Tens of thousands of military and overseas Americans casting ballots online this fall face a high risk of being hacked, threatening to cause chaos around Election Day if their votes get manipulated or they transmit viruses to State and Local Election offices.
More than 30 states, including battlegrounds such as: Colorado, Florida, Iowa, Nevada, and North Carolina, allow various methods of online voting for citizens living outside the U.S. While state officials insist their ballots will be counted without any serious problems, ample warnings are nonetheless being sounded from the left, right, and even inside the Federal Government that internet votes can’t be securely transmitted in today’s everything-is-hackable environment.
“It’s not something you would do with your Social Security number. You shouldn’t do it with your ballot,” warned Susannah Goodman, Director of Voting Integrity at Common Cause.
It’s a point of pride for many states that Americans abroad and overseas troops can even cast a ballot online using the latest in technology, giving these voters a say on their next Commander in Chief even if they’re stationed in a remote or even hostile location, like Afghanistan or Iraq.
“We’ll take military votes however they are able to get them to us,” Arizona Secretary of State Michele Reagan, a Republican, said in an interview.
But that kind of patriotic goodwill masks a potent political problem: Even though these online voters represent a small slice of the overall Electorate, any challenges to their ballots’ validity could spark an explosive controversy in an Election darkened by accusations of meddling by Russian hackers and evidence-free claims of mass voter fraud.
“I have great suspicions and worries about any kind of online voting system,” said Hans A. von Spakovsky, a Senior Legal Fellow at the Heritage Foundation and a former member of the Federal Election Commission. “To date I don’t think anyone has come up with a system that can't be hacked.”
The perils plaguing online votes coming from overseas cover some of the same reasons why electronic balloting hasn’t been more widely deployed domestically.
Budget-strapped states struggle to justify the price per vote for setting up such programs, where estimates suggest it can easily cost more than $1,000 per online ballot when accounting for everything from software development to cybersecurity.
Even more concerning is that no one can yet offer any sure-fire guarantees that the votes won’t be tampered with as they make their way back to the U.S. and then as they are integrated with those of the more than 120 million other people who are expected to participate in the General Election. It’s a problem that confounds even Senior Members of Congress.
“I honestly don’t know” how online votes are securely sent back to the U.S., Senate Armed Services Committee Chairman John McCain said in an interview. “It’s concerning, honestly.”
Among the warnings: Voters may be inadvertently returning a ballot laden with malware, such as spyware, that violates its secrecy and make it susceptible to manipulation in transit. Internet voting also can leave the State and Local Government networks susceptible to hard-to-detect cyberattacks once Election officials in the U.S. open up the ballot via email or click on what looks like a seemingly legitimate document.
“How much training have you gotten over the course of your career: Don’t click because of malware or a virus. Now you have someone sitting in the most sensitive office in the City or County Government clicking on every friggin’ attachment,” said Jeremy Epstein, a Senior Computer Scientist at the nonprofit research center SRI International and an expert on voting mechanics. “It’s just so tempting to send malware to one of these addresses,” Epstein added. “If someone is targeting the election office, this is the way to do it.”
Under current law, ballots must be sent to military members and other Americans residing overseas at least 45 days ahead of an Election. Everyone is allowed to send their votes back via traditional mail, but in a bid to increase participation rates, 31 states plus Washington, D.C., currently give voters an opportunity to return them electronically. The delivery systems vary by State and include fax, email or a web-based portal. Alaska also allows Absentee ballots to be returned by email for all its voters.
Those participating State programs all have their own unique history, rules and regulations for online voting, and in some instances extra safeguards have been put in place to try to shore up their cybersecurity. But they’ve also all proceeded without any official guidelines from the Federal Government. In fact, several departments have gone out of their way to urge caution when it comes to voting over the internet.
The Pentagon, which nixed a wide-scale pilot internet voting program in 2004, said in a statement that the department had no formal position on the issue. “States and localities are responsible for the security of elections and the privacy of the ballot,” said Laura Ochoa, a spokeswoman in Defense Secretary Ash Carter’s office. “They are ultimately responsible for what services are offered to voters and the risks that those services entail.”
Addressing the potential expansion of internet voting earlier this year at a cybersecurity conference, a top Department of Homeland Security staffer said his office “does not recommend the adoption of online voting for elections at any level of government at this time.” “While the convenience of being able to cast a ballot electronically may be appealing, the potential benefits do not outweigh the serious risks associated with online voting,” said Neil Jenkins, the Chief of Policy and Planning at DHS’ Office of Cybersecurity and Communications. He outlined a series of risks, including the loss of privacy and confidentiality and even the “manipulation of votes and election results which may not be detectable before officials are sworn into office.”
Similar warnings about online voting have come from the Commerce Department’s National Institute of Standards and Technology, which last examined the issue in a 2011 report and found there was no audit system for online voting that was comparable to what existed for in-person balloting.
Officials from several of the states that have opted against using internet balloting said that they preferred an analog approach for accepting the votes from overseas residents. “We’re barely ready for internet commerce,” said Christopher Thomas, the Director of Elections in Michigan, one of the 19 states that accept ballots from military voters and Americans abroad only via traditional mail. Local Governments, Thomas added, can be especially vulnerable to hacked internet ballots from overseas since they’d be the primary entry point, and they’d be particularly outmatched if they’re facing off against a Nation-State adversary like Iran, China or Russia that’s intent on meddling with a presidential election.
In Georgia, about 13,000 ballots came back by traditional mail during the 2012 Election, and the State has no plans to change things up this cycle either. “We didn’t feel comfortable being able to make sure that, returning the ballot electronically, that we could protect the security of that,” said Brian Kemp, Georgia’s GOP Secretary of State.
State officials running online voting programs for their residents abroad said in interviews that cybersecurity is a top priority. In Colorado, for example, a new encrypted channel has been established for all returning ballots, which come in at the State level before being fed out to the Counties. “If there’s something that shows up that appears odd in our system, we notify the voter of this,” Colorado Secretary of State Wayne Williams, a Republican, said in an interview.
The states that have votes arriving via email also described an additional firewall against hack attacks, noting the ballots don’t actually get fed directly into their official networks. Instead, Local officials will open up the votes that come in via fax, email or portal and then enter the results by hand. “We don’t see this as any sort of increased risk to our voting system,” said Utah Lt. Gov. Spencer Cox, a Republican and Lead Election official in his state. He expects about 3,000 ballots to be returned in 2016 from overseas military voters, as well as many Mormon missionaries living abroad. “It’s more of a convenience factor,” he said.
But this could lead to data entry errors.
Matthew Dunlap, the Democratic Secretary of State in Maine, said he expects about 3,200 online ballots to be returned this year. “You secure it the best way you can,” he said. “It’s something we’re on our toes on quite a bit.”
But critics of online balloting counter that the states accepting votes over the internet are overlooking the myriad threats that come with anything that gets transmitted online. Individual hackers or Foreign Countries interested in messing with the Presidential Election, they say, would find this to be one of the weakest links in the whole U.S. system.
“It’s a fortunate thing that Alaska has only Three Electoral Votes,” said Epstein. “If I were an adversary and I had a state that was all internet-based, that’s a hell of a lot easier than hacking into the individual voting machines.”
NYC Wins When Everyone Can Vote! Michael H. Drucker
1 comment:
I have been using Kaspersky security for a couple of years, I'd recommend this solution to all you.
Post a Comment