How Electronic Voting Could Undermine the Election

As foreign hackers target election data, voters may lose faith in digital ballots.

It's 2016: What possible reason is there to vote on paper? When we use touchscreens to communicate, work and shop, why can't we use similar technology to vote?

A handful of states, and many precincts in other states, have already made the switch to voting systems that are fully digital, leaving no paper trail at all. But this is despite the fact that computer security experts think electronic voting is a very, very bad idea.

For years, security researchers and academics have urged election officials to hold off on adopting electronic voting systems, worrying they’re not nearly secure enough to reliably carry out their vital role in American democracy. Their claims have been backed up by repeated demonstrations of the systems’ fragility: When the District of Columbia tested an electronic voting system in 2010, a professor from the University of Michigan and his graduate students took over it from more than 500 miles away to show its weaknesses; with actual physical access to a voting machine, the same professor—Alex Halderman—swapped out its internals, turning it into a Pac Man console. Halderman showed a hacker who has access to a machine before election day could modify its programming—and he did so without even leaving a mark on the machine’s tamper-evident seals.

But it wouldn’t even take a full-fledged cyberattack on an electronic voting system to throw a wrench in a national election. Even the specter of the possibility that the American electoral system is anything but trustworthy provides ammunition to skeptics to call foul if an election doesn’t go their way.

That’s the argument Dan Wallach, a computer science professor at Rice University, put forward in an essay earlier this month titled “Election Security as a National Security Issue.” Nicholas Weaver, a professor and security researcher at the University of California, Berkeley, expanded on Wallach’s thesis in Lawfare this month.

“Voting systems need to convince rational losers that they lost fairly,” Weaver wrote. “In order to do that, it is critical to both limit fraud and have the result be easily explained.”

Paper ballots are harder to fudge than votes stored in bits and bytes: A manual recount can help assuage fears of a rigged election. Even voting machines that spit out a voters’ choices on a piece of paper before submitting them are verifiable.

But machines that record votes directly without providing a physical receipt aren’t terribly easy to audit if accusations of fraud begin to fly.

The more voters’ faith in electronic systems is shaken before November, the higher the likelihood voters might question the outcome of an election that includes electronic ballots. Donald Trump has already made repeated predictions that the general election will be “rigged,” even going so far as to recruit volunteer “Trump Election Observers” to monitor polls.

And election-related security issues may already be on voters’ minds after two email hacks this summer, one that targeted the Democratic National Committee, and another that targeted the Democratic Congressional Campaign Committee.

Now, it appears foreign hackers recently made their way into two state voter databases. In response, the FBI quietly sent out an alert earlier this month warning officials to improve the security of their election technology, Yahoo News reported Monday, the same week Homeland Security Secretary Jeh Johnson offered state officials federal help in shoring up election-related cyberdefenses.

The states aren’t identified in the FBI alert, but Yahoo News reports they’re likely Arizona and Illinois, two states that struggled with voting security earlier this summer. In Illinois, hackers appear to have made off with the voter-registration information of about as many as 200,000 voters; in Arizona, attackers don’t appear to have stolen any data.