How vulnerable are US voting machines to foreign hackers?

Aug 10, 2016

How vulnerable are US voting machines to foreign hackers?

The recent hack of Democratic National Committee computers, attributed by authorities to Russia, has many Americans worried about foreign influence swaying the upcoming presidential election.

The DNC breach provides an excellent example of political doxing. This co-opted 1990s hacker revenge technique employs extra-legal methods to acquire and publish an individual's personal information on the internet, computer security expert Bruce Schneier explained in an article for Motherboard. What's more, according to Schneier​, political doxing is trending among cybercriminals.

Following the initial theft of DNC emails and opposition research on Republican Presidential Nominee Donald J. Trump, anti-secrecy website WikiLeaks issued approximately 20,000 internal DNC emails, Rebecca Hersher reported for NPR.

The emails, along with subsequently released stolen voicemails, indicated that high-level DNC staff actively favored Hillary Clinton during the primary election, Tom LoBianco and David Wright reported for CNN. In the wake of this leak, DNC Chairwoman Debbie Wasserman Schultz offered her resignation, an embarrassment on the eve of the Democratic National Convention where Clinton accepted the party's presidential nomination.

Fears that the Russian government may use cybercrime to ensure a Trump presidency are swirling after Trump's suggestion that Russian intelligence should similarly acquire missing emails from Clinton's tenure as Secretary of State, LoBianco and Wright reported. Trump later claimed the comment was sarcastic, and Russian authorities deny any involvement in the DNC hack. However, many still raise the question of whether Russia might look to cyberattacks to influence the 2016 U.S. presidential election.

Electronic voting technology

Political doxing represents an eye-catching weak point in the American electoral system, but a quieter risk to ballot security lies in the age of voting machines. While electronic voting technology is hardly a new concept - the 2002 Help America Vote Act mandated that each county make a minimum of two electronic ballot boxes available to residents - most people might expect to find the most up-to-date technology when they head to the polls.

However, the reality disappoints. A 2015 report by the Brennan Center for Justice warned that modern voting machines differ from their predecessors in that they are not intended to function for decades. According to the report, equipment purchased after 2000 is expected to last between 10 and 20 years. Most electronic ballot boxes that debuted at the turn of the century were designed in the 1990s, creating several problems: Chiefly, the report asserted, as of 2016 43 states are using machines 10 or more years old, and 14 states are using machines at least 15 years old.

Not only is the technology more than a decade behind current innovations, but because of the equipment's age, finding replacements for damaged or worn-out parts can be difficult, the Brennan Center report noted. As the technology nears the end of its life expectancy, voting machines are at increasing risk of crashing.

Such errors can affect elections, Richard Forno reported in a recent Government Technology article. Forno noted that in 2004 North Carolina voting machines deleted 4,438 votes, for which there was no backup record. In the end, fewer than 2,000 votes determined the results of that same election, Cory Bennett noted in a 2014 article for The Hill.

Yet another trouble that surrounds electronic ballot boxes is the lack of funding for states to purchase updated technology. As the functionality of electronic voting machines begins to deteriorate across the country, the Brennan Center reported, 22 out of 31 states seeking to purchase new equipment in the next five years reported lacking the necessary funds. The national cost of replacing all outdated voting machines may be upward of $1 billion, the Brennan Center calculated.

What else could go wrong?

Beyond voting machine age and political doxing, U.S. elections face other technology issues. In an opinion article in The Washington Post, Schneier argued that directly influencing electronic ballots is not the only way foreign governments might tamper with a U.S. election. Schneier expressed concerns about electronic voter records, stating that foreign cybercriminals could access and delete such information.

In a May 2016 article on election fraud, The Hill's Cory Bennett also cited the security of voter data as an important issue to address. Quoting the CEO of secure digital election system advocate group Free & Fair, Joseph Kiniry, Bennett made the case that by deleting select voter registration data, hackers have the power to easily wreak havoc on elections and noted that stolen voter information is somewhat valuable in of itself, with packages of 5 to 10 million records selling for $1,350 to $2,250 on the dark web, providing a further motive to potential cyber criminals.

