How vulnerable are US voting machines to foreign hackers?

Aug 10, 2016

How vulnerable are US voting machines to foreign hackers?

The recent hack of Democratic National Committee computers, attributed by authorities to Russia, has many Americans worried about foreign influence swaying the upcoming presidential election.

The DNC breach provides an excellent example of political doxing. This co-opted 1990s hacker revenge technique employs extra-legal methods to acquire and publish an individual's personal information on the internet, computer security expert Bruce Schneier explained in an article for Motherboard. What's more, according to Schneier​, political doxing is trending among cybercriminals.

Following the initial theft of DNC emails and opposition research on Republican Presidential Nominee Donald J. Trump, anti-secrecy website WikiLeaks issued approximately 20,000 internal DNC emails, Rebecca Hersher reported for NPR.

The emails, along with subsequently released stolen voicemails, indicated that high-level DNC staff actively favored Hillary Clinton during the primary election, Tom LoBianco and David Wright reported for CNN. In the wake of this leak, DNC Chairwoman Debbie Wasserman Schultz offered her resignation, an embarrassment on the eve of the Democratic National Convention where Clinton accepted the party's presidential nomination.

Fears that the Russian government may use cybercrime to ensure a Trump presidency are swirling after Trump's suggestion that Russian intelligence should similarly acquire missing emails from Clinton's tenure as Secretary of State, LoBianco and Wright reported. Trump later claimed the comment was sarcastic, and Russian authorities deny any involvement in the DNC hack. However, many still raise the question of whether Russia might look to cyberattacks to influence the 2016 U.S. presidential election.

Electronic voting technology

Political doxing represents an eye-catching weak point in the American electoral system, but a quieter risk to ballot security lies in the age of voting machines. While electronic voting technology is hardly a new concept - the 2002 Help America Vote Act mandated that each county make a minimum of two electronic ballot boxes available to residents - most people might expect to find the most up-to-date technology when they head to the polls.

However, the reality disappoints. A 2015 report by the Brennan Center for Justice warned that modern voting machines differ from their predecessors in that they are not intended to function for decades. According to the report, equipment purchased after 2000 is expected to last between 10 and 20 years. Most electronic ballot boxes that debuted at the turn of the century were designed in the 1990s, creating several problems: Chiefly, the report asserted, as of 2016 43 states are using machines 10 or more years old, and 14 states are using machines at least 15 years old.

Not only is the technology more than a decade behind current innovations, but because of the equipment's age, finding replacements for damaged or worn-out parts can be difficult, the Brennan Center report noted. As the technology nears the end of its life expectancy, voting machines are at increasing risk of crashing.

Such errors can affect elections, Richard Forno reported in a recent Government Technology article. Forno noted that in 2004 North Carolina voting machines deleted 4,438 votes, for which there was no backup record. In the end, fewer than 2,000 votes determined the results of that same election, Cory Bennett noted in a 2014 article for The Hill.

Yet another trouble that surrounds electronic ballot boxes is the lack of funding for states to purchase updated technology. As the functionality of electronic voting machines begins to deteriorate across the country, the Brennan Center reported, 22 out of 31 states seeking to purchase new equipment in the next five years reported lacking the necessary funds. The national cost of replacing all outdated voting machines may be upward of $1 billion, the Brennan Center calculated.

What else could go wrong?

Beyond voting machine age and political doxing, U.S. elections face other technology issues. In an opinion article in The Washington Post, Schneier argued that directly influencing electronic ballots is not the only way foreign governments might tamper with a U.S. election. Schneier expressed concerns about electronic voter records, stating that foreign cybercriminals could access and delete such information.

In a May 2016 article on election fraud, The Hill's Cory Bennett also cited the security of voter data as an important issue to address. Quoting the CEO of secure digital election system advocate group Free & Fair, Joseph Kiniry, Bennett made the case that by deleting select voter registration data, hackers have the power to easily wreak havoc on elections and noted that stolen voter information is somewhat valuable in of itself, with packages of 5 to 10 million records selling for $1,350 to $2,250 on the dark web, providing a further motive to potential cyber criminals.

