Skip Navigation

Opinion: Protect Our Voting Machines From Hackers

Making big changes to election machinery before this November isn’t realistic, but there’s much we can do to secure the technology currently in place.

August 12, 2016

Cross-posted on NBC News.

In the last two weeks, there have been cred­ible reports that Russia is attempt­ing to influ­ence our elec­tions by hack­ing into the Demo­cratic Party’s email server and other campaign files. These reports are troub­ling. But an attack on our coun­try’s voting machines, once deemed far-fetched, is even more disturb­ing.

In response, the Obama admin­is­tra­tion is consid­er­ing desig­nat­ing Amer­ica’s elec­tronic voting system as “crit­ical infra­struc­ture,” which would likely bring more federal resources to protect­ing these systems from attack.

But with just three months before the pres­id­en­tial elec­tion, what can be done? In truth, making big changes to elec­tion machinery before this Novem­ber isn’t real­istic. There isn’t enough time. Fortu­nately, secur­ity experts and activ­ists have worked for several years to shore up elec­tion integ­rity, and there is much we can do to secure the tech­no­logy currently in place.

In the short term, elec­tion juris­dic­tions must review their secur­ity meas­ures with experts in the next three months. One of the great victor­ies of secur­ity special­ists and advoc­ates in the last few years was convin­cing juris­dic­tions to move from paper­less compu­ter­ized voting machines to machines that have some kind of voter veri­fied paper trail. This Novem­ber, 80 percent of citizens will vote on paper ballots that are read by elec­tronic scan­ners, or touch screen machines that produce a paper trail that can be reviewed by the voter before she casts her vote. This should deter would-be hack­ers look­ing to alter the result of an elec­tion: the paper record can be used to check the totals provided by the machine and catch incor­rect results.

Unfor­tu­nately, most states don’t have the kinds of proced­ures in place to take advant­age of this secur­ity feature. Only half of the states require audits that compare the paper record of votes to machine gener­ated totals. And even where audits are routinely conduc­ted, they are often not robust enough to catch soph­ist­ic­ated attacks. One of the most basic things we could do to deter attacks on our system is to require thor­ough audits of all machines that have paper records of votes.

While post-elec­tion audits are import­ant, they are not enough to guar­an­tee secure results. First, there are still many paper­less voting machines in use in the United States today. In Novem­ber, tens of millions of voters in 14 states, includ­ing Pennsylvania and Virginia, will vote on paper­less elec­tronic voting machines. We must do all we can to secure these systems too.

Second, the threats to the integ­rity of our elec­tions go beyond poten­tial hacks to change the vote count on polling place machines. Attack­ers could attempt a “denial of service” attack, where machines simply crash more often. In those cases, voters could be forced to wait in line for hours while tech­ni­cians work to fix machines or replace them. Many would give up and never vote. Altern­at­ively, the systems could be attacked after voting is complete, when results from indi­vidual machines are tallied at a cent­ral loca­tion.

To prevent these kinds of attacks, govern­ment offi­cials must ensure that we have proced­ures in place to protect our elec­tions at all stages. That means, among other things:

  • Ensur­ing the phys­ical secur­ity of voting equip­ment, whether in stor­age or in transit to polling places, and imple­ment­ing strong chain of custody proced­ures for both equip­ment and all paper records;
  • Conduct­ing thor­ough pre-elec­tion test­ing on every voting machine to ensure that all are oper­at­ing correctly and count­ing votes accur­ately before voting begins;
  • Making sure that emer­gency paper ballots are avail­able in all polling places where elec­tronic voting machines are used, in case of fail­ure of those machines.
  • Adopt­ing rigor­ous recon­cili­ation prac­tices to ensure that the numbers of voters signed-in to a polling place closely matches the number of votes recor­ded in that polling place, and that machine and polling place totals match county and state totals.

In the longer term, the pres­id­ent is right. We need to start treat­ing our elec­tions systems as crit­ical infra­struc­ture, and invest in them on an ongo­ing basis.

Last year, we conduc­ted a compre­hens­ive study of voting tech­no­logy in the United States. Our research showed 43 states will be using compu­ter­ized voting machines that are at least 10 years old. That’s danger­ously close to the end of the estim­ated lifespan for most machines. Aging machines are more likely to break down during elec­tions and, as a general matter, less secure than current models.

That’s because aging equip­ment relies on unsup­por­ted, decade-old soft­ware, like Windows XP or 2000, and never went through the kind of rigor­ous federal certi­fic­a­tion process most juris­dic­tions require of machines purchased today. Secur­ity experts warn that the outdated soft­ware used by these machines is more vulner­able to attack. Unsup­por­ted soft­ware does not receive regu­lar secur­ity updates and is less likely to with­stand the kind of cyber secur­ity threats that constantly evolve.

In too much of the coun­try, pleas for more invest­ment to protect our voting systems have fallen on deaf ears, partic­u­larly among the Congress members and state legis­lat­ors who could provide the funds. The hacks into the DNC e-mail server should be a wake-up call that this compla­cency must end.