In an already topsy-turvy presidential campaign, the recent breaches of Democratic Party computer networks have fueled fears about potential foreign meddling and raised questions about how secure the electronic systems that record and tally votes across the country are from sophisticated hackers.
For years, computer security experts have warned that electronic voting is vulnerable to hacking that could alter vote tallies and theoretically swing an election. The intrusions that compromised the Democratic National Committee and the House Democrats’ fundraising campaigns’ systems — both of which cybersecurity experts have blamed on groups linked to Russian intelligence agencies — have only heightened those concerns.
Even a minor breach could wreak havoc by undermining the public’s faith in the integrity of the balloting, particularly in a campaign as contentious as this year’s presidential race.
“We cannot function without the leadership that is elected via the democratic process, and attacks on our election system could undermine all of the confidence that voters have in the legitimacy of our leadership,” said J. Alex Halderman, a computer science professor at the University of Michigan who has studied security in electronic and internet voting.
With the stakes running high, the Obama administration has said it is attuned to the threat and is looking at ways to mitigate it.
“There is a vital national interest in our election process,” Secretary of Homeland Security Jeh Johnson said Wednesday. “We are actively thinking about election cybersecurity right now.”
One step the administration is weighing, Johnson said, is to include the electoral system as part of the nation’s critical infrastructure, putting it on par with the power grid and financial sector. Such a move would make the election system eligible for federal protection.
Johnson also said that in the short term he is considering sharing a list of “best practices” with state and local election officials to help secure the integrity of the voting process. But in the long run, he said, the nation will need to invest in the cybersecurity of the entire electoral system.
Cybersecurity professionals and election experts generally agree that there are several links in the chain that makes up the election process, including the voting machines, election management system and online voter registration, that are potentially vulnerable to exploitation by sophisticated hacking groups, including those sponsored by nation-states.
But any nation-state caught trying to manipulate an American election would have to deal with fallout from the U.S. government.
Part of the challenge of securing the election process stems from it not being run by federal authorities. Instead, state and local officials are in charge of managing their respective districts and voting procedures.
In a presidential election, there are some 9,000 jurisdictions that take part, collecting votes, tallying them and reporting them. States, cities and counties “all have their own way of doing business, down to the nature of the ballots, the nature of how the votes are collected and tabulated,” Johnson said.
For the 2016 election, nearly 80 percent of states will vote either on a paper ballot or through an electronic voting machine, known as a Director Recording Electronic or DRE, that has some sort of paper record, according to Larry Norden, a deputy director at the Brennan Center for Justice in New York.
The paper trail is one of the most important ways officials have of ensuring the correct count from a vote. Voter-marked paper ballots give them a resource to cross check if an audit proves necessary.
However, five states — Delaware, Georgia, South Carolina, New Jersey and Louisiana — have entirely paperless voting. A handful of other states, including election battlegrounds like Pennsylvania and Virginia, have a significant number of jurisdictions that only conduct paperless voting.
If hackers tampered with results in those states or jurisdictions, election officials wouldn’t have any paper ballots to refer back to in an audit.
And while experts say there have been no documented cases in the U.S. of an electronic voting machine being hacked during an election, that doesn’t mean it can’t happen.
“We’ve identified severe security problems in various kinds of voting equipment and software systems that are used in the United States,” said Halderman, the computer science professor at the University of Michigan.
“Some of the equipment is still in use, despite having severe problems. Much of the equipment and software that is in use for elections in the U.S. has never been subjected to rigorous independent security testing.”
One vulnerable point in the electronic voting machines is the memory card that records votes at a polling place. An individual who has physical access to them could upload malicious software, or malware, onto them and infect other machines or the computer used to tabulate votes across a district.
“All that power of computers that is used to make counting easier we can subvert to spread malicious software among the voting machines,” Halderman said.
Another potential point of entry is the election management system or computers of local election officials. Such a breach could allow the hackers to tamper with the results.
“These are folks operating on almost no budget,” said David Wagner, a computer science professor at the University of California, Berkeley, who has studied election security. “You could imagine hacking into those machines and just casting doubt” on the results.
But Wagner said that while those systems are certainly at risk, officials have implemented procedural protections to limit the threat.
“It’s not a super easy thing to pull off,” he said. “It might be possible but it would take some advanced planning.”
One thing that has already proven vulnerable to hacking is online voter registration databases. Last month, election officials in Illinois shut down their system after determining that it had been hacked.
Despite the lingering vulnerabilities, Wagner takes a positive view of security of the electoral process.
“I’m a little more optimistic than most of the computer security folks. I feel that much of the country is in pretty good shape,” Wagner said. “Ten years ago computer experts raised the alarm that we’re heading down a really dangerous direction, and I think that they were right. I think a lot of states have taken those warnings to heed, and have put in place some pretty good defenses.”
Wagner points to paper records and post-election auditing as two of the most effective defenses to ensure a correct count.
Many states have an obligatory partial audit of results, according to the non-profit Verified Voting.
He’s also skeptical that any nation-state would be willing to run the risk of being caught trying to manipulate an American election.
“Hacking our voting machines would be a pretty risky thing to do,” Wagner said. “If they got caught, I mean, oh my gosh.”
Pulling off a hack of U.S. elections would not be a minor task, but not because of the technical skills involved, experts say. It would require the patience and political expertise that generally only a nation-state backed group would possess, said Christopher Porter from the information security firm FireEye.
“You’re going to need not just cyber experts, but substantive experts on the targeted system and that’s putting together a different sort of cyber threat team than we’ve seen in the past,” said Porter, who manages the intelligence and forecasting arm of FireEye Intelligence.
Porter has researched Russian hacking groups, including the ones that outside experts have blamed for the recent Democratic Party intrusions. He said the more likely way that those groups, known as APT 28 and APT 29, would try to impact an election is through influencing media coverage and public perception.
One way to do that: by releasing documents through, say, WikiLeaks..