What's more, Bennett asserted, security guidelines are not consistent between states, and some categorize voter information as "public record." This classification means that states are not mandated to meet the federal security standards placed upon "personally identifiable information" for voter data, which is not viewed as such.

In his Government Technology article, Forno explained that electronic ballot boxes face security risks due to the voting process itself. In order to successfully serve each precinct, voting machines are spread out across their county's municipal gird. Furthermore, votes must be transferred to a higher voting office to be tallied, creating vulnerable junctures that hackers could attack, Forno noted.

In order to ensure accurate election results, Forno concluded, the hardware and the network connection linking electoral machines must be secure. In addition, the electronic ballot boxes' software and the states' local tabulating software must be able to resist cyberattacks.

What is the alternative?

Some states have opted to return to traditional paper ballots, citing security concerns. In fact, Bennett asserted, more than half the states have begun to revert to paper ballots.

A more high-tech alternative to cybercrime risks is to invest in securing and updating electronic voting machines. While Forno made it clear that he does not believe that any given piece of electoral equipment is likely to be sabotaged by a foreign government, he maintained the importance of securing voting machines to ensure the legitimacy and accuracy of U.S. elections.

The best solution seems to come when paper and digital meet in the middle. Other states can take their cue from Ohio, which passed legislation requiring all precincts to use only voting machines that generate a voter-verified paper trail, according to Bennett.

In addition, allocating funds to meet the impending costs of upgrading electrical equipment, as estimated by the Brennan Center, is also a necessary step for states to take, should they wish to maintain electronic voting machines.

In the face of election security concerns, state governments are wise to update their voting machines.


Category: Cybersecurity

Add Pingback

Please add a comment

You must be logged in to leave a reply. Login »