What's more, Bennett asserted, security guidelines are not consistent between states, and some categorize voter information as "public record." This classification means that states are not mandated to meet the federal security standards placed upon "personally identifiable information" for voter data, which is not viewed as such.

In his Government Technology article, Forno explained that electronic ballot boxes face security risks due to the voting process itself. In order to successfully serve each precinct, voting machines are spread out across their county's municipal gird. Furthermore, votes must be transferred to a higher voting office to be tallied, creating vulnerable junctures that hackers could attack, Forno noted.

In order to ensure accurate election results, Forno concluded, the hardware and the network connection linking electoral machines must be secure. In addition, the electronic ballot boxes' software and the states' local tabulating software must be able to resist cyberattacks.

What is the alternative?

Some states have opted to return to traditional paper ballots, citing security concerns. In fact, Bennett asserted, more than half the states have begun to revert to paper ballots.

A more high-tech alternative to cybercrime risks is to invest in securing and updating electronic voting machines. While Forno made it clear that he does not believe that any given piece of electoral equipment is likely to be sabotaged by a foreign government, he maintained the importance of securing voting machines to ensure the legitimacy and accuracy of U.S. elections.

The best solution seems to come when paper and digital meet in the middle. Other states can take their cue from Ohio, which passed legislation requiring all precincts to use only voting machines that generate a voter-verified paper trail, according to Bennett.

In addition, allocating funds to meet the impending costs of upgrading electrical equipment, as estimated by the Brennan Center, is also a necessary step for states to take, should they wish to maintain electronic voting machines.

In the face of election security concerns, state governments are wise to update their voting machines.


Category: Cybersecurity

Add Pingback

Please add a comment

You must be logged in to leave a reply. Login »

