Security experts have warned for years that hackers could penetrate electronic voting systems, and now, leaked national security documents suggest a concerted effort to do just that in the 2016 US election.
An intelligence report revealed this week showed a cyberattack that targeted more than 100 local election officials and software vendors, raising the prospect of an attempt, possibly led by Russia, to manipulate votes.
The top-secret document from the National Security Agency, published by online news outlet The Intercept, stops short of drawing any conclusions about the impact of the attacks and whether it affected any ballots. But it suggests hackers got deeper into US voting systems than previously believed.
“These are our worst fears,” said Joseph Hall, chief technologist at the Center for Democracy and Technology, who researches voting systems.
“For over 15 years, I and a lot of other people have said we had never seen a confirmed hack of voting systems. We’re not going to say that anymore.”
Hall said systems could be vulnerable because localities that manage elections rely on private software sellers that may lack resources against a well-funded cyber adversary.
“A lot of those vendors are quite small,” Hall said. “There’s not a lot of hope when you have are going up against an 800-pound bear.”
Russian President Vladimir Putin has denied any effort to influence the 2016 US election. But the report suggests meddling went beyond psychological warfare to an attack on voting systems themselves.
Hacking elections “has always been thought of as a theoretical possibility, but now we know it is a real threat,” said Susan Greenhalgh, a researcher with the Verified Voting Foundation, an election systems monitor.
“We need to ensure our voting systems are resilient going into 2018 and 2020” elections, she added.
Alex Halderman, a University of Michigan computer scientist whose projects have included simulated hacking of voting machines, called the latest disclosures “significant.”
“This shows Russia was interested in attacking the computer infrastructure that operated the election and raises important questions including how far they got,” he told AFP.
While voting machines are not connected to the internet, most of the electronic systems need to be programmed with computers which are connected, opening up security holes.
“If you can manipulate that ballot programming you can often exploit the vulnerabilities,” Halderman said, opening the door to vote tampering.
– Long-term impact –
Andrew Appel, a Princeton University computer science professor who has studied election systems, said that if the report is accurate and the cyberattack occurred days before the November vote, it would likely have been too late to affect the outcome.
But Appel said any tampering with vote systems could have serious and far-reaching effects.
“If this kind of attack had taken place weeks before the election, it would be cause for significant concern” for the outcome, he said.
“And it’s many weeks now before the next election, and if there has been Russian penetration of our election software systems or anyone else’s penetration, it could continue to affect vote counting for years.”
Appel said that if ballots are manipulated within a voting machine, “it won’t be obvious, people won’t know about it” unless there is an audit or recount.
Most US states now use optical scanners with paper ballots that can be audited, but a handful employ paperless systems with no paper trail to verify the count.
“Internet elections are even more hackable, and I’m glad we’re not doing that,” Appel said.
Greenhalgh said that even though most jurisdictions have paper ballots which can be used for recounts, “the bad news is the vast majority of the country doesn’t do an audit to catch any errors in the vote counting software.”
Bruce Schneier, chief technology officer of IBM Resilient and a fellow at Harvard’s Berkman Klein Center for Internet & Society, said the report shows the weaknesses of US election systems.
“This (attack) feels more exploratory than operational, but this is just one piece. There are lots of vulnerabilities,” Schneier said. “Election officials are largely in denial. The next election will be no more secure than this election.”