Category List

Tag List

PIE/CICS Suite (13)
Document Management and Delivery (163)
Skylake (2)
Controller (25)
Storage Management (8)
e-recycling (1)
Web-Based (1)
bronze (1)
File Processing (8)
File Sharing (10)
Problem and Incident Management (2)
Helpdesk (2)
Telephony (12)
5G Network (1)
Console Management (19)
PCIe (10)
Intel® (2)
Backup (4)
Loop Detection (3)
z/OS (305)
Global Expansion (1)
Expansion Card (3)
ISC West (1)
eReader (4)
Extension (4)
Dell Security (1)
certifications (1)
Content Management (32)
Centralized Control (1)
TeamBLUE (5)
Console Server (8)
Java, PC, and Web Version Control (3)
electronic waste (1)
UNICOM Engineering (6)
NAB (1)
Window Management (4)
Productivity (38)
Quality (1)
data storage (4)
PCI (20)
Document Processing (124)
SCM (27)
Network Attached Storage (6)
Dell EMC Titanium OEM (1)
Full Duplex (17)
server architecture (1)
VSAM (27)
UNICOM Engineering Products (1)
Global Services (1)
Web Access (7)
Product Compliance (1)
Public Sector (1)
QuickAssist (1)
Carrier Loss Redial (5)
Embedded (5)
Deployment Partner (2)
appliance (1)
deep technology (1)
Code Editor (10)
Cable (18)
golf classic, humanitarian, charity, philanthropy, engineering, (2)
REXX (2)
Modem (48)
Business (5)
VTAM (33)
Resource Management (7)
Dell Platforms (1)
Data protection (1)
CARTS Suite (10)
Spool File Management (8)
Ethernet (12)
Singlemode (3)
Automated Job Scheduling (6)
5G (4)
PowerEdge (1)
Macro-Level Interpreter (2)
Document Composition (13)
Smartphone (9)
Windows (63)
Cloud Computing (2)
Skylake Purley (1)
Columbus Suite (139)
Edge computing (1)
FPGA (1)
architecture (2)
Advance Replacement Services (1)
RAID (1)
z/VM (16)
NAS (6)
storage and networking (1)
Help Management (4)
4G (1)
Flash ROM (25)
Job Accounting (5)
CICS Applications (11)
Automated Data Compression (5)
Wireless Mesh (4)
computing (2)
Atom C3000 (1)
Dial-up (67)
Global Expansion Partners (1)
Diagnostic (3)
USB (51)
gold (1)
Online Help (11)
ProGen Plus Interface (3)
Video Surveillance (2)
CA 2E (4)
30 Pin (5)
product lifecycle support (1)
IMS (10)
TSO (3)
3270 Terminals (7)
Compression (4)
Systems Management (16)
Data Backup (12)
HSPA+ (5)
Application Modernization (12)
CICS (85)
Database (24)
Automated Operations (64)
Application Deployment (3)
Multi-Mode (4)
Dell OEM (1)
ALM (27)
Lewisburg PCH (1)
Line Consolidation (6)
IoT (8)
Session Management (36)
Advance Replacement Support Program (1)
AIX (6)
Modemulator (6)
Physical Security (1)
State and local Government (1)
Output Management (141)
SDXC (3)
Intel® Atom® C3000 (2)
recycle electronics (1)
SDHC (3)
VSE (7)
Dell (1)
Gigabit (15)
Systems Integration (1)
silver (1)
platinum (1)
Modem Emulation (6)
customs and trade (1)
ntel Xeon Scalable Processor Family (1)
Intel Xeon Scalable Processor Family (2)
GPS (8)
Internet of Things (6)
Aggregation (12)
Linux (30)
System Performance Monitoring (5)
Reliability (4)
Disk Management (8)
Technology Transitions (3)
VMware vSAN cluster1 (1)
Policy Management (1)
software (1)
PIE/TSO Suite (15)
Cloud Storage (2)
ECM (1)
Copper (12)
Administration (1)
Federal Government (1)
Issue Tracking (4)
Partners (1)
Brexit (1)
4GL (5)
Mac (5)
Accounting (6)
purpose-built hardware (1)
