fb-pixel Skip to main content
hiawatha bray | tech lab

Russians can’t hack the US election, but they could warp it

Voters cast ther ballots in Seabrook, N.H., during that state’s presidential primary on Feb. 9.Pat Greenhouse/Globe Staff/file

We’re outsourcing everything else in America these days. Why not vote fraud?

I grew up in Chicago, where the crooks who stole elections were of the home-grown variety. Now, the Russians are getting into the act, with clever computer hacks designed to disrupt US elections by remote control.

Federal officials say that Russian hackers are behind breaches of voter registration systems in Arizona and Illinois, and a breach at a contractor for the Florida elections office. In addition, “there have been attempted hacks in almost every state,” said Denise Merrill, Connecticut’s secretary of state and president of the National Association of Secretaries of State.


It’s conceivable such attacks could throw the Nov. 8 election into chaos. But it’s improbable. Hackers can’t get into our voting machines and outright change results.

The hackers can, however, mess with voter registration rolls, possibly affecting who can vote on Election Day. That would definitely sow confusion, but again, specialists and elections officials insist that there are enough safeguards and backups to protect the integrity of the vote.

Nonetheless, even the whiff of a threat is hardly welcome in the current political environment. For days now, Donald Trump has been whipping up public outrage with claims that the US election is “rigged.” Evidence of Russian attacks on our voting system would reinforce that narrative and could further embitter an already vitriolic presidential race.

Let’s consider some background about how elections work.

Thanks to the American tradition of federalism, elections are wonderfully decentralized. Votes are recorded at 13,000 local jurisdictions, each with its own bureaucracy and technology. And through a combination of good sense and happy accident, those voting systems can’t really be hacked remotely for the simple reason they are not connected to the Internet.

In a previous article, I quoted an expert who said that some vote tabulation systems are online. Wrong, according to the National Association of Secretaries of State. “The equipment that people vote on is not connected to the Internet,” the association said in an open letter to Congress in September. “Vote counting is never done with systems connected to the Internet, and tabulation systems are not networked.”


Sure, there are weak spots. For example, Virginia in 2015 decertified thousands of older touchscreen voting machines after an investigation determined hackers could break in via their Wi-Fi cards and change voting results.

There are also 31 states that allow Americans overseas to submit their votes electronically. But even these votes are printed out on paper before being counted. Any effort to tamper with a significant number of them would likely be easily detected.

Back in the States, voting remains resolutely offline. In Massachusetts, for instance, ballots are collected and counted by a scanner in each precinct. The count is put onto a printout or stored on a digital memory card, and this is carried to the community’s town hall, where the votes are recorded.

“It’s a closed system,” said Brian McNiff, a spokesman for Massachusetts Secretary of State William F. Galvin. “It’s not on the Internet.”

A far bigger risk are all-electronic machines that don’t generate a paper record of each vote that can be used in a recount. These are used in about a dozen states and ought to be retired. Still, since they are not connected to the Internet, they’re not in danger of being hacked from afar.


But some state systems that collect and store information about which voters are properly registered to cast a ballot are online, and it’s here where the bad guys could get in and do some damage.

The most serious threat would be a partial deletion or corruption of voters’ data, such that people may show up at the polls Nov. 8 only to be told that they weren’t registered to vote, on a large enough scale, such an attack could cause severe disruptions.

But voter registration data is typically printed out by election officials in advance. Think of those thick books they use at the polling place to check off your name. A proper hack would likely have to occur weeks ahead of the election and, just as likely, would be spotted. Indeed, federal officials are on high alert, and the Department of Homeland Security said 33 US states and 11 local governments so far have asked for help in checking the security of their voting systems.

Even if hackers were somehow able to get past these defenses and corrupt the registration files, there are workarounds. In most places, you can show some ID and cast a provisional ballot that will preserve your vote until the voter database is restored from a backup copy.

One troubling possibility would be a hack of the Associated Press, which provides news organizations around the country with updated vote totals throughout election night. Imagine a report coming out early in the night that falsely shows Hillary Clinton sweeping every state in the Eastern United States; that might discourage Donald Trump voters in Western states from coming out to vote. Then when the official — and accurate — results are revealed, there’d be a firestorm of public outrage.


An AP spokesman declined to describe his organization’s security plans, simply saying that “AP has been working diligently to ensure that vote counts will be gathered, vetted and delivered to our many customers on Nov. 8.”

Merle King, executive director of the Center for Election Systems at Kennesaw State University in Georgia, is in the camp of those who think it’s highly improbable hackers will disrupt the election. But, as King warns, they might not have to, as the mere suspicion of electoral hacking has further poisoned an already toxic political climate.

“It’s a pretty high risk that after the election we’re going to be dealing with the fallout,” King said. “I think it is starting to combine with other factors to erode confidence in the outcome of the election.”

Hiawatha Bray can be reached at hiawatha.bray@
. Follow him on Twitter @GlobeTechLab.