Hacking Elections

Donald Trump and Hillary Clinton are not the only ones attempting to sway voters ahead of November, as emerging evidence suggests Russia has been using cyberattacks to attempt to influence this year’s election. “Based on briefings we have received,” Senator Dianne Feinstein and Rep. Adam Schiff, the ranking members of the House and Senate Intelligence Committees, said in a joint statement in September, “we have concluded that the Russian intelligence agencies are making a serious and concerted effort to influence the U.S. election.”

Already, Russian hackers have been accused of leaking damaging internal documents from the Democratic National Committee, probing voter databases in a number of states, and a host of other cyber-related incidents. “At the least, this effort is intended to sow doubt about the security of our election,” Feinstein and Schiff said.

But Moscow could go a step further and try to directly alter the election results by hacking voting machines. One quarter of registered voters in the United States use electronic voting machines with no paper backup, and security experts warn these systems can be hacked. Bruce Schneier, a research fellow in the Belfer Center’s Cyber Security Project, recently wrote: “Over the years, more and more states have moved to electronic voting machines and have flirted with Internet voting. These systems are insecure and vulnerable to attack.”

Security experts have little faith in our ability to make our electronic voting booths secure. Richard Clarke, a Center affiliate and former senior White House official, recently stated bluntly: “If it’s a computer, it can be hacked.” Schneier agreed, writing that the only way to ensure votes are secure from manipulation is by returning to “voting machines with voter-verified paper audit trails, and no Internet voting. I know it’s slower and less convenient to stick to the old-fashioned way, but the security risks are simply too great.”

Michael Sulmeyer, director of the Belfer Center’s Cyber Security Project, also believes these voting booths can’t be made “perfectly secure,” but contends that this is just a small part of the larger problem. He points out that even if the electronic voting booths aren’t penetrated, “there is a whole infrastructure behind them that can be compromised.” One example is a determined foe altering the vote count by hacking into the computer networks that transmit the results from the precincts.

Sulmeyer also worries about the vulnerability of the country’s major media outlets, which serve as the primary conduit to the American people. “I don’t see much conversation about how they are preparing themselves to ensure that they don’t get hacked or that they aren’t the unwitting victims of bad information,” he said during a recent interview.

Ultimately, the vulnerabilities of the U.S. electoral process will not be solved before the current election, and cyberattacks are likely to become a permanent fixture of the democratic process in the future. One obstacle to making the election infrastructure more secure is the fact that state and local governments are largely in control of it. Although this decentralization complicates the hackers’ jobs—since they can’t hack into one centralized system—it also limits the federal government’s ability to force states to adopt best practices. And this doesn’t even take into account the myriad other organizations, such as the independent media and political parties, that also play a large role in America’s democracy.

WATCH:

An October JFK, Jr. Forum, “Can the Election be Hacked?” with Dmitri Alperovitch from CrowdStrike, can be viewed online at:

belfercenter.org/ElectionHackForum