Numerous electronic voting machines used in United States elections have critical exposures that could make them vulnerable to hacking. Security experts have known that for a decade. But it wasn’t until Russia meddled in the 2016 US presidential campaigns and began probing digital voting systems that the topic took on pressing urgency. Now hackers, researchers, diplomats, and national security experts are pushing to effect real change in Washington. The latest update? It’s working, but maybe not fast enough.
On Tuesday, representatives from the hacking conference DefCon and partners at the Atlantic Council think tank shared findings from a report about DefCon’s Voting Village, where hundreds of hackers got to physically interact with—and compromise—actual US voting machines for the first time ever at the conference in July. Work over three days at the Village underscored the fundamental vulnerability of the devices, and raised questions about important issues, like the trustworthiness of hardware parts manufactured in other countries, including China. But most importantly, the report highlights the dire urgency of securing US voting systems before the 2018 midterm elections.
“The technical community … has attempted to raise alarms about these threats for some years,” said Frederick Kempe, president and CEO of the Atlantic Council, in a panel discussion. “Recent revelations have made clear how vulnerable the very technologies we use to manage our records, cast our votes, and tally our results really are … These findings from the Voting Village are incredibly disconcerting.”
Fortunately, the past few months have seen signs of progress. The Department of Homeland Security is moving forward with its critical infrastructure designation for voting systems, which frees up resources for helping states secure their platforms. The Texas Supreme Court is currently considering a lawsuit challenging the state’s use of digital voting machines. And in Virginia, state officials are converting voting systems to use paper ballots and electronic scanners before the November 7 elections. They say the change was motivated by the findings at DefCon’s Voting Village.
Susan Greenhalgh, an elections specialist for the vote-security group Verified Voting, which worked with Virginia officials this fall, applauded the “transition into real-world change” that had transpired in just the last few months.
Virginia and Texas represent important progress, but plenty of work remains. Five states still rely solely on digital voting machines without paper backups, and at least 10 states have mixed voting infrastructure, with certain counties that use digital voting without paper. These systems are the most vulnerable to manipulation, because you can’t audit them afterward to confirm or dispute the digital vote count in the case of suspected tampering.
“The one core point that election security experts and others have been making about why our votes are safe was that the decentralized nature of our voting systems, the thousands and thousands of voting offices around the country that administer the election, is what kept us safe,” Jake Braun, a DefCon Voting Village organizer and University of Chicago researcher said. “Because Russians [or other attackers] would need to have tens of thousands of operatives go get physical access to machines to actually infiltrate the election. We now know that’s false.”
With only a handful of companies manufacturing electronic voting machines, a single compromised supply chain could impact elections across multiple states at once. The Voting Village report emphasizes that there is a huge amount of change required in the US to address security issues at every point in the election workflow, from developing more secure voting machines to sourcing trustworthy hardware, and then actually setting up voting system devices and software for use in a secure way. DefCon founder Jeff Moss says that the goal for next year’s Voting Village is to have a full election network set up so hackers can evaluate and find weaknesses in a complete system, not just individual machines.
The Department of Homeland Security recently confirmed that Russia infiltrated various election-related systems in 21 states during 2016, and access to a full voting-system setup would give security researchers additional real world insight into defending US voting infrastructure. But as was the case with acquiring real voting machines for last summer’s conference, Moss says it has been extremely difficult to gain access to the third-party proprietary systems that states use to coordinate voting.
“I would love to be able to create any kind of a complete system, that’s what we’re aiming for,” he said during the panel. “The part that’s really hard to get our hands on is the backend software that ties the voting machines together to tabulate and accumulate votes, to provision voting ballots, to run the election, and to figure out a winner. And boy do we want to have a complete voting system for people to attack. There’s never been a test of a complete system—it’s just mind boggling.”
DefCon’s voting village and interdisciplinary partnerships are certainly raising awareness about election security and motivating change, but with some elections just a few weeks away and the midterms rapidly approaching, experts agree that change may not be coming quickly enough.
“We’ve got a lot to do in a short period of time,” said Douglas Lute, a former national security advisor to President George W. Bush and former US ambassador to NATO under President Barack Obama. “In my over 40 years of working on national security issues I don’t believe I’ve seen a more severe threat to American national security than the election hacking experience of 2016. Russia is not going away. This wasn’t a one shot deal.”