Category List

Tag List

architecture (2)
digital transformation (2)
Full Duplex (16)
trade compliance (2)
RSA Conference (8)
Fault Analysis and Testing (62)
data storage (4)
Windows (63)
NAB (1)
File Management (19)
Data protection (1)
Business Intelligence (15)
Stand (9)
Linux (30)
silver (1)
Physical Security (1)
Datacenter, NetApp, DCOI, Compliance, data center optimization (1)
purpose-built hardware (1)
Global Support (2)
Console Management (19)
Speed Leveling (5)
Content Management (32)
recycle electronics (1)
z/VM (16)
platinum (1)
appliance servers (2)
Transparent Supply Chain (2)
USB 3.0 (30)
Intel® (2)
Risk Management (1)
Purley (2)
GSM (8)
Code Path Analysis (11)
NAS (6)
Internal (25)
USB (51)
SDXC (3)
computing (2)
electronic waste (1)
REXX (2)
Hybrid (8)
Line Consolidation (5)
RSA 2018 (1)
ALM (27)
Message Console Management (8)
Card Reader (3)
Modem Emulation (6)
PCIe (10)
VMware vSAN cluster1 (1)
storage and networking (1)
trade rules and regulations (2)
Software Change Management (27)
Intel Xeon Scalable Based Platforms (1)
CA 2E (4)
Fiber (7)
Accounting (6)
Independent Software Vendors (1)
Gigabit (15)
Compression (4)
QAT (1)
Quality (1)
RAID (1)
Modemulator (6)
Business (5)
IoT Challenges (1)
Disk Management (8)
Security (13)
e-waste (1)
Performance Monitoring (5)
Administration (1)
Session Management (36)
Cost Accounting Standards (1)
Columbus Suite (139)
Data Backup (12)
server architecture (1)
Transitioning to Haswell (1)
Compact Flash (3)
video data storage (2)
UNICOM Government Services (1)
Line Sharing (11)
System Performance Monitoring (5)
customs and trade (1)
Multi-Mode (4)
Copper (12)
Internet of Things (6)
Deployment Partner (2)
Enterprise Content Management (1)
Dell Technologies World (2)
Firewall (5)
Cable (18)
4G (1)
Synchronization (1)
Online Help (11)
3270 Terminals (7)
Application Development (7)
Port Server (8)
VSE (7)
eReader (4)
servers (1)
SSD (1)
System Integration (3)
Remote Access (8)
virtualization (1)
QuickAssist (1)
GPS (8)
Softmodem (5)
Library Management (10)
Hub (4)
V.Everything (5)
Automated Data Compression (5)
Optane (1)
Advance Server Replacement (1)
Window Management (4)
Console Server (8)
Batch Schedule (6)
Macro-Level Interpreter (2)
AIX (6)
DIP switches (5)
SD (3)
Regeneration (2)
purpose built hardware (1)
Public Sector (1)
ECM (1)
Application Modernization (12)
Cloud Storage (2)
ntel Xeon Scalable Processor Family (1)
TAP (19)
Forward Stocking Locations (1)
Intel Xeon Scalable (3)
Advance Replacement Services (1)
Loop Detection (3)
NVMe (1)
Embedded (5)
Document Composition (13)
Carrier Loss Redial (5)
5G (4)
PIE/CICS Suite (13)
Reporting (68)
Network (1)
Resource Management (7)
Document Management and Delivery (163)
product lifecycle support (1)
Expansion Card (3)
Dell (1)
Capacity Planning (21)
bronze (1)
Debugging (30)
JES Administration (10)
trade restrictions (1)
e-recycling (1)
Automated Operations (64)
Application Lifecycle (2)
Dell EMC Titanium OEM (1)
Intel (3)
Application Lifecycle Management (38)
4GL (5)
Web-Enablement (11)
Cloud Computing (2)
IBM i (91)
database IOPS1 (1)
Application Deployment (3)
VSAM Forward Data Recovery (5)
Automated Job Scheduling (6)
Eclipse (30)
Federal Government (1)
Java (10)
Cyber Security (5)
OEM (7)
Dial-up (66)
TSO (3)
GCS (7)
Modem (48)
