.
Attackers could mess with machines used to tally the vote, or the computers or notebooks used by election workers. Perhaps machines could be infected before the election with a virus that changes votes or destroys votes. This could happen, again, locally, but not systemically. It could cause a lot of trouble – but would be very unlikely to change the national outcome. And if managed properly, a recount or audit would be able to identify this.
What is more likely to happen? What we have seen to date: A continuation of the information warfare we’ve seen throughout the election, with the release of documents about candidates and those close to them or a disinformation campaign designed to create confusion among voters and officials.
So while the risk to the national presidential election is low, there are still higher risks to this important democratic process that make me uncomfortable.