Is Electronic Voting Secure? A Hacked Election Is Improbable, But Not Impossible

Miami, UNITED STATES: TO GO WITH AFP STORY: US-vote-balloting A man cast an early ballot on an electronic machine 27 October 2006, in Miami, Florida. Florida. Election day is scheduled for 07 November 2006. Miami-Dade county has twenty early voting sites that opened 23 October 2006. New electronic voting machines to be used in the upcoming US legislative polls are raising concerns after several blunders that have revived memories of Florida's 2000 presidential election debacle. Some 63 percent of voters are set to use new electronic voting machines during the elections but enthusiasm for the new technology is low among voting officials nationwide because of a number of mishaps during recent primary elections. AFP PHOTO/Robert SULLIVAN (Photo credit should read ROBERT SULLIVAN/AFP/Getty Images)
Source: ROBERT SULLIVAN/AFP/Getty Images

Concerns about a hacked election have been especially prevalent during the Clinton-Versus-Trump contest, fears that aren't completely unfounded. After all, Wikileaks did publish thousands of leaked emails and documents sent within the Democratic National Committee on the first day of the party's national convention, and massive amounts of private emails from Clinton's campaign chairman, John Podesta, have been released every single day of the past week. So how safe are our voting machines from politically-motivated hackers wanting to manipulate millions of electronic votes on November 8? Maybe not nearly as much as they should be, as it turns out.

First, let's cover the basics. Roughly 75 percent of American voters use paper ballots to cast their votes. This places most of the population's votes out of any possible hacker's reach, but it would still leave a significant enough number – about 31.5 million, if we go by 2012's voter turnout – in the hackable realm. While most electronic voting booths print receipts that provide a paper trail, the machines in five states – New Jersey, Georgia, Delaware, Georgia, and South Carolina – don't. Post-election auditing is performed in over half the country's states to ensure that electronic results match those recorded on paper.

A few of the methods that can be used to influence vulnerable machines require the physical presence of the hacker, a difficult obstacle for foreign forces who might want to interfere in U.S. politics, but not a roadblock for American citizens interested in cheating this November. A few years ago, a Princeton professor and one of his students modified a voting machine's firmware in less than seven minutes by picking the computer's lock, using a screwdriver to remove four ROM chips, and then replacing them with his own chips. In August, the CTO for Veracode demonstrated how simple it would be for someone knowledgable to multiply their vote by the hundreds. All it would take is the use of a small chip programmer to reprogram the voter registration smart card that many machines require voters to insert in order to start the process. 

[Embed]

One method that wouldn't require hackers to physically go to a voting station would be to hijack results being transmitted from electronic voting machines to the database server compiling results from the entire country. A hacker could theoretically intercept the signals transmitted by these machines and manipulate the data being sent. The use of insecure networks by voting machines has resulted in huge problems during past elections. One poll worker in precinct 302 of Spotsylvania County caused all the voting machines to crash during Pennsylvania's general state elections by using the library's public Wi-Fi network to listen to music. 

With all of this said, however, a hacked election is still highly improbable. There are too many different kinds of voting machines used throughout the country for hackers to easily penetrate all those systems at once. The majority of electronic voting machines also don't connect to the internet at all. 

The Department of Homeland Security has increased safety measures to ensure an accurate vote count as Election Day creeps closer. Ohio, Pennsylvania, and Florida – three of the most crucial swing states – are being monitored the most. The National Guard has been helping to prepare Ohio's databases against attacks by attempting to break in and noting any vulnerabilities that may need fixing. Fortunately, Florida and Ohio already conduct mandatory audits, with Ohio even having an "automatic recount provision." DHS is providing "cyber hygiene scans" – analyses that check crucial systems like voter registration databases – for any other states that ask. 

With Donald Trump increasingly insisting that the election will likely be rigged, it's important that the accuracy of November 8's results be ensured. Computer-science Professor Dan Wallach from Rice University drove this point home in a recent essay. “Especially with the problem of the ‘irrational loser,'" he wrote. "Trump can point to this and go ‘See, the system is rigged,’ and I personally worry that such language might inspire some fraction of his followers to commit a violent act.”

Must Reads