Our Voting System Is Hackable by Foreign Powers
The Russian hacks of Democratic e-mails expose only part of the problem
By David L. Dill
Scientific American March 2017
The FBI, NSA and CIA all agree that the Russian government tried to
influence the 2016 presidential election by hacking candidates and
political parties and leaking the documents they gathered. That's
disturbing. But they could have done even worse. It is entirely
possible for an adversary to hack American computerized voting systems
directly and select the next commander in chief.
A dedicated group of technically sophisticated individuals could steal
an election by hacking voting machines in key counties in just a few
states. Indeed, University of Michigan computer science professor J.
Alex Halderman says that he and his students could have changed the
result of the November election. Halderman et al. have hacked a lot of
voting machines, and there are videos to prove it. I believe him.
Halderman isn’t going to steal an election, but a foreign nation might
be tempted to do so. It needn’t be a superpower like Russia or China.
Even a medium-size country would have the resources to accomplish
this, with techniques that could include hacking directly into voting
systems over the Internet; bribing employees of election offices and
voting-machine vendors; or just buying the companies that make the
voting machines outright. It is likely that such an attack would not
be detected, given our current election security practices.
What would alert us to such an act? What should we do about it? If
there is reason to suspect an election result (perhaps because it’s an
upset victory that defies the vast majority of preelection polls),
common sense says we should double-check the results as best we can.
But this is hard to do in America. Recount laws vary from state to
state. Not all states even allow recounts, and many of those that do
require that a candidate request the recount and pay for it himself or
herself. In the 2016 election Green Party presidential candidate Jill
Stein, citing potential security breaches, requested a recount in
Wisconsin, Pennsylvania and Michigan, all of which unexpectedly and
narrowly went to Donald Trump.
Those efforts did not change the results. Nevertheless, it has become
clear that our voting system is vulnerable to attack by foreign
powers, criminal groups, campaigns and even motivated amateurs. We
must defend it more effectively. If elections lose their credibility,
democracy can quickly disintegrate. It is not good enough to say,
after every election, “We can’t prove fraud." We need evidence that
vote counts are accurate.
The good news is that we know how to solve this problem. We need to
audit computers by manually examining randomly selected paper ballots
and comparing the results with machine results. Audits require a
voter-verified paper ballot, which the voter inspects to confirm that
his or her selections have been correctly and indelibly recorded.
Since 2003 an active community of academics, lawyers, election
officials and activists has urged states to adopt paper ballots and
robust audit procedures.
This campaign has had significant, albeit slow, success. Approximately
three quarters of U.S. voters cast paper ballots. Twenty-six states do
some type of manual audit, but none of their procedures is adequate.
Auditing methods have recently been devised that are much more
efficient than those used in any state. It is important that audits be
performed on every contest in every election so that citizens do not
have to request manual recounts to feel confident about election
results. With high-quality audits, it is very unlikely that election
fraud will go undetected, whether perpetrated by another country or a
political party.
There is no reason we cannot implement these measures before the 2020
elections. As a nation, we need to recognize the urgency of the task,
to overcome the political and organizational obstacles that have
impeded progress. Otherwise, we risk losing our country to hackers
armed with keyboards, without a shot being fired.
[This article was originally published with the title "Our Elections
Are Not Secure."]
--
Warren D. Smith
http://RangeVoting.org <-- add your endorsement (by clicking
"endorse" as 1st step)