Output Management (141)
Menu Management (11)
PowerEdge (1)
30 Pin (5)
UNICOM Engineering Products (1)
DellTechWorld (1)
Half Duplex (9)
Intel Optane (2)
Automated (2)
Policy Management (1)
VROC (1)
certifications (1)
z/OS (305)
gold (1)
Micro (5)
Security Management (6)
Centralized Control (1)
Production Printing (1)
Data Management (68)
Whitepaper (1)
Reliability (4)
Systems Monitoring (2)
Web-Based (1)
Telephony (11)
CARTS Suite (10)
SCM (27)
Print Management (136)
Omni-Path (3)
software (1)
UNIX/Linux (18)
IMS (10)
Problem and Incident Management (2)
Optane memory (1)
IoT (8)
Global (15)
FPGA (1)
Extension (4)
Atom C3000 (1)
Serial (37)
Artificial Intelligence (3)
Skylake Purley (1)
Low Profile PCI (10)
Terminal Emulation (10)
State and local Government (1)
Performance Analysis (5)
Job Accounting (5)
Line Probing (15)
Dell EMC OEM (1)
ISC West (1)
CDMA (5)
Network Attached Storage (6)
Systems Integration (1)
PCI (20)
Code Editor (10)
Tape Management (8)
UNICOM Engineering (6)
ProGen Plus Interface (3)
Accessory (5)
Lewisburg PCH (1)
Skylake (1)
ISO Standards (2)
Performance Management (81)
File Processing (8)
EVDO (5)
Power Switch (8)
UniGW 2.0 (3)
Video Surveillance (2)
communications (1)
Diagnostic (3)
CICS (85)
Data Center (1)
Issue Tracking (4)
PIE/TSO Suite (15)
Technology Transitions (3)
Fleet Management (1)
Tablet (9)
Advance Replacement Support Program (1)
Intel Atom C3000 (4)
PowerEdge 14G Servers (3)
Solaris (3)
Partners (1)
Systems Management (16)
Mac (5)
Wireless Mesh (4)
Dell 14G (1)
Autonomous Driving (1)
Flash ROM (25)
Global Expansion (1)
Sandy Bridge (4)
Smartphone (9)
HSPA+ (5)
Storage Management (8)
AI (1)
microarchitecture (1)
Dell EMC (4)
Content Transformation (1)
low-power (1)
File Delivery (1)
Global Services (1)
Productivity (38)
Helpdesk (2)
ExpressCard (5)
CICS Applications (11)
Compliance Management (1)
Dell Security (1)
golf classic, humanitarian, charity, philanthropy, engineering, (2)
Dashboard (4)
56K (45)
V.22 (15)
Product Compliance (1)
iDRAC with Quick Sync 2 mobile-based management (1)
Regulatory Compliance (1)
Java, PC, and Web Version Control (3)
appliance (1)
V.Everywhere (5)
SDHC (3)
Ethernet (12)
memory (1)
Advanced Job Scheduling (8)
Gateway (11)
Help Desk (2)
electronic recycling (1)
Asset Management (2)
deep technology (1)
Consolidation (2)
Skylake (2)
Spool File Management (8)
Virtual OEM (1)
VSAM (27)
Portfolio Management (5)
Intel Atom (1)
CICS Print (1)
Backup (3)
Batch Processing (6)
Automated Messaging (8)
Dell Technologies OEM & IoT (1)
Data security (3)
Document Processing (124)
5G Network (1)
TeamBLUE (5)
Global Expansion Partners (1)
Help Management (4)
2nd Generation Intel Xeon Processor Family (1)
Dell Platforms (1)
PDQ (4)
Knowledge base (2)
Intel Xeon Scalable Processors (7)
WebSphere (1)
Controller (25)
Synon (4)
Data File Management (4)
VM (7)
Database (24)
Dell OEM (1)
VTAM (33)
ATCA (1)
Lewisburg (1)
Brexit (1)
InSync Suite (34)
Cellular (12)
edge servers (1)
Voice (5)
Intel® Atom® C3000 (2)
GDPR (1)
Support Services (1)
Analysis (8)
z/VSE (132)
File Sharing (10)
External (20)
Web Access (7)
Aggregation (11)
Edge computing (1)
Statement of Conformance (1)
Intel Xeon Scalable Processor Family (3)
J2EE (2)
Singlemode (3)
Dell EMC OEM PowerEdge 14th Generation Servers (2)
solutions development (1)

