How Hackers Could Steal the Next Election
CREDIT: Slavoljub Pantelic/Shutterstock.com
Based on the number of states that have enacted (or tried to enact) voter ID laws recently, it would be easy to assume that as long as voters produce acceptable identification, complete with photos and expiration dates, Election Day will go off without a hitch.
The attempts to prevent voter fraud are either commendable or oppressive, depending on your viewpoint. But a potentially more serious electoral-fraud problem has gone ignored.
The fact is that as long as computer databases and networks are being used to store voter information, and actual votes as well, there is a risk of data being breached or manipulated in some way.
Mother of all hacks
That's the concern of David Maman, chief technology officer and founder of GreenSQL in Tel Aviv, Israel.
As an information-security specialist and database-security researcher, Maman can't help but wonder where his vote goes, in what database it's maintained and, of course, how secure it is.
"Hard experience has taught me that right now, somewhere, a hacker is trying to penetrate the voter databases just for fun, to prove something," Maman said. "Or, if I really want to be paranoid, because he's part of a powerful, international organization that seeks to dictate our political process by determining elections."
Maman may have every right to be paranoid. This is one of the most contentious and polarizing American presidential elections in decades, and there have already been controversies over voter databases.
In March, the identities of two Indiana candidates for local office were allegedly altered when the state Republican Party's Voter Vault database was hacked into.
In July, the state of Florida was given permission to use Department of Homeland Security records to purge voter-registration databases of illegal residents — an act that some worry will give unauthorized people access to the voter rolls.
Attacking the polling places
Then there is the matter of protecting the votes themselves.
The problem, according to Mark Herschberg, principal consultant at White Knight Consulting in the New York City area, is that closed, proprietary software systems, such as those used for electronic voting machines, tend to be insecure.
Herschberg said electronic voting machines are susceptible to vulnerabilities in networks, operating system, databases, applications or even physical installations. Most companies don't have the resources to build a system that is 100 percent bug-free.
Herschberg, who wrote his master’s thesis at the Massachusetts Institute of Technology on secure electronic voting, said manipulating voter data, and votes themselves, would be surprisingly easy.
"A few people at the [voting-machine] company could collude to have the software drop in a few extra ballots," he said. "Someone could modify the machines in transport. Someone could enter the voting both with a device that inhibits or otherwise corrupts the machine."
An attacker wouldn't even need to change the count, but could just "destroy" the machines, Herschberg added.
"Suppose one party wants to remove votes from the other. Then go to a district in which voting heavily favors the other party," Herschberg explained. "Someone just needs to put an electromagnetic pulse gun at the machines and all the votes are gone. It's the equivalent of blowing up a ballot box.
"Of course, if you blew up a ballot box, it's likely people would catch you," he added. "If you walk into a booth and hit the machine with an EM pulse, and then aim it at some neighboring machines, people may not know until you're gone."
Where does the buck stop?
There is a growing push to make it easy for voters to go to a website and cast their ballots without ever having to leave home. But so-called e-voting would rely on Internet connections, and any network connected to the Internet is vulnerable to attack.
Look at the current rash of distributed denial-of-service (DDoS) attacks on the banking industry. Banks know the attacks are coming, and yet can't stop them. Who's to say that the same sort of attacks couldn't be made against online-voting sites?
Another problem is that oversight of electronic-voting security is fragmented. Longtime Speaker of the House Tip O'Neill was famous for saying that all politics is local, and the same can be said for elections.
As Herschberg pointed out, every electoral precinct may be under the direction of a state Department of State (in most cases), but they are still primarily run and overseen by local election boards.
Most election officials and poll workers don't have the background or training to determine whether or not ballots filed electronically have been tampered with.
Protecting the ballot box
So what are some steps that can be taken to better protect voter data, from registration to Election Day?
First, registration databases should be strongly encrypted to access those databases, and multifactor authentication should be implemented with the concept of least privilege in mind, said Phil Lerner, vice president of technology at Stonesoft, a global network-security company based in Helsinki, Finland.
Second, Lerner said, every layer of the system has to be equipped with proven security controls.
"Any system that is part of this critical process should be protected by strong firewall and intrusion-prevention-system solutions that are managed centrally to ensure policy continuity and aid in operator error from an engineering perspective," Lerner added.
Unfortunately, as Maman and Herschberg both pointed out, there are no security regulations in place to protect voter data and actual votes.
"We have stricter rules about storing credit-card information than we do about votes," Herschberg said.
"It's a major problem," Maman added. "On one hand, we try to make our elections anonymous, which means no direct correlation exists between voters and their votes. On the other, how can a voter verify that his vote will be counted according to the way he actually voted?"
The state legislatures may have gotten it all wrong. We may not need picture IDs to protect voter integrity; instead, we may need better IT security efforts.