How vulnerable are US voting machines to foreign hackers?

Aug 10, 2016

How vulnerable are US voting machines to foreign hackers?

The recent hack of Democratic National Committee computers, attributed by authorities to Russia, has many Americans worried about foreign influence swaying the upcoming presidential election.

The DNC breach provides an excellent example of political doxing. This co-opted 1990s hacker revenge technique employs extra-legal methods to acquire and publish an individual's personal information on the internet, computer security expert Bruce Schneier explained in an article for Motherboard. What's more, according to Schneier​, political doxing is trending among cybercriminals.

Following the initial theft of DNC emails and opposition research on Republican Presidential Nominee Donald J. Trump, anti-secrecy website WikiLeaks issued approximately 20,000 internal DNC emails, Rebecca Hersher reported for NPR.

The emails, along with subsequently released stolen voicemails, indicated that high-level DNC staff actively favored Hillary Clinton during the primary election, Tom LoBianco and David Wright reported for CNN. In the wake of this leak, DNC Chairwoman Debbie Wasserman Schultz offered her resignation, an embarrassment on the eve of the Democratic National Convention where Clinton accepted the party's presidential nomination.

Fears that the Russian government may use cybercrime to ensure a Trump presidency are swirling after Trump's suggestion that Russian intelligence should similarly acquire missing emails from Clinton's tenure as Secretary of State, LoBianco and Wright reported. Trump later claimed the comment was sarcastic, and Russian authorities deny any involvement in the DNC hack. However, many still raise the question of whether Russia might look to cyberattacks to influence the 2016 U.S. presidential election.

Electronic voting technology

Political doxing represents an eye-catching weak point in the American electoral system, but a quieter risk to ballot security lies in the age of voting machines. While electronic voting technology is hardly a new concept - the 2002 Help America Vote Act mandated that each county make a minimum of two electronic ballot boxes available to residents - most people might expect to find the most up-to-date technology when they head to the polls.

However, the reality disappoints. A 2015 report by the Brennan Center for Justice warned that modern voting machines differ from their predecessors in that they are not intended to function for decades. According to the report, equipment purchased after 2000 is expected to last between 10 and 20 years. Most electronic ballot boxes that debuted at the turn of the century were designed in the 1990s, creating several problems: Chiefly, the report asserted, as of 2016 43 states are using machines 10 or more years old, and 14 states are using machines at least 15 years old.

Not only is the technology more than a decade behind current innovations, but because of the equipment's age, finding replacements for damaged or worn-out parts can be difficult, the Brennan Center report noted. As the technology nears the end of its life expectancy, voting machines are at increasing risk of crashing.

Such errors can affect elections, Richard Forno reported in a recent Government Technology article. Forno noted that in 2004 North Carolina voting machines deleted 4,438 votes, for which there was no backup record. In the end, fewer than 2,000 votes determined the results of that same election, Cory Bennett noted in a 2014 article for The Hill.

Yet another trouble that surrounds electronic ballot boxes is the lack of funding for states to purchase updated technology. As the functionality of electronic voting machines begins to deteriorate across the country, the Brennan Center reported, 22 out of 31 states seeking to purchase new equipment in the next five years reported lacking the necessary funds. The national cost of replacing all outdated voting machines may be upward of $1 billion, the Brennan Center calculated.

What else could go wrong?

Beyond voting machine age and political doxing, U.S. elections face other technology issues. In an opinion article in The Washington Post, Schneier argued that directly influencing electronic ballots is not the only way foreign governments might tamper with a U.S. election. Schneier expressed concerns about electronic voter records, stating that foreign cybercriminals could access and delete such information.

In a May 2016 article on election fraud, The Hill's Cory Bennett also cited the security of voter data as an important issue to address. Quoting the CEO of secure digital election system advocate group Free & Fair, Joseph Kiniry, Bennett made the case that by deleting select voter registration data, hackers have the power to easily wreak havoc on elections and noted that stolen voter information is somewhat valuable in of itself, with packages of 5 to 10 million records selling for $1,350 to $2,250 on the dark web, providing a further motive to potential cyber criminals.

