Leading distributors of voting machines reveal that their systems have wireless modems, and experts find several left connected to the Internet for alarmingly extensive periods of time, increasing the likelihood of a compromised election.
We are amid yet another leap year, and with it comes another presidential election and stories of controversy. In this digital age, campaign strategies shift to influence our social media feed as our cultivating hunger for instant data results in a growing suspicion towards the quality of information. Technology is the key to influence just as it is the key to casting our ballots – it is fast and effective but becoming less and less trustworthy.
How confident are you in the system that counts your ballot? Have you considered that your vote could possibly be hijacked and changed?
Voting machines are deployed with security measures in place, such as firewalls and being disconnected from the Internet, although many of them include wireless modems. Offline systems pose more difficulties for hackers than those online.
Jeanette Manfa, Acting Undersecretary for Cybersecurity and Communications at the DHS, as well as several other election officials, insists that voting machines “are not connected to the Internet.” This is intended to promote trust in technology by ensuring the integrity and confidentiality of voter selections and personal information.
After the 2016 election, a team of ten independent election security experts developed a network scanning tool designed to seek out central computers that run the election process at the precinct level. Kevin Skoglund, a senior technical advisor at the election security advocacy group National Election Defense Coalition, said his team “found over 35 [voting systems] had been left online,” some for several months or even years. These 35 systems are located in at least ten states, some of which are critical swing states like Florida and Michigan where higher levels of security should be practiced ensuring the votes remain uncompromised.
Skoglund mentioned, “We … discovered that at least some jurisdictions were not aware that their systems were online.” Once his team of experts notified an information-sharing group for election officials of their findings, 16 systems were promptly disconnected. It is possible that those in charge of the remaining 19 have no intentions of ever disconnecting, one of which is in Florida’s Miami-Dade County.
Though there is no evidence showing that votes have been altered in the past, voting systems have been compromised, and attackers have had the opportunity to make changes. At the Illinois state’s elections board in June 2016, hackers gained access to a voter registration database where they collected the personal information of roughly 500,000 voters before being detected.
One type of machine expected to be used in at least 18% of US districts in the upcoming 2020 election provided by Election Systems & Software (ES&S) is called the ballot-marking device (BMD), a touchscreen that prints results for the voter to verify for accuracy. Aside from claims that BMDs are still not a fully secure option, they remain a favorite because of their combined format of printed and digital results.
If the count appears to be askew, paper votes are manually recounted. However, some states, like New Jersey, don’t seem to have the funds to update their machines with a device that produces a paper record that a voter can verify before casting their ballot, therefore eliminating the possibility of a truly reliable audit.
The largest voting machine distributors (ES&S, Dominion Voting Systems, and Hart InterCivic) admit that some of their tabulators and scanners have wireless modems in order to conveniently relay unofficial election results to the public, transporting data across a wireless network. While cell phone providers try diligently to keep their networks safe, any system accessing it for any amount of time is exposed to the Internet and is therefore at risk. Computer science experts also say that the Cisco firewall used by ES&S (the biggest distributor) on their voting systems can be and has been breached.
What could the solution be at this point? Is there a safe alternative where everyone is happy? Cybersecurity experts favor casting votes using hand-marked paper ballots, but this is highly unlikely to catch on everywhere since most voting stations are moving toward more digital solutions and prefer to provide the public with immediate results. Paper ballots are less convenient and do not quench our growing thirst for instant gratification since they take longer to count.
At this point, we have to ask ourselves, is relying on tech to count our votes and having a live update on what direction the election is going really worth the risk?
References
https://www.washingtonpost.com/news/powerpost/paloma/the-cybersecurity-202/2019/12/02/the-cybersecurity-202-pennsylvania-voting-debacle-gives-ammunition-to-paper-ballot-push/5de3fe8b602ff1181f2641e5/
https://www.nytimes.com/2019/07/25/us/politics/russian-hacking-elections.html
https://the-parallax.com/2016/12/30/electronic-voting-shockingly-vulnerable/
https://www.verifiedvoting.org/ballot-marking-devices/
https://www.washingtonpost.com/news/powerpost/paloma/the-cybersecurity-202/2020/01/08/the-cybersecurity-202-voting-machines-touted-as-secure-option-are-actually-vulnerable-to-hacking-study-finds/5e14cc6e602ff125ce5bd747/
https://www.ncsl.org/research/elections-and-campaigns/voting-system-paper-trail-requirements.aspx
https://www.nytimes.com/2019/04/18/us/politics/mueller-report-russian-interference-donald-trump.html
https://en.wikipedia.org/wiki/Election_Systems_%26_Software
