Editor’s Note: Weekly throughout October—Cybersecurity Awareness Month—UMUC will be sharing tips, best practices and information to help you protect your data and personal information and become more aware of cybersecurity issues in our daily lives. Week 1 featured “Hack” to School, the top eight tips for students’ safety. During Week 2, we shared Five Proverbs to Live By to survive in cyberspace. In Week 3, we offered 5 Action Items to Secure the Workplace. This week, in the run-up to the 2016 Presidential Election, Balakrishnan Dasarathy, PhD, UMUC Professor & Program Chair, Cybersecurity and Information Assurance, answers a timely question about the integrity of U.S. elections.
Can Our Elections Systems Be Hacked?
The short answer is “yes.” Sure, it’s possible. It’s unlikely that the effect of a breach would be catastrophic, however.
That’s because an election isn’t a single event in isolation, but rather a series of systems—campaign, voter registration and voter ballot systems—all working together to make up our election system. And a closer examination of our election system gives us a more complete picture of the prospect of a hack and its ramifications.
Campaign systems periodically obtain voter information from voter registration systems at the state and county levels to support canvassing, fundraising and compliance reporting functions. And, in general, such systems maintained by a party or candidate are not cyber-attack proof because they normally allow various forms of Internet and remote access, including browser-based, email and command-line access.
But campaign systems do not send information back to a voter registration system. So, if exploited, as in the case of the Democratic National Committee (DNC) system that was alleged to have been hacked with the support of the Russian government, the integrity of the voter registration database is not automatically compromised.
The Voter-registration systems of various states allow eligible voters to register online. Voter registration systems also get registered-voter information from other state-maintained systems, such as the Registry of Motor Vehicles. In general, then, voter-registration systems also are not cyber-attack proof.
Voter files were lifted from voter-registration systems in Arizona and Illinois, for instance. And, often, identity theft is the motivation behind a voter-registration system breach. Hackers are looking for critical information that can be used to create identities for credit card and other financial fraud.
Certainly, there is some concern that hackers might attempt to delete or manipulate voter rolls―thus disrupting elections by causing long lines at the polls and delays in vote counting. In addition, though voters whose names are missing from the voter rolls may exercise the right to cast a provisional ballot, there is no guarantee that that vote will be counted.
It should be stressed, though, that the impact would be minimal―or could be minimized―if a voter registration system were to be hacked. A process can be put in place to detect, on a daily basis, any alteration to the voter database. Also, the voter-registration deadline occurs several weeks in advance of an election, allowing plenty of time to detect and correct any voter-roll hacks.
In addition, voting ballot machines are not connected to the Internet, at least during voting, and that prevents them from being hacked. Isolating voting machines from the Internet was one of the most important recommendations made by the Department of Homeland Security (DHS).
A thumb drive is used to extract data from a voting machine, and this thumb drive with cryptographically-protected data is then securely handed over to a central location for vote-tallying purposes. And while the central-location systems themselves may be vulnerable, because there are few of them it’s possible to mitigate the prospect of a hack by practicing good “cyber hygiene.” This includes using long and complex passwords, updating virus definitions, running security scans, updating software and backing-up data.
By keeping proper records of voter tallies in various precincts, any breach of these systems or in the data handover can be detected and the effect can be nullified during review and certification.
And although 30 states allow online voting its scope is limited. For example, in 20 states and the District of Columbia, only certain voters living abroad will be allowed to return their absentee ballots via email or fax in the upcoming presidential election.
A Question of Trust
Rigging an election by tampering with voting machines would be nearly impossible if adequate processes are in place. One required process is that a public test of a voting machine in every polling booth should be conducted before each election to ensure it is functioning as expected and to assure the public that a voting system used can be trusted.
Diversity also helps with election security. Voting machines used throughout the country are from different vendors and their operating systems and the voting application software are proprietary, which makes the election hard to manipulate in any coordinated way.
Still, there are a few things that can go wrong with our voting systems at present. In some states, many direct-recording electronic (DRE) voting machines that do not produce any paper record remain in use. Georgia is a primary example.
When a voter pushes a button or lever, a DRE machine records voting data in its volatile memory components. At the election day’s end or a few times during the day, the DRE machine produces a tabulation of the voting data to a removable memory component, such as a thumb drive. In the case of a machine failure, however, the contents of the volatile memory will be lost if there is no paper trail. Some DRE machines in use are quite old, so patches for operating systems may not even be available for them. This certainly puts such machines at risk for crashes and lost votes.
Arguably, there is a more important question than “can our voting systems can be hacked?” It is, “should citizens trust election results?”
About 34 percent of likely voters believe that the coming general election will be rigged, according to a recent New York Times report. The pressing issue is not just one of information security. It is about assurance and the trustworthiness of all voting technology and processes.
Trustworthiness demands that we maintain a paper trail, that officials and party representatives verify all voting systems are working, and that there is a review of tally results in each precinct―or at least randomly selected precincts―with paper ballots, with a paper trail.
Thus far, 36 states have accepted the DHS’s offer to review their election technologies and processes for flaws, vulnerabilities and for potential cyber-attacks against their systems. This should go a long way in raising confidence that our election results will reflect the will of the voters.
By Balakrishnan Dasarathy, PhD, UMUC Professor & Program Chair, Cybersecurity and Information Assurance