Skip Navigation
Expert Brief

Voting System Security and Reliability Risks

After recent reports of hacking, this briefing memo describes what the risks to America’s voting system security really are — and what states, localities, and voters can do to prevent successful attacks against the integrity of our elections.

Published: August 30, 2016

[Down­load PDF]

The last few weeks have brought renewed atten­tion to the secur­ity and reli­ab­il­ity of our voting systems. After cred­ible reports last month that Russia was attempt­ing to influ­ence Amer­ican elec­tions by hack­ing into the DNC email server and other campaign files, new reports show the FBI has determ­ined foreign hack­ers penet­rated two state elec­tion data­bases.

This fact sheet describes what the risks to Amer­ica’s voting system secur­ity really are — and what states, local­it­ies, and voters can do to prevent success­ful attacks against the integ­rity of our elec­tions.

The Bren­nan Center has stud­ied the use of compu­ter­ized voting systems for over a decade. In a compre­hens­ive study released last year, we found the use of outdated voting equip­ment across the coun­try presents seri­ous secur­ity and reli­ab­il­ity chal­lenges.

The United States has made import­ant advances in secur­ing our voting tech­no­logy in the last few years. Relat­ively few votes are cast over the inter­net or machines connec­ted to the inter­net, and the vast major­ity of ballots will be cast on systems that have a paper trail that allows elec­tion offi­cials to inde­pend­ently verify soft­ware totals. This makes it highly unlikely that a cyber­at­tack against our voting machines could have a wide­spread impact on the results of a national elec­tion.

Still, there is much more we should do to promote the secur­ity and accur­acy of our voting systems. Computer scient­ists have demon­strated that older equip­ment, in partic­u­lar, can be very insec­ure. It is also more diffi­cult to main­tain, and more likely to fail (even without inter­fer­ence from an attacker) on Elec­tion Day. While small-scale attacks or fail­ures of indi­vidual machines might not have a wide­spread impact on national vote totals, they can severely damage voter confid­ence, and would be partic­u­larly troub­ling in very close contests.

Simil­arly, while proper safe­guards can ensure attacks on voter regis­tra­tion data­bases don’t prevent a legit­im­ate voter from cast­ing a ballot or having her vote coun­ted, an attack on these systems could put voters’ personal inform­a­tion at risk. Elec­tion offi­cials must take all steps neces­sary to protect such inform­a­tion.

In the short run, we should do everything we can to minim­ize the impact of such attacks or fail­ures. In the long run, we must treat our elec­tion infra­struc­ture like other crit­ical infra­struc­ture, with regu­lar invest­ments and upgrades.

Voting System Secur­ity and Reli­ab­il­ity Risks by The Bren­nan Center for Justice on Scribd