Published with permission from AlterNet
Election officials say not to worry. But computer scientists do.
The House Committee on Science, Space and Technology was briefed Tuesday on 2016’s doomsday election scenario: what would happen if Russians, or another army of cyber hackers, attempted to infiltrate and corrupt the presidential election voting machinery.
What made the hearing so riveting was the schism between the assessments given. On one hand, a top federal technology officer, senior state election administrator and civilian partner downplayed this summer’s Russian hack into voter registration databases in two states, with two of them saying they were more worried about cyber threats sullying voter confidence than disrupting elections.
But the panel’s lone computer security expert unequivocally testified that a targeted cyber attack in a battleground state could easily overwhelm established voting protocols and force the presidential vote to be rerun—which has never happened. (On Wednesday, Russia was said to be behind hacks of medical records of U.S. Olympic gymnast Simone Biles and tennis stars Serena and Venus Williams.)
“My top concerns are the voter registration systems, because they are generally online. And if it’s online, it’s accessible from the internet. And if it’s accessible from the internet, it’s accessible from our nation-state adversaries,” said Dan Wallach, a computer science professor from the Baker Institute for Public Policy at Rice University. “And as I mentioned before, if you can selectively or entirely delete people who you would rather not vote, the current provisional voting system can’t really scale to support the large numbers of voters who are filling out affidavits and following that process.”
Wallach’s concerns didn’t stop there; he continued with computers tabulating vote counts. “If, for example, we were to conclude on election day that our computer systems had been unreliable, a contingency plan might be to rapidly print millions of paper ballots and rerun the election the next day. Legislation passed in most states following 2012’s Hurricane Sandy appears to allow for such mitigations.”
Needless to say, the other election experts testifying did not want to broach the notion that some number of the nation’s 10,000 voting jurisdictions might be forced into a November presidential vote do-over. While they acknowledged another cyber attack could occur by the election season’s end, they emphasized their security plans, data backup protocols, testing and screening, and said that their array of voting systems would quickly detect and quarantine any hack or attempted tampering.
“I think it’s very important for you to hear from actual election officials who actually conduct elections. And our job, at least in my opinion, is to make voting easier, more accessible, and make it tough to cheat,” said Tom Schedler, Louisiana’s secretary of state who previously was the state’s top election administrator. “But in recent weeks reports on cyber attacks have voters questioning whether their vote will actually count. And that, in my opinion, is more damaging than the potential for hacking.”
“We are all on high alert,” Schedler continued, referring to the FBI notifying states about the Russian hacks. “This whole exercise has put every one of the 50 states working on national security issues, with all national agencies, in an effort to try to improve the system we have or to recheck the system we have. But the fact is states are always evaluating security measures and emergency plans.”
There are four reasons why Americans should feel confident, added David Becker, executive director of the Center for Election Innovation and Research, a new group partnering with states to modernize aspects of their election systems.
First, there is no “single point of entry” to tamper in a presidential election, Becker said. It’s far too decentralized, with more than 10,000 jurisdictions, 100,000-plus polling places, thousands of early voting sites and millions of people voting by mail. Second, voting machines are kept under lockdown until they are used and are extensively calibrated and tested. Third, voting machines are never connected online. And fourth, three-quarters of the states vote with paper ballots and in most presidential battleground states there are post-election day audits that check tabulation accuracy. If a counting discrepancy emerges, he said the law requires that the ensuing paper ballot count is used for the final results.
“Even if hundreds of thousands of people conspired, it would have no effect, because 75 percent of states vote with paper ballots, and there’s post-election audit requirements to match paper and digital records,” Becker said. “If there is a discrepancy, they use the paper count. That’s Arizona, Colorado, Florida, Nevada, New Mexico, North Carolina, Ohio, Pennsylvania, Virginia, Wisconsin. So even if a grand conspiracy were viable, a post-election audit requirement would almost certainly discover it prior to the election results becoming official.”
In other words, the House Committee on Science, Space and Technology heard two parallel and competing realities concerning the possibility of disrupting the presidential election process—and they don’t add up.
Computer scientists like Rice University’s Wallach—and his view is not unique—are saying targeted hacking and interference is not only probable, but should it occur on a large enough scale, the standard backup, using provisional ballots, would not be able to accommodate large volumes of people. But top state election officials like Schedler believe that the systems they have created, even with aging computer voting machinery, have sufficient safeguards.
“States will continue to take a proactive approach to secure our elections,” the Lousiana secretary of state said, citing systems that the public never sees. “At the end of the day, I want to ensure every American—and I speak for all of my colleagues and secretaries of state—that your next president will be determined by a vote of the people, and every vote will count.”
What to Believe?
Early this summer, Russians, according to the FBI, hacked into the Democratic National Committee’s email server and accessed thousands of files, and also went after statewide voter registration databases in Illinois and Arizona. In Illinois, hackers appeared to copy 200,000 voter files, which contain full names, addresses, birth dates, political parties, and driver’s license numbers, state officials told the press. An attempted hack into Arizona’s voter database was detected and stopped.