What's more, Bennett asserted, security guidelines are not consistent between states, and some categorize voter information as "public record." This classification means that states are not mandated to meet the federal security standards placed upon "personally identifiable information" for voter data, which is not viewed as such.

In his Government Technology article, Forno explained that electronic ballot boxes face security risks due to the voting process itself. In order to successfully serve each precinct, voting machines are spread out across their county's municipal gird. Furthermore, votes must be transferred to a higher voting office to be tallied, creating vulnerable junctures that hackers could attack, Forno noted.

In order to ensure accurate election results, Forno concluded, the hardware and the network connection linking electoral machines must be secure. In addition, the electronic ballot boxes' software and the states' local tabulating software must be able to resist cyberattacks.

What is the alternative?

Some states have opted to return to traditional paper ballots, citing security concerns. In fact, Bennett asserted, more than half the states have begun to revert to paper ballots.

A more high-tech alternative to cybercrime risks is to invest in securing and updating electronic voting machines. While Forno made it clear that he does not believe that any given piece of electoral equipment is likely to be sabotaged by a foreign government, he maintained the importance of securing voting machines to ensure the legitimacy and accuracy of U.S. elections.

The best solution seems to come when paper and digital meet in the middle. Other states can take their cue from Ohio, which passed legislation requiring all precincts to use only voting machines that generate a voter-verified paper trail, according to Bennett.

In addition, allocating funds to meet the impending costs of upgrading electrical equipment, as estimated by the Brennan Center, is also a necessary step for states to take, should they wish to maintain electronic voting machines.

In the face of election security concerns, state governments are wise to update their voting machines.

 



Tags:
Category: Cybersecurity

Add Pingback

Please add a comment

You must be logged in to leave a reply. Login »