Cyber Security (5)
e-waste (1)
Transparent Supply Chain (2)
Softmodem (5)
Data security (3)
Print Management (136)
Intel Atom (1)
Hub (4)
VM (7)
GCS (7)
Dell 14G (1)
purpose built hardware (1)
digital transformation (2)
Global (15)
Independent Software Vendors (1)
PDQ (4)
Security (13)
Performance Monitoring (5)
Port Server (8)
Automated (2)
solutions development (1)
Half Duplex (10)
V.Everywhere (5)
Network (1)
External (20)
Transitioning to Haswell (1)
Application Development (7)
trade compliance (2)
Intel (3)
Advanced Job Scheduling (8)
Performance Analysis (5)
IBM i (91)
Security Management (6)
Stand (9)
Low Profile PCI (10)
GDPR (1)
RSA Conference (8)
Solaris (3)
V.Everything (5)
Fiber (7)
Dashboard (4)
56K (45)
microarchitecture (1)
trade restrictions (1)
Asset Management (2)
Autonomous Driving (1)
Hybrid (8)
DIP switches (5)
Global Support (2)
Content Transformation (1)
UNICOM Government Services (1)
virtualization (1)
DellTechWorld (1)
Application Lifecycle (2)
Card Reader (3)
QAT (1)
Forward Stocking Locations (1)
Datacenter, NetApp, DCOI, Compliance, data center optimization (1)
Regeneration (2)
iDRAC with Quick Sync 2 mobile-based management (1)
Help Desk (2)
JES Administration (10)
ATCA (1)
trade rules and regulations (2)
Optane (1)
Batch Processing (6)
Performance Management (81)
database IOPS1 (1)
Software Change Management (27)
Statement of Conformance (1)
SD (3)
Eclipse (30)
File Management (20)
Portfolio Management (5)
servers (1)
video data storage (2)
Tape Management (8)
Voice (5)
AI (1)
VROC (1)
Serial (37)
Synon (4)
Sandy Bridge (4)
TAP (19)
J2EE (2)
System Integration (3)
Purley (2)
Capacity Planning (21)
communications (1)
Code Path Analysis (11)
Data Center (1)
Tablet (9)
WebSphere (1)
Advance Server Replacement (1)
Application Lifecycle Management (38)
Automated Messaging (8)
Micro (5)
Business Intelligence (15)
GSM (8)
Intel Xeon Scalable Processors (6)
IoT Challenges (1)
Gateway (12)
Systems Monitoring (2)
Message Console Management (8)
Line Probing (15)
ISO Standards (2)
EVDO (5)
ExpressCard (5)
Speed Leveling (5)
Omni-Path (3)
Java (10)
SSD (1)
Cost Accounting Standards (1)
electronic recycling (1)
Remote Access (8)
Intel Xeon Scalable (3)
edge servers (1)
Data File Management (4)
Line Sharing (12)
Library Management (10)
Debugging (30)
Data Management (68)
Menu Management (11)
Support Services (1)
Skylake (1)
Intel Xeon Scalable Based Platforms (1)
z/VSE (132)
USB 3.0 (30)
PowerEdge 14G Servers (3)
Internal (25)
Knowledge base (2)
Cellular (12)
Fault Analysis and Testing (62)
Virtual OEM (1)
Production Printing (1)
Dell EMC OEM PowerEdge 14th Generation Servers (2)
Power Switch (8)
low-power (1)
Web-Enablement (11)
Compact Flash (3)
NVMe (1)
OEM (7)
Artificial Intelligence (3)
UNIX/Linux (18)
memory (1)
Synchronization (1)
Accessory (5)
Optane memory (1)
Dell EMC (4)
V.22 (15)
Reporting (68)
RSA 2018 (1)
Consolidation (2)
Firewall (6)
File Delivery (1)
Analysis (8)
Terminal Emulation (10)
CICS Print (1)
Enterprise Content Management (1)
CDMA (5)
InSync Suite (34)
Whitepaper (1)
VSAM Forward Data Recovery (5)
Batch Schedule (6)
appliance servers (2)
Fleet Management (1)
Intel Atom C3000 (4)
Lewisburg (1)

