Did Republican nominee Donald Trump just ask Russian strongman Vladimir Putin to cast the deciding vote in the US presidential election?
On Wednesday morning, Trump said he hoped Russia would find and publish 30,000 e-mail messages deleted by his Democratic rival, Hillary Clinton, from the personal server she used as secretary of state. It was a startling spectacle: a presidential candidate urging a foreign government to play a role in America’s game of thrones.
But there’s a chance Putin is already a player. The trove of embarrassing e-mails stolen from the Democratic National Committee, which were leaked to the press just in time for this week’s party convention in Philadelphia, were probably swiped by Russian hackers, according to US intelligence officials and independent cybersecurity companies.
Russia’s apparent election tampering — and Trump’s call for the Russians to expose Clinton’s deleted e-mails — shows that the insecurity of America’s data networks could undermine our ability to hold free and fair elections. But if the Russian president would go this far to pick our next president, why not take the direct approach? Why not tamper with the computers that manage the nation’s voting systems?
Maybe that has already happened. Those voting systems are certainly vulnerable.
“I wouldn’t be surprised, in light of the DNC, that major voting systems have been compromised,” said Ron Rivest, a founding father of modern encryption systems and a Massachusetts Institute of Technology professor who won the Turing Award, computing’s version of the Nobel Prize. “We do need to be concerned about the integrity of our voting systems in the face of possible attacks by foreign nation-states.”
In Massachusetts, and in most of the United States, people still do their voting on paper ballots. But according to Verified Voting, an organization that tracks electoral technology, voters in a dozen states can use all-electronic voting machines, where the only record of a citizen’s vote is stored on a hard drive or a memory chip. What might happen if hackers managed to infiltrate these machines, or the networks that collect and count votes from them?
“If it’s a swing state, those votes could conceivably decide which party wins that state,” said Barbara Simons, past president of the Association for Computing Machinery and an adviser to the US Election Assistance Commission, a federal body that oversees voting guidelines. Some machines don’t even generate a paper printout of the voter’s choices, so you can forget about setting things right with a recount.
Peter Lichtenheld, vice president of operations at Hart Intercivic Inc., a Texas-based maker of electronic voting machines, said his company’s machines can generate a paper record of each vote. But he added that some states, including Texas, do not require it. Lichtenheld also said that in most states where they’re used, electronic voting machines are rigorously tested before and after each election, to eliminate any risk.
Still, he acknowledged computer security experts are suspicious of electronic voting systems. “The more technologically savvy the person is,” Lichtenheld said, “the more certain they are that somebody is doing something nefarious to their vote.”
Voting directly over the Internet could be even more problematic. Today, 31 states allow military personnel posted abroad, as well as overseas travelers, to cast their ballots via the Internet. This is usually done by attaching a PDF copy of the ballot to an e-mail message.
But in 2014, researchers at a company in Oregon proved that hackers could tamper with the PDF ballots in transit. “Anybody who can intercept the e-mail can change the ballot,” warned Simons.
And think about the risk of a massive “denial of service” attack. A foreign foe could take command of thousands of malware-infected computers, ordering them to flood election servers with vast amounts of junk traffic. It’s an old, crude tactic that could have a devastating impact on Election Day.
Bev Harris, founder of the nonprofit election watchdog group Black Box Voting, said the computers that local election officials use to tabulate votes from multiple precincts are routinely connected to the Internet. “That computer is generally online, before, during and after the election,” Harris said. “If you can control the one machine that controls them all, that’s all you need.”
Duncan Buell, a professor of computer science at the University of South Carolina, worries about yet another threat: the deliberate corruption of voter registration data. “One easy way to disrupt an election would be to go into the voting lists and change a few thousand addresses,” Buell said. This would be especially disruptive in Washington state, Oregon, and Colorado, which conduct elections by mail.
At the heart of all these problems is a failure to give American voting technology the attention it deserves. After the punch-card ballot fiasco in Florida during the deadlocked presidential vote of 2000, there was a surge of reform proposals, along with federal funding for voting system upgrades.
And yet we still have patchwork of voting systems. That’s because officials in each state set the standards for voting technologies, and MIT’s Rivest said some don’t invest in keeping those systems secure and up to date.
“States tend to prefer to put money into roads and fire stations instead of voting systems,” Rivest said. When there is money for modernization, some officials are seduced by electronic hardware that promises to boost turnout by making it easier to vote.
“Some of those arguments have some merit to them,” Rivest said, “but the security argument trumps them all.”
After whistle-blower Edward Snowden revealed the astonishing scale of the National Security Agency’s spy operations, Russia’s intelligence service announced that it would go back to using unhackable typewriters to generate its most sensitive documents. Given the evidence that Russian hackers are tampering with our election, America should learn the same lesson, and stick with the safest voting technology ever devised: pen and paper.
Hiawatha Bray can be reached at firstname.lastname@example.org. Follow him on Twitter @GlobeTechLab.