Category List


Tag List

Batch Processing (6)
Speed Leveling (5)
Cloud Computing (2)
Global Support (2)
CDMA (5)
Forward Stocking Locations (1)
56K (45)
purpose built hardware (1)
RSA 2018 (1)
UNICOM Engineering (6)
Reporting (68)
File Sharing (10)
Fiber (7)
Extension (4)
Sandy Bridge (4)
Deployment Partner (2)
Cyber Security (5)
Solaris (3)
Dell Security (1)
Data Backup (12)
Skylake Purley (1)
ProGen Plus Interface (3)
Omni-Path (3)
Application Development (7)
File Management (20)
software (1)
QuickAssist (1)
Document Management and Delivery (163)
Terminal Emulation (10)
Dell Platforms (1)
Gigabit (15)
Expansion Card (3)
Productivity (38)
Low Profile PCI (10)
Datacenter, NetApp, DCOI, Compliance, data center optimization (1)
Remote Access (8)
silver (1)
Dell EMC OEM PowerEdge 14th Generation Servers (2)
Application Modernization (12)
Message Console Management (8)
Intel Xeon Scalable Based Platforms (1)
V.22 (15)
Cost Accounting Standards (1)
Job Accounting (5)
USB 3.0 (30)
storage and networking (1)
Spool File Management (8)
electronic recycling (1)
Flash ROM (25)
PCI (20)
Regeneration (2)
Copper (12)
Centralized Control (1)
Atom C3000 (1)
computing (2)
Technology Transitions (3)
Data security (3)
Micro (5)
ISC West (1)
Transparent Supply Chain (2)
V.Everywhere (5)
Gateway (11)
Session Management (36)
deep technology (1)
Quality (1)
Web-Enablement (11)
Independent Software Vendors (1)
Line Consolidation (5)
30 Pin (5)
Data protection (1)
4GL (5)
InSync Suite (34)
Linux (30)
Batch Schedule (6)
Data Management (68)
Carrier Loss Redial (5)
Web-Based (1)
Cloud Storage (2)
Intel® Atom® C3000 (2)
ntel Xeon Scalable Processor Family (1)
golf classic, humanitarian, charity, philanthropy, engineering, (2)
Aggregation (11)
Menu Management (11)
Global Expansion Partners (1)
Library Management (10)
Advance Replacement Support Program (1)
Intel Xeon Scalable (3)
Capacity Planning (21)
Lewisburg PCH (1)
VSAM (27)
Ethernet (12)
Global Services (1)
Security Management (6)
Support Services (1)
Console Server (8)
product lifecycle support (1)
Intel Xeon Scalable Processors (6)
SCM (27)
Transitioning to Haswell (1)
VROC (1)
VMware vSAN cluster1 (1)
Advanced Job Scheduling (8)
VM (7)
data storage (4)
Embedded (5)
AI (1)
Document Composition (13)
WCDMA (5)
Dell Technologies World (2)
Optane memory (1)
Global Expansion (1)
Singlemode (3)
UNICOM Government Services (1)
Content Management (32)
Tablet (9)
File Delivery (1)
ECM (1)
Dell EMC Titanium OEM (1)
Risk Management (1)
GDPR (1)
Helpdesk (2)
Business (5)
PCIe (10)
LANSA (3)
Windows (63)
e-recycling (1)
JES Administration (10)
Resource Management (7)
trade restrictions (1)
NVMe (1)
Data File Management (4)
Dial-up (66)
Help Desk (2)
virtualization (1)
Data Center (1)
Voice (5)
IoT (8)
IoT Challenges (1)
Performance Analysis (5)
Accounting (6)
Window Management (4)
appliance (1)
Accessory (5)
Security (13)
GCS (7)
Policy Management (1)
low-power (1)
Portfolio Management (5)
Global (15)
UNICOM Engineering Products (1)
TeamBLUE (5)
Compression (4)
Application Lifecycle (2)
digital transformation (2)
Software Change Management (27)
Database (24)
External (20)
IBM i (91)
Compact Flash (3)
FPGA (1)
e-waste (1)
Java, PC, and Web Version Control (3)
Modem Emulation (6)
IMS (10)
