Reports broke today from computer scientists claiming that the voting systems of three key battleground states (Michigan, Pennsylvania and Wisconsin) may have been hacked on Election Day.
This hacking suggestion, however, should be taken with a pinch of salt. When one candidate loses a close election, it is common for his or her supporters to come up with a reason why the election was lost. In this case, hacking.
Up until today there weren’t any serious fraud allegations or evidence that the voting polls were compromised as feared by previous reports.
>See also: How an IT outage could determine the US election
Between the DNC email hacks and Trump’s own suspicions that this year’s election could be rigged, the presidential race certainly sparked cybersecurity concerns.
Though America dodged the vulnerabilities of the voting system this time around, that doesn’t mean the issue should be ignored until 2020.
The rise of electronic voting – and the fall of the paper trail
The risks remain and there’s no denying that computerised voting systems are susceptible to cyber attack.
As more states implement electronic voting machines, the concerns about the security (or hackability) of e-voting will only become more prominent.
This raises questions about the foundational elements of a good voting system – one that exhibits anonymity, accuracy, security, and scalability.
While voting systems should fully maintain the anonymity of voters, it’s also critical to validate the accuracy of ballots cast – a task that’s nearly impossible to carry out without an audit and paper trail.
The paper trail protects the integrity of American votes, but a recent report by the ICIT found that while 70% of precincts rely on e-voting, just 60% of states require any form of post-election audit paper trails.
In an age where hackers are constantly getting smarter, this is concerning.
>See also: An election disrupted by technology: Did tech help Trump win?
In fact, there were anecdotal reports of complaints in some jurisdictions with early voting that machines changed the results on the screen of voters who used them.
Though there wasn’t any evidence that this was triggered by malicious activity, anything that casts doubt on the veracity of the election process is problematic and needs to be addressed moving forward.
Identifying potential points of vulnerability
Flaws aside, the systems Americans use to cast their votes on Election Day are connected devices.
E-voting expedites the process for tabulating votes, but also allows for many points of failure from both a security and scalability perspective.
A single error in a line of code can cause catastrophic results. And there simply aren’t systems available that are entirely breach proof.
With this in mind, both the security and accuracy of the machines themselves must be considered, and then explore the ways in which they transmit data as potential points of vulnerability.
With that said, computers are no stranger to tabulating votes.
>See also: What Trump means for technology
For some time now, systems have relied on electronic systems to process manually and count paper ballots.
So in the end, is the voting system more or less likely to suffer security pitfalls that stem from manually counted votes or e-voting?
In terms of improving voter perception, combining paper ballots and human intervention with computerised tabulation would be a better approach.
There’s no standing in the way of progress
Despite the security gaps e-voting can create, it’s likely that every state will move to electronic voting systems over time.
However, since elections are notoriously decentralized and handled at a local level, there is significant variance in the sophistication and security knowledge of local teams responsible for managing election machines.
For example, election officials in smaller towns may have less advanced computer skills, and therefore, may become attractive targets for hackers.
Even a minor hack would be enough to subvert the election process.
To illustrate, the presidential candidates in 2000 were separated by just 500 votes in Florida.
Swing states often determine an election’s outcome, so if a hacker were to concentrate on those states, they could potentially skew the results of an entire election.
Though the situation in 2000 was likely caused by a technical issue, how can the state recover true votes if they were compromised in a future election?
Unfortunately, there are no current formal procedures in place for how to proceed if another Florida recount – or security issue – were to happen.
This is why the government needs to do more to secure the election system.
Some argue that the voting systems should be declared as critical national infrastructure to show true commitment to securing future elections.
Similarly, national security standards for voting machines and compliance controls are needed to protect the election process.
>See also: Power, politics and the workplace
To prevent election tampering, there should be detailed security and legal procedures to determine what happened and how to resolve the issue.
As society continue to rely on connected devices, it’s crucial to consider the points of failure they pose.
People’s right to vote is fundamental to their freedoms and liberties, and while it’s disturbing that an entire election could be compromised by a hacker, it’s also realistic.
Though it’s possible to create better voting machines, it’s also possible that the data on those machines can be exposed.
There will always be questions about the use of computer systems in elections.
Perfect security simply isn’t attainable, and neither is the perfect voting machine.
However, with the right checks and balances in place, hackers will be denied the chance to influence, disrupt or manipulate an election in the future.
Sourced by Dana Simberkoff, chief compliance and risk officer, AvePoint
