Cyber Security Goes to the Polls

Posted by Michael TitensThis year’s presidential election is different from past elections in many respects, one being the focus on potential cyber threats that could influence the outcome.  At least 33 states have taken up the Department of Homeland Security on its offer to assist with cyber preparedness for election day, including screening internet-facing systems and other vulnerability assessments.  Here is a roundup of recent cyber developments relating to the election. E-mail hacks.  Almost daily, a collection of private e-mails is exposed to the media and the public, with promises of more to come.  A couple of months ago, it was the Democratic National Committee and its chairwoman in the crosshairs.  More recently, e-mail correspondence allegedly from John Podesta has been circulating, leading to articles about potential Clinton running mates and conflicts-of-interest, among other things. The U.S. government reportedly suspects the Russian government of hacking and releasing the e-mails in a manner that might change some votes or at least undermine confidence in the candidates and the election results.  Others aren’t convinced the Russians are behind the hacks.  Regardless of the culprits, the disclosures remind us all to be careful what we write in our “private” e-mails, because they may not be private forever.Voter Registry Information.  Voter registration databases have come under attack and voter information has been stolen from the Illinois database and perhaps others.  These attacks may be for non-electoral purposes – in addition to names and addresses, voter registry information contains birthdates and partial social security numbers that could be of value in the secondary market.  So far, there have been no reports of hackers trying to alter voter information or delete voters’ names from the rolls.  But there is cause for concern.  Changes to the voter rolls could create havoc on election day, including long lines of disgruntled voters (which might discourage some from voting), or even confusion about whether a voter should be able to cast a ballot at all.Voting Machines.  Like so many other aspects of our lives, voting and vote-counting are becoming more automated.  Spurred in part by hanging chads and other challenges, voting authorities around the country have replaced paper ballots with electronic voting machines, many of which do not generate a paper trail that can be reviewed for purposes of a recount.  In most cases the voting and tabulation software has not been updated for years, leading Wired magazine to call our nation’s voting machines “scarily easy targets” for hackers.  On the other hand, CNN has reported that influencing the outcome of the election by attacking voting machines “essentially can’t be done,” because the nation’s voting machines are not connected to the Internet and are not connected to each other.   Therefore, the decentralization and diversity of our voting mechanisms, and the ability to screen and patch existing systems in advance of election day, provide some protection against the vulnerabilities otherwise inherent in our automated systems.Technology and the Internet have changed how we practice democracy in many ways.  On election day, you might map the most efficient route to your polling place on your phone, put an “I voted” sticker in your Facebook feed, and stream election coverage on your tablet.  Of course, these conveniences come with new cyber threats and challenges.  What remains constant is the importance of having your voice heard.  So don’t forget to vote!