U.S. voting systems are vulnerable to attack
by JOSEPH COX
After partial vote recounts in certain states, U.S. election officials found no evidence that votes had been manipulated by a cyberattack on voting machines, security researchers told an audience at the Chaos Communication Congress hacking festival on Dec. 28, 2016.
But the researcher warned that an attack is still possible in a future election — and called for a deep overhaul of voting-machine security and related legislation.
“We need this because even if the 2016 election wasn’t hacked, the 2020 election might well be,” J. Alex Halderman, a professor of computer science at the University of Michigan, said during a presentation with Matt Bernhard, a computer science Ph.D student.
Halderman’s and other security experts’ concerns made headlines in November when he participated in a call with Hillary Clinton’s campaign about a potential recount in some states. Green Party candidate Jill Stein subsequently held a crowdfunding campaign to finance the recounts.
“Developing an attack for one of these machines is not terribly difficult,” Halderman, who has extensively researched voting machine security, said during the talk. “I and others have done it again and again in the laboratory. All you need to do is buy one government surplus on eBay to test it out.”
According to the researchers, the partially completed recounts provided no evidence of a cyberattack in Wisconsin or Michigan. Campaigners also pushed for a recount in Pennsylvania, but that was ultimately blocked by legal challenges.
“Honestly, we were all kind of surprised we didn’t find anything,” Bernhard said in a separate interview.
During the talk, Halderman laid out a series of previously disclosed issues with voting machines, including those that can end up in a piece of malware changing votes to a desired winner.
With that in mind, the pair made a call for dramatic improvements to voting systems and corresponding laws. Bernhard said he wanted vulnerabilities to be fixed — and he also called for new cryptographic mechanisms for verifying the authenticity of a vote.
Fixing existing systems will be a serious challenge though, because distributing patches is tricky when each different version of a voting machine comes with its own idiosyncrasies, Bernhard explained. Another issue is that many voting machine companies have gone broke or are otherwise out of business.
“The infrastructure to even push a patch may not even be around anymore because it died with the company that originally built the machine,” he said.
In some ways, the law around elections has not kept up with voting technology either.
“Computerized voting wasn’t around even thirty years ago,” Bernhard said. Forcing states to only deploy machines that used a decent level of encryption or to carry out source code review of the machines could be improvements.
Of course, reform will only come about when there is the will to put in the work, said than done, and it’s not totally clear where that pressure would actually come from.
Bernhard pointed to the STAR Vote project in Travis County, Texas as an election system in the United States that’s actually undergoing improvement. In this case, county officials decided they wanted to buy new voting machines, realized the machines were insecure — and called up security experts to help build their own, Bernhard said.
“I think county clerks and election administrators are probably one of the better sources where the pressure can come from, especially since they have the knowledge of the specific constraints.”
But the pressure almost certainly won’t be coming from the top down. That’s in part because of the U.S. election’s decentralized nature, but also that those at the top — namely, the winner of the election — is unlikely to push for reform.
“We’re hoping that there will now be public pressure to increase election integrity,” Bernhard said.
Originally published at motherboard.vice.com.