At Tuesday’s House hearing, the experts said that the DNC’s server was barely protected, whereas state voter registration systems were much more rigidly regulated and protected, and no data was altered. Schedler said the Illinois hack looked like more of an identity theft attempt than a political conspiracy. But that didn’t comfort Wallach, who said that one can never say that something will never happen, especially if there have been hints.
“We must prepare for the possibility that Russia or other sophisticated adversaries will use their cyber skills to attack our elections,” Wallach testified, saying authorities in Ukraine detected and stopped a Russian hack into its 2014 national elections. “And they need not attack every county in every state. It’s sufficient for them to go after battleground states, where a small nudge can have a large impact. The decentralization that we have heard about is helpful, but it’s not sufficient.”
Outside experts are also split on how seriously to take cyber threats in the presidential election. Barbara Simons, who chairs the board of the advocacy group VerifiedVoting.org and is the past president of the Association for Computing Machinery, the nation’s largest scientific computing society, said election officials don’t know what they’re up against.
“The idea that local election officials are somehow going to be able to protect their systems from hacking when Google couldn’t, when major government agencies couldn’t, and banks that spend a lot of money on their security couldn’t—the idea that local election officials who are under-funded, under-resourced, and have little to no access to computer security expertise, that they can somehow protect their systems from hacking, is just a joke,” Simons said. “Really, it’s naive. And further, you have to worry about voter systems being infected with malware that can change votes before they even reach the election officials.”
“The second issue is the vulnerability of the voter registration databases and [if] they can be attacked,” she continued, echoing Wallach. It’s a frightening thought, she continued, “The fact that the voters’ names could be removed, [that] information about them could be changed, as a way of doing selective disenfranchisement… A lot of these databases, I’m sure the majority of them, state what party the voter signed up for, and so if you just wanted to disenfranchise voters from a particular party, it wouldn’t be difficult to do if you have access to the database. You can remove their names, change some of the information, so when they go to the polls there’s something wrong.”
But Lawrence Norden, deputy director of the Brennan Center for Justice at New York University Law School, which has extensively studied voting vulnerabilities for years and has had a leading role in lawsuits nationally to challenge partisan voter suppression tactics, agreed with Schedler and Becker that the biggest threat this fall is to public confidence, not the voting process.
“I think we should take hacks into registration databases seriously, for a number of reasons,” Norden said. “But at the end of the day, a hack on this should not prevent any legitimate voter from being able to vote. Even if, and I’ve seen nothing to indicate that’s what happened here, but even if you did have a situation where someone was trying to manipulate the database records, you will be able to ensure that on election day that people have some way of voting and that you can make sure that their votes are counted at the end of election night, even if somebody screwed with the registration records.”
Becker’s testimony made that same point; that even if there was an attempted hack, it would likely be thwarted, but public confidence would be undermined by the widespread press coverage.
“Probably my biggest concern is that there is a lot of talk, more than I have ever seen before, and before any vote is even cast, about the election being rigged,” Norden said. “I’m concerned about people showing up. I am concerned about voter confidence. And I am concerned that inevitably there are going to be some problems on election day with our equipment, and people don’t take that to mean that the election was stolen.”
He continued, “I’m concerned about, as Trump has talked about, having more [poll] observers on election day, and certainly there are different rules in the states for allowing for allowing for observers and challengers. But if you are going to have a massive amount of people showing up at the polls and not understanding what the laws are, that’s a concern to me, any kind of big change like that.”
Tuesday’s Committee on Science, Space and Technology hearing left one with a sinking feeling that the upcoming presidential vote is full of targets for hackers and partisans, notwithstanding efforts by election administrators. When Chairman Lamar Smith, a Texas Republican, was repeatedly told he should be confident that there was a paper ballot backup trail, and ability to do post-voting audits and recounts in three-quarters of the states, he politely told the committee room he was not reassured.
“By the way, when I hear you all recommend paper ballots I wince a little bit, because those of us from Texas have sometimes read about what happened in the 1950s when a ballot box was stuffed with paper ballots and it changed the outcome of a Senate race and perhaps elected the next president—so I sometimes worry about paper ballots as well.”
That notorious race (actually in 1948) elected Lyndon Baines Johnson, the future 36th president, to the U.S. Senate. As surreal as that comment was, it fit in with the warning from the Rice University computer scientist.
“As [former Secretary of Defense] Donald Rumsfeld said, you go to war with the army you have, not the army you might wish to have at a later time,” Wallach said. “We face a similar situation this November with our systems for voter registration, casting and tabulating elections. None of them are ready to rebuff attacks from our nation-state adversaries nor can we replace them in time to make a difference. Despite this, we can take pragmatic steps such as verifying the integrity of election database backups, and we can make contingency plans on how we may respond, if and when we do detect attacks.”
Photo via Flickr/Amanda Wood