Cyber risks of Internet voting and electronic voting

Two articles this week on cyber risks, one refuting Colorado’s Secretary of State on online voting.  Another articulating the risks of hacking electronic voting in general.

From the Colorado Statesman: Colorado Secretary of State Wayne Williams obscured key facts in online-voting commentary  <read>

Last week’s guest commentary by Secretary of State Wayne Williams in The Colorado Statesman obscured some important facts. He was responding to criticism of his new rule establishing criteria for the casting of election ballots by email.

In it, Secretary Williams implies that the federal government expanded voting by email. He writes, “The federal government, along with the Colorado General Assembly, expanded the electronic ballot transmission for military and overseas voters.” In fact the federal government has neither endorsed nor expanded the return of marked ballots over email…

Secretary Williams claims that of the nearly 3,400 ballots sent back electronically in 2014 there was not a single report of tampering. This raises two issues: First, “no report” is meaningless when tampering of online ballots can be done undetectably. Experienced hackers can penetrate a system for a very long time without detection, as seen in recently publicized successful attacks on the FBI and Pentagon. A Colorado voter whose email ballot has been altered would never know; the elections office also will never know…Second, for years there has been no state rule to guide these vulnerable voters through this security minefield, nor to spell out the very narrow parameters required by law, needlessly putting many more than even those 3,400 votes at risk…

Given our shared concern is for ensuring the safe return of military and overseas voters’ ballots, the record of other states can be instructive. Minnesota and Wisconsin consistently lead the nation in the rate of military and overseas ballots returned, and neither permits online ballot return

Read the article for more.

From WhoWhatWhy:  Foreigners Could Hack U.S. Elections, Experts Say  <read>

What if a foreign head of state had the power to handpick our next President? It sounds like the plot of a movie, but it actually might be in the realm of possibility.

Most people take our elections for granted. The few who don’t often suspect that one party might be trying to steal votes from the other. But they don’t envision that the theft could be coming from outside US borders.

What experts are telling us, though, is that our voting machines are so insecure that all elections, whether at the national, state, or local level, are vulnerable to being attacked by hackers in other countries.

We’ll add that maybe foreigners might scare some of the complacent, yet all these attacks could be done by Americans bent by many similar motives and more.

We also add a specific added threat on our shores of insider attack – those with access the the system who can, desire, or are intimidated into changing the results.

For example, Russia may want to prevent a hawk like John McCain, who wants weapons in the Ukraine and faces a tough battle for his job next fall, from getting reelected.

Israel’s leaders believe that the Iran nuclear deal would doom their country, so if they thought they could get away with it, would they try to put in office US representatives who share that view?…

This begs the question: Given that the security at some of our most protected institutions can be breached, and given that US elections pose an enticing target for our adversaries, what would prevent a foreign agent from hacking our ballot boxes?

The answer: Not much.

Experts indicate that the election systems in place today do not provide the adequate protection that would be able to stop a foreign hacker — a hacker anywhere, in fact — from rigging our races. Even worse, these attacks could go undetected…

Since such attacks can easily go unnoticed, evidence of remote hacks is scarce. But it’s likely they’re happening more than we know, considering that unencrypted connections over the open internet aren’t too hard for a knowledgeable college student to breach…

One report [on  Internet voting], produced by computer scientists at the request of the Pentagon, examined a pilot iVoting project and concluded that an internet- and PC-based voting system presented “fundamental security problems” that couldn’t be fixed without a “radical breakthrough.”

Cyber attacks, the report concluded, “could occur on a large scale, and could be launched by anyone from a disaffected lone individual to a well-financed enemy agency outside the reach of U.S. law.”…

Despite its seemingly safe appearance, there are subtle ways the eVoting [polling place and central count voting] process could be susceptible to attack. For, in many cases, these systems actually do connect online.

John Sebes, CTO of the Open Source Elections Technology Foundation (OSET), told WhoWhatWhy that the most significant logistical issue for local officials is something called the election management system, or EMS.

As a component of the overall apparatus, the EMS is used for election data management and data entry — most likely on a PC in an elections office. Sebes said that, in theory, EMSs are never supposed to be online, but sometimes they get connected anyway. Not only do hackers then have the potential to breach election data on the PC, but malware could affect the removable media when it is taken out of the PC and inserted into the voting machines.

For now Connecticut is relatively safe from outsider attacks domestic and foreign.

  • While the Legislature voted for Internet voting, Secretary of the State Denise Merill maintained her staunch opposition, pointing out that Internet voting would violate our state constitutional requirement for a secret ballot.  Fortunately, a constitutional amendment to change that died between committee and the floor, in 2014. It should stay that way.
  • Right now we do not connect our optical scanners to external equipment. In fact, their external ports are sealed. Memory cards are never in a device connected to the outside world.  We do all our election results summary by addition and transcription from the printed scanner tapes.  However, the Secretary of the State’s Office has plans for acquiring GEMs systems for municipalities to speed the electronic calculations of results.  If, and its a big “if” right now, the GEMs systems are pristine, never were or never will be connected to the Internet, we would remain relatively safe from outsider attack.  Stay tuned and involved!

Remember that we are still at risk of insider attacks, where our only protection would be adequate ballot security, audits, and recounts.


Leave a Reply

You must be logged in to post a comment.