Opinion: Protect Our Voting Machines From Hackers
Cross-posted on NBC News.
In the last two weeks, there have been credible reports that Russia is attempting to influence our elections by hacking into the Democratic Party's email server and other campaign files. These reports are troubling. But an attack on our country's voting machines, once deemed far-fetched, is even more disturbing.
In response, the Obama administration is considering designating America's electronic voting system as "critical infrastructure," which would likely bring more federal resources to protecting these systems from attack.
But with just three months before the presidential election, what can be done? In truth, making big changes to election machinery before this November isn't realistic. There isn't enough time. Fortunately, security experts and activists have worked for several years to shore up election integrity, and there is much we can do to secure the technology currently in place.
In the short term, election jurisdictions must review their security measures with experts in the next three months. One of the great victories of security specialists and advocates in the last few years was convincing jurisdictions to move from paperless computerized voting machines to machines that have some kind of voter verified paper trail. This November, 80 percent of citizens will vote on paper ballots that are read by electronic scanners, or touch screen machines that produce a paper trail that can be reviewed by the voter before she casts her vote. This should deter would-be hackers looking to alter the result of an election: the paper record can be used to check the totals provided by the machine and catch incorrect results.
Unfortunately, most states don't have the kinds of procedures in place to take advantage of this security feature. Only half of the states require audits that compare the paper record of votes to machine generated totals. And even where audits are routinely conducted, they are often not robust enough to catch sophisticated attacks. One of the most basic things we could do to deter attacks on our system is to require thorough audits of all machines that have paper records of votes.
While post-election audits are important, they are not enough to guarantee secure results. First, there are still many paperless voting machines in use in the United States today. In November, tens of millions of voters in 14 states, including Pennsylvania and Virginia, will vote on paperless electronic voting machines. We must do all we can to secure these systems too.
Second, the threats to the integrity of our elections go beyond potential hacks to change the vote count on polling place machines. Attackers could attempt a "denial of service" attack, where machines simply crash more often. In those cases, voters could be forced to wait in line for hours while technicians work to fix machines or replace them. Many would give up and never vote. Alternatively, the systems could be attacked after voting is complete, when results from individual machines are tallied at a central location.
To prevent these kinds of attacks, government officials must ensure that we have procedures in place to protect our elections at all stages. That means, among other things:
- Ensuring the physical security of voting equipment, whether in storage or in transit to polling places, and implementing strong chain of custody procedures for both equipment and all paper records;
- Conducting thorough pre-election testing on every voting machine to ensure that all are operating correctly and counting votes accurately before voting begins;
- Making sure that emergency paper ballots are available in all polling places where electronic voting machines are used, in case of failure of those machines.
- Adopting rigorous reconciliation practices to ensure that the numbers of voters signed-in to a polling place closely matches the number of votes recorded in that polling place, and that machine and polling place totals match county and state totals.
In the longer term, the president is right. We need to start treating our elections systems as critical infrastructure, and invest in them on an ongoing basis.
Last year, we conducted a comprehensive study of voting technology in the United States. Our research showed 43 states will be using computerized voting machines that are at least 10 years old. That's dangerously close to the end of the estimated lifespan for most machines. Aging machines are more likely to break down during elections and, as a general matter, less secure than current models.
That's because aging equipment relies on unsupported, decade-old software, like Windows XP or 2000, and never went through the kind of rigorous federal certification process most jurisdictions require of machines purchased today. Security experts warn that the outdated software used by these machines is more vulnerable to attack. Unsupported software does not receive regular security updates and is less likely to withstand the kind of cyber security threats that constantly evolve.
In too much of the country, pleas for more investment to protect our voting systems have fallen on deaf ears, particularly among the Congress members and state legislators who could provide the funds. The hacks into the DNC e-mail server should be a wake-up call that this complacency must end.