Electronic Voting and the Risk of Cyberattacks
Concerns about potential cyberattacks disrupting this year’s presidential election has federal, state, and local officials – as well as voters – on edge. UConn’s Center for Voting Technology Research, or VoTeR Center, has been conducting research to protect the integrity of electronic election technologies since 2006. Experts at UConn work closely with the Connecticut Secretary of State’s Office to ensure that Connecticut’s election process is reliable and secure. UConn Today asked Professor Alexander Schwarzmann, head of UConn’s computer science and engineering department and the VoTeR Center’s director, to provide a cybersecurity update heading into the Nov. 8 general election.
Q: Should we be concerned about cyberattacks impacting this year’s election?
A: This year the great majority of citizens nationwide will cast their votes with the help of electronic equipment. Electronic voting machines will be used to capture and tabulate the votes, and in some cases electronic devices will be used to check in voters. In essence, all electronic election systems are computers and no computer system is perfect. Computers may malfunction because of inherent design flaws, breakdowns, misconfiguration, user error, or because they are tampered with, possibly maliciously. While electronic voting machines are not supposed to be connected to networks making them immune to Internet attacks, each of these machines is supplied with programs that are specific to each election. If a computer system used to generate voting machine programming is compromised, then incorrect programs may be able to reach the voting machines. Thus, it is extremely important to safeguard the electronic systems used in elections against any malfunction, including malfunctions potentially caused by cyberattacks.
Q: What cybersecurity measures are in place to ensure the integrity of the voting process this year?
A: Working in partnership with the Connecticut Secretary of State’s office, our Center substantially contributes to increasing the confidence of citizens that their votes are recorded correctly. The Center continuously evaluates electronic election systems and develops methodology and tools for performing technological audits of voting machines. Since 2007, the Center has performed technological audits in Connecticut before and after each statewide election. The audits include pre-election analysis of removable memory cards from voting machines and a post-election audit of cards used in the elections. The cards are subjected to integrity testing, including the presence of correct programs and data, and absence of any extraneous or malicious code. Additionally, in conjunction with Connecticut Public Act 07-194, An Act Concerning the Integrity and Security of the Voting Process, Connecticut randomly selects and hand counts ballots from districts chosen in a public lottery. Our Center analyzes the audited returns and assists the state in interpreting the results. Working together with the VoTeR Center, Connecticut has emerged as one of the leading states in the nation in its diligent and judicious use of technology in elections
Q: Some states use electronic touch-screen machines to register votes, and in some cases those machines don’t provide a paper record backup. Are these states more at risk of attack and manipulation?
A: There are two major types of electronic voting equipment: direct recording electronic (DRE) touch-screen machines and optical-scan (OS) ballot tabulators. From a security assessment point of view, DRE’s have attracted most of the criticism, while OS technology is viewed by experts as the safer alternative. Indeed, an important benefit of the OS technology is the voter-verified paper audit trail (VVPAT)—the actual “bubble sheet” ballots marked by voters that enables hand-counted audits and recounts without the reliance on technology. Even if a touch-screen voting machine provides a paper record backup, such records are not directly generated or not strictly verified by the voters. For these reasons, OS tabulators were chosen by Connecticut and endorsed by the VoTeR Center.
Q: Is there a need for independent tests and audits of commercial electronic voting machines to validate their accuracy and reliability separate from vendor assurances?
A: Indeed, independent auditing is extremely important. We cannot be content with vendor-supplied test and audit tools just as we are not content with self-auditing in the financial sphere. This further amplifies the benefit of using optical-scan paper ballot systems. Such systems are what is called software-independent: should there be any concern about the technology used in an election, one can always audit or recount the voter-marked ballots manually.
Q: Besides hacking into the voting machines themselves, are there other ways hackers may try to disrupt the voting process this year? (e.g. tampering with registered voter lists to keep people from voting, etc.) What can we do to prevent these things from happening?
A: There are known cases where nefarious probing of voter registration databases occurred. If such databases are tampered with, this would be a grave concern. It is worthwhile to note that in Connecticut, the voter registration database is on a private network not accessible through the Internet. Another important area of concern is electronic voter check-in. Some jurisdictions are now beginning to rely on electronic devices to check in voters on the Election Day. Often, such devices rely on wireless networking to synchronize voter check-in. This makes them vulnerable to denial-of-service and other attacks. The electronic voter check-in systems are not yet ready for broad deployment. The technology needs to mature first. Noteworthy, Connecticut will not be relying on such electronic systems for voter check-in.