USB (51)
database IOPS1 (1)
Stand (9)
System Performance Monitoring (5)
Modem (48)
Network Attached Storage (6)
Partners (1)
Softmodem (5)
Performance Management (81)
Cellular (12)
architecture (2)
EVDO (5)
GSM (8)
Virtual OEM (1)
Problem and Incident Management (2)
Systems Integration (1)
certifications (1)
Dashboard (4)
Purley (2)
Lewisburg (1)
QAT (1)
Loop Detection (3)
VSE (7)
bronze (1)
Autonomous Driving (1)
Debugging (30)
Whitepaper (1)
Web Access (7)
Code Editor (10)
Dell EMC (4)
Application Deployment (3)
CICS Applications (11)
Backup (4)
microarchitecture (1)
Application Lifecycle Management (38)
Console Management (19)
recycle electronics (1)
Line Sharing (11)
TAP (19)
UNIX/Linux (18)
Public Sector (1)
Smartphone (9)
5G (4)
Dell OEM (1)
Output Management (141)
WebSphere (1)
4G (1)
Fleet Management (1)
Serial (37)
RAID (1)
5G Network (1)
Synchronization (1)
Eclipse (30)
Analysis (8)
memory (1)
Dell EMC OEM (1)
Issue Tracking (4)
Automated Data Compression (5)
AIX (6)
server architecture (1)
Intel Xeon Scalable Processor Family (2)
Controller (25)
PIE/TSO Suite (15)
HSPA+ (5)
Cable (18)
SDXC (3)
z/OS (305)
customs and trade (1)
Internet of Things (6)
Artificial Intelligence (3)
Disk Management (8)
Card Reader (3)
Hybrid (8)
PDQ (4)
trade rules and regulations (2)
Synon (4)
Print Management (136)
Mac (5)
Administration (1)
Enterprise Content Management (1)
Online Help (11)
Product Compliance (1)
State and local Government (1)
Optane (1)
edge servers (1)
Intel Atom (1)
Advance Server Replacement (1)
Reliability (4)
SD (3)
Dell (1)
Systems Monitoring (2)
Compliance Management (1)
Advance Replacement Services (1)
Automated Job Scheduling (6)
Multi-Mode (4)
Macro-Level Interpreter (2)
CARTS Suite (10)
Line Probing (15)
Document Processing (124)
DellTechWorld (1)
OEM (7)
SDHC (3)
Physical Security (1)
TSO (3)
Diagnostic (3)
Power Switch (8)
video data storage (2)
PowerEdge 14G Servers (3)
RSA Conference (8)
Fault Analysis and Testing (62)
Columbus Suite (139)
eReader (4)
iDRAC with Quick Sync 2 mobile-based management (1)
Firewall (5)
Asset Management (2)
CICS Print (1)
ALM (27)
Performance Monitoring (5)
Brexit (1)
NAB (1)
V.Everything (5)
3270 Terminals (7)
servers (1)
Full Duplex (16)
z/VM (16)
solutions development (1)
REXX (2)
System Integration (3)
Skylake (1)
File Processing (8)
ISO Standards (2)
Regulatory Compliance (1)
purpose-built hardware (1)
CA 2E (4)
gold (1)
electronic waste (1)
z/VSE (132)
Intel® (2)
Edge computing (1)
J2EE (2)
SSD (1)
Intel Atom C3000 (4)
Statement of Conformance (1)
Production Printing (1)
NAS (6)
Network (1)
Systems Management (16)
Video Surveillance (2)
Automated Operations (64)
Help Management (4)
Knowledge base (2)
Tape Management (8)
Telephony (11)
Port Server (8)
VSAM Forward Data Recovery (5)
Hub (4)
trade compliance (2)
ExpressCard (5)
PowerEdge (1)
VTAM (33)
Modemulator (6)
Code Path Analysis (11)
Federal Government (1)
Dell 14G (1)
Wireless Mesh (4)
Half Duplex (9)
GPS (8)
Automated Messaging (8)
communications (1)
PIE/CICS Suite (13)
platinum (1)
Automated (2)
Business Intelligence (15)
Intel (3)
CICS (85)
Consolidation (2)
Java (10)
appliance servers (2)
Internal (25)
ATCA (1)
Storage Management (8)
DIP switches (5)
Content Transformation (1)
Skylake (2)