Tag Cloud

Business IntelligenceFile SharingPIE/CICS SuiteSkylake PurleyDell EMC Titanium OEMiDRAC with Quick Sync 2 mobile-based managementECMColumbus SuiteNASSpeed LevelingV.EverythingResource ManagementStatement of ConformanceAggregationCARTS SuiteConsole ManagementOptanePerformance ManagementSandy BridgeSynonCard ReaderQuickAssistVirtual OEMV.22CompressiongoldDeployment Partnertrade complianceData File ManagementPurleyDell OEMIndependent Software VendorsRemote AccessFull DuplexTransparent Supply ChainAutomatedAutomated MessagingFile ManagementFiberAdvance Replacement Support ProgramAsset ManagementSCMEnterprise Content Managementelectronic wasteCode EditorIBM iSmartphoneGPSUNIX/LinuxMacro-Level InterpreterCyber SecurityCompliance Managementlow-powerUNICOM Engineering ProductsISO StandardsDebuggingDial-upNABSDDocument Compositionvideo data storageModem EmulationAnalysis4GLStorage ManagementLow Profile PCITape ManagementLibrary ManagementHSPA+PowerEdgeV.EverywhereNVMee-recyclingState and local GovernmentApplication Deploymentelectronic recycling3270 TerminalsCloud ComputingCICS ApplicationsData protectionContent TransformationWeb-EnablementJES AdministrationFile DeliveryGlobal ExpansionWhitepaperEdge computingsoftwareDisk ManagementFirewallEmbeddedSolarisApplication Development5G NetworkCapacity PlanningInSync Suitentel Xeon Scalable Processor FamilyData BackupDell EMCVSESecurity ManagementIoTPartnersDell Technologies WorldarchitectureIntel Xeon Scalable ProcessorsWeb AccessOptane memoryAccountingHelp ManagementConsolidationPowerEdge 14G ServersExpressCardStandEVDOVROCSystems Monitoring30 PinGlobal SupportSystems IntegrationModemulatorPolicy ManagementIoT ChallengesHubUNICOM EngineeringCarrier Loss RedialApplication Lifecycle Managemente-wasteAdvance Server ReplacementIntel OptaneSupport ServicesmicroarchitectureDocument Management and Deliveryz/VMExpansion CardOmni-PathDell SecurityFederal GovernmentVoiceReliabilityTSOSystems ManagementcommunicationsGlobal ServicesSpool File ManagementLine SharingVMware vSAN cluster1ReportingIntel® Atom® C3000Dell EMC OEM PowerEdge 14th Generation ServersCellularSerialVSAMAdministrationFleet ManagementLinuxPIE/TSO SuiteMicroPCISDXCFlash ROMContent ManagementPower SwitchSecurityFPGAJ2EEeReaderTransitioning to HaswellDiagnosticREXXcustoms and tradeVMBatch Processingproduct lifecycle supportWireless MeshAdvanced Job SchedulingTAPSystem Performance MonitoringInternet of ThingsFault Analysis and TestingDell Technologies OEM & IoTLewisburgHybridCICSGSMmemoryappliance serversPublic SectorPortfolio ManagementModemservers5Gsolutions developmentAccessoryATCALine ConsolidationProblem and Incident ManagementIssue TrackingSDHCCloud StorageLewisburg PCHdatabase IOPS1TeamBLUEControllerKnowledge baseALM2nd Generation Intel Xeon Processor FamilyProduction PrintingPhysical Securitydigital transformationBatch ScheduleCentralized Controledge serversDashboardEclipseExtensionDocument ProcessingAISkylakecertificationsPrint ManagementGatewayVTAMIMSTerminal EmulationHelp DeskPDQRSA ConferenceLoop DetectionDIP switchesMenu ManagementAdvance Replacement ServicesAutomated Job Schedulingstorage and networkingForward Stocking LocationsSoftmodemCopperDellpurpose-built hardwareRisk ManagementIntel AtombronzeJava, PC, and Web Version ControlEthernetQATJavaProductivityGlobalWebSphereConsole ServerUniGW 2.0data storageapplianceCableRegulatory ComplianceQualityplatinumUSBSession Management4GInternalIntel®UNICOM Government ServicesRegenerationOnline HelpDell PlatformsGlobal Expansion Partnersserver architecturerecycle electronicsData securityApplication ModernizationApplication LifecycleUSB 3.0Job AccountingGigabitMacAutomated Data CompressionProGen Plus InterfaceBusinessData CenterPerformance MonitoringNetworkData ManagementCICS Print56KMulti-ModeRAIDDell EMC OEMAtom C3000TabletAIXdeep technologyCA 2EOutput ManagementIntel Xeon Scalable Based PlatformsProduct CompliancevirtualizationDatacenter, NetApp, DCOI, Compliance, data center optimizationAutomated OperationsSynchronizationTechnology TransitionsHelpdeskIntel Xeon ScalableLANSADell 14GIntel Atom C3000z/OSGCSAutonomous DrivingDellTechWorldSoftware Change ManagementRSA 2018VSAM Forward Data RecoveryWCDMADatabasepurpose built hardwareCompact FlashSinglemodeVideo SurveillanceSkylakeSSDPerformance AnalysisCDMABackupLine ProbingWindow Managementtrade restrictionsISC Westgolf classic, humanitarian, charity, philanthropy, engineering,Port ServerHalf DuplexWindowsGDPRExternalIntelcomputingFile Processingz/VSEPCIesilverSystem Integrationtrade rules and regulationsNetwork Attached StorageArtificial IntelligenceBrexitIntel Xeon Scalable Processor FamilyTelephonyCost Accounting StandardsWeb-BasedOEMMessage Console ManagementCode Path Analysis