Tag Cloud

Batch Scheduleelectronic wasteWindowsAutomated Data CompressionPower SwitchRAIDEnterprise Content ManagementJES AdministrationserversHalf DuplexGigabitQuickAssistSession Managemente-wasteCentralized ControlREXXWebSphereDeployment Partnerdigital transformationInternet of ThingsAdministrationVSAM Forward Data RecoverySmartphoneData ManagementPIE/CICS SuiteAutomated Job SchedulingUNICOM Government ServicesProduction Printing4GSCMPCIeAtom C3000GlobalFull DuplexDell EMCSkylake Purley56KGCSHybridDiagnostic30 PinLine ConsolidationOmni-PathSecurity ManagementVSEGlobal ServicesAdvance Replacement Support ProgramLinuxPDQUSB 3.0QATDellAsset ManagementRemote Accesscustoms and tradez/VSEWindow ManagementEmbeddedDell PlatformsDell EMC OEM PowerEdge 14th Generation ServersDocument ProcessingConsole ServerWhitepaperCableStandIntel® Atom® C3000VTAMJob Accountingtrade restrictionsAggregationAdvance Replacement ServicesFile ManagementCICS PrintCard ReaderProductivityData Centerdata storageIntel Xeon Scalable Based PlatformsSystem IntegrationConsolidationGDPRGSMSystems MonitoringIntel®PCINASUNIX/LinuxATCAConsole ManagementKnowledge baseV.EverywhereProGen Plus InterfaceAutomated OperationsBusinessSynchronizationIntel AtomLewisburg PCHz/VMz/OSSkylakerecycle electronicsFirewallForward Stocking LocationseReaderUNICOM EngineeringplatinumLANSA4GLV.22ModemulatorHelpdeskpurpose built hardwareStatement of ConformanceMulti-ModeIntel Atom C3000Speed LevelingarchitectureCopperAutomatedProduct ComplianceFile ProcessingNABIBM iEthernetCA 2E3270 TerminalsCompressionNVMeRSA ConferenceTransitioning to HaswellLine Sharingsolutions developmentPort ServerFlash ROMOptane memoryApplication DeploymentJavagolf classic, humanitarian, charity, philanthropy, engineering,DebuggingOnline HelpAccessoryiDRAC with Quick Sync 2 mobile-based managementFleet Management5GSecurityvirtualizationFault Analysis and TestingRegenerationAnalysisQualityPartnersproduct lifecycle supportPowerEdgeControllerCDMAArtificial IntelligenceWeb-BasedPIE/TSO SuiteTabletProblem and Incident ManagementSpool File ManagementEclipseCarrier Loss RedialCode Path Analysiselectronic recyclinglow-powerIntel Xeon Scalable Processor FamilyPhysical SecurityDashboardTransparent Supply ChainCloud StorageDocument Management and DeliveryLewisburgOutput ManagementIoTSinglemodeDial-upISO Standardse-recyclingCellularSSDHSPA+ntel Xeon Scalable Processor FamilyExpressCardReportingECMMenu ManagementSystems IntegrationPerformance MonitoringData BackupGlobal Expansion Partnerspurpose-built hardwareDisk ManagementInternaldatabase IOPS1Modem EmulationMicroDatacenter, NetApp, DCOI, Compliance, data center optimizationApplication ModernizationTSODell EMC Titanium OEMPerformance AnalysisWeb AccessLow Profile PCIPowerEdge 14G ServersGlobal ExpansionsoftwarememoryIntel Xeon Scalable ProcessorsIntel Xeon Scalablevideo data storageEVDOHelp ManagementData File ManagementCode EditorcomputingSDXCCICSHubAdvance Server ReplacementCost Accounting StandardsFPGASDmicroarchitectureOEMDellTechWorldFile SharingWireless MeshcertificationsTeamBLUEGPSDell SecurityData securityPrint ManagementBatch Processingsilvertrade rules and regulationsPurleyOptaneCloud ComputingIndependent Software VendorsDatabaseIMSTelephonySupport ServicesLibrary ManagementReliabilityAIVROCDocument CompositioncommunicationsUSBapplianceSynonedge serversSDHCCompact FlashLoop DetectionTape ManagementBrexitHelp DeskFiberUNICOM Engineering ProductsWCDMAModemCyber SecurityNetwork Attached StorageSoftware Change ManagementExpansion CardBackupPortfolio ManagementVMware vSAN cluster1Line ProbingColumbus SuiteSoftmodemISC WestSystems ManagementNetworkDIP switchesContent TransformationCapacity PlanningVSAMExtensionEdge computingData protectionApplication LifecycleAdvanced Job Schedulingtrade compliancebronzePolicy ManagementApplication Lifecycle ManagementCICS ApplicationsMessage Console Managementserver architectureExternalgoldFederal GovernmentPublic SectorSolarisIoT ChallengesSkylakeVoiceRSA 2018MacFile DeliveryInSync SuiteWeb-EnablementContent ManagementStorage ManagementVMSandy BridgeDell OEMBusiness IntelligenceAutonomous DrivingPerformance ManagementCARTS SuiteState and local GovernmentV.EverythingMacro-Level Interpreterappliance serversIntelVideo SurveillanceALMAIXIssue TrackingAutomated MessagingApplication DevelopmentSerialSystem Performance MonitoringTAPAccountingDell 14GJ2EEResource ManagementTerminal Emulationdeep technologystorage and networkingVirtual OEMTechnology TransitionsJava, PC, and Web Version ControlGatewayGlobal Support5G Network