Tag Cloud

VMware vSAN cluster156KOmni-PathSDAutomated Data CompressionUNICOM Engineering Productsntel Xeon Scalable Processor FamilyAutonomous DrivingAsset ManagementMulti-ModeTransitioning to HaswellPublic SectorAccountingPCIModem EmulationWeb AccessJavaCarrier Loss RedialAdvance Server ReplacementGigabitLine ProbingV.22Business IntelligenceVSEConsolidationplatinumPurleyRAIDPortfolio ManagementSpeed LevelingCICS ApplicationsSmartphoneData protectionDocument Management and Deliverycustoms and tradeIntel Xeon Scalable ProcessorsCentralized ControlSkylakeSoftmodemPowerEdgerecycle electronicsUSBApplication DevelopmentVMSupport ServicesIntel Xeon Scalable Based PlatformsSkylake PurleyDeployment PartnerCICS PrintHelpdeskOEMSession ManagementMenu ManagementEdge computingREXXCARTS SuiteECMEnterprise Content ManagementRisk Management5GApplication ModernizationIntel Atom C3000z/VMFleet ManagementTeamBLUEHSPA+RSA Conferenceelectronic recyclingRemote Accesssolutions developmentMacDatabaseDebuggingAtom C3000UNICOM Government Servicestrade rules and regulationsProduction PrintingStandSDXCPartnersModemulatorControllerPerformance ManagementGPSCard ReaderInSync Suitetrade restrictionsWeb-EnablementNASPrint Managementz/OSTape ManagementExpansion CardJES AdministrationAdvance Replacement Support ProgramProduct ComplianceMicroUNICOM EngineeringLinuxproduct lifecycle supportWeb-BasedJ2EEISO StandardsPerformance MonitoringLANSACableGatewaysoftwareGCSHelp DeskHubdigital transformationBackupSpool File ManagementDell PlatformsPDQcertificationsIntel AtomvirtualizationMacro-Level InterpreterAdvance Replacement ServicesUSB 3.0Java, PC, and Web Version ControlApplication Deployment4GLeReaderDellTechWorldserversDiagnostic4GPhysical SecurityAdvanced Job SchedulingPolicy ManagementFull DuplexProductivityAIRegenerationModemOnline HelpBatch ProcessingHalf DuplexRegulatory ComplianceContent TransformationFlash ROMSynonNABDell OEMCompliance ManagementSystems IntegrationgoldHelp ManagementGlobal Expansion PartnersDial-upTAPWindow ManagementDell EMC Titanium OEMSCMFederal GovernmentFile ProcessingV.EverythingsilverBatch ScheduleStorage Managementz/VSEWCDMAOutput Management3270 TerminalsDatacenter, NetApp, DCOI, Compliance, data center optimizationDisk ManagementAutomated MessagingPCIeDocument CompositionTransparent Supply ChainNVMeSynchronizationcommunicationsCapacity PlanningArtificial IntelligenceSoftware Change ManagementmicroarchitectureDellDIP switchesdata storageForward Stocking LocationsWindowsGlobalJob AccountingFile SharingCopperReliabilitybronzeAutomated Job SchedulingSandy BridgeAutomatedCode EditorLewisburg PCHHybridCICSOptaneFile ManagementTelephonyFiberTechnology TransitionsIssue TrackingEVDOIBM iCellularVSAMSDHCAnalysisSerialData File ManagementExpressCardISC WestapplianceVoiceIoT Challengesdatabase IOPS1computingBusinessApplication Lifecycle ManagementSystem Performance Monitoringe-wastestorage and networkingEclipseIMSUNIX/LinuxFPGADell EMC OEMEmbeddedATCAInternet of ThingsLewisburgCloud StorageVirtual OEMOptane memoryConsole ManagementIntelFault Analysis and TestingData ManagementCloud ComputingMessage Console Managementdeep technologyIndependent Software VendorsSystem IntegrationAutomated OperationsNetwork Attached StorageGDPRLoop DetectionDashboardAIXPerformance AnalysisResource ManagementApplication LifecycleLow Profile PCIStatement of ConformanceExtensionAccessoryReportingPIE/TSO SuiteKnowledge baseLibrary ManagementState and local GovernmentCode Path Analysislow-powerQualityLine ConsolidationInternalSSDWireless MeshiDRAC with Quick Sync 2 mobile-based managementDell 14GSinglemodearchitectureV.Everywhereserver architectureTerminal EmulationProblem and Incident ManagementCost Accounting StandardsSystems ManagementSecurityCompact FlashTabletCA 2EData Backupgolf classic, humanitarian, charity, philanthropy, engineering,purpose-built hardwareSecurity ManagementVideo SurveillanceIntel® Atom® C3000Line SharingCyber SecurityDell EMCIoTpurpose built hardwareSolarisDell Technologies WorldData CenterDell SecurityContent ManagementGlobal ExpansionConsole ServerVSAM Forward Data RecoveryPIE/CICS SuiteCompressionIntel Xeon ScalableNetworkExternalProGen Plus InterfaceALMe-recyclingPowerEdge 14G ServersFirewallData securityQuickAssistQATRSA 2018VTAMAggregationPower SwitchEthernetWebSphere5G Networkelectronic wasteTSOedge serversSystems Monitoringtrade complianceVROCSkylakeappliance serversmemoryBrexitFile Delivery30 PinCDMADocument ProcessingDell EMC OEM PowerEdge 14th Generation ServersPort ServerColumbus SuiteGlobal SupportGSMAdministrationIntel Xeon Scalable Processor FamilyWhitepaperGlobal Servicesvideo data storageIntel®


Archive