Cast ballot for tighter security on voter data

U.S. should always think of election websites as critical infrastructure to be protected

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

The FBI has issued a warning that state board of election websites are being targeted by hackers, and in at least one case, voter data has been stolen. Yahoo News reporter Michael Isikoff first wrote about the attack and posted the FBI warning online (against the FBI’s wishes).

Clearly the FBI is taking it seriously. The agency has warned others states to scan their logs for attacks and offered to help them secure their systems just a few months before a major national election.

Related story: Trump is spammers’ best friend

As with all such hacking stories, it’s always challenging to put the scare into perspective, however.

Isikoff reported—outside of the bulletin—that the state of Illinois’ system was successfully attacked and hackers stole data on 200,000 residents through the state’s voter registration system.

On the surface, it’s not that scary, though it sounds like it. Voter registration records are for sale in most places. And they have found their way online before. A report last December described the exposure of 190 million voter records.

Many states now have “check your voting registration record” portals online. All I needed was a name and a birthday to find mine, so that’s easily “hackable.” But all you get when you “hack” me is my street address and a list of elections I’ve voted in (not who I’ve voted for, just when I voted.)

So “hacking” a few hundred thousand such records isn’t that scary.

On the other hand, there could very well be more going on. For starters, the notion that someone is probing state election websites for holes is scary enough, let alone finding holes. Maybe it’s someone just looking for birthdays. But it’s easy to imagine it’s someone looking to use those computers as a jumping-off point—to escalate privileges.

It’s not hard to conjure the possibility that a hacker could impact votes themselves, and possibly change an election outcome. You might imagine a hacker escalating from board of elections servers to vote tabulation machines. That’s a pretty big leap, however. Very few states use electronic voting machines, so paper records are available to double-check election results.

More alarming, however, is the servers those board of elections computers talk to. In most states, voters can be required to provide some kind of authentication document, like a driver’s license. How are licenses squared with voter records? The databases have to talk somehow. And that’s where you can start to imagine all kinds of chaos. Can board of elections hackers find their way to driver’s license numbers? Photographs? Other data that would be a treasure to ID thieves?

For guidance on this, I turned to Harri Hursti and Maggie MacAlpine. The duo routinely perform audits on voting systems in the United States and around the world. Hursti also is the creator of the famous “Hursti Hack,” which was the first documented attack on Diebold electronic voting machines that managed to actually change votes.

For starters, both confirmed that in states they’ve audited, voter registration lists maintained by states could contain data beyond what’s typically considered voter registration data—name, address and party affiliation.

MacAlpine offered up this list of potential havoc hackers could accomplish with stolen registration data:

• Wipe voters in order to cause havoc

• Send people to impersonate voters

• Wipe people strategically

• Intimidate voters if they’ve got the “wrong” voting record

• Engender distrust in the democratic systems’ ability to protect people’s information. People may choose not to register or maintain their registration if this became a widespread threat.

Hursti adds that even a small theft could cause chaos in a specific voting area. “With 200,000 records you can throw an election into chaos,” he said.

But he was even more worried about an often-overlooked attack plan—adding records. Creating fake voters. “Is there a field in this database where you can insert records?” he asked. “People are always looking at what is stolen, but sometimes you steal things to distract people from what you are adding.”

There are plenty of steps in the U.S. election process—clunky as it is—that would mitigate such an attack. Should voters be erased from registration records, they can still fill out provisional ballots at polling places, for example. So again, it’s important to temper the fear here.

To answer the question still hanging—it would be difficult for Russian hackers to flat-out steal a presidential election electronically. (It would be much easier in an election like 2000, where a few votes in predictable places could cause a swing. But those problems go far beyond Russian hackers, as I’m sure you know.)

On the other hand, it’s not hard to imagine a local election being wrecked by hackers, and already-skeptical voters becoming even more disillusioned with our democratic process, which might be the biggest hack of all.

That’s why MacAlpine says this incident is an important reminder that the United States needs to invest a lot more in election integrity.

“This reinforces the importance of treating voting as critical infrastructure,” she said. “There are small counties where they would never discover this kind of attack. They don’t have infrastructure or budget to do a cyber audit. We only care about this because it’s a presidential election year. But we can’t care about electrion security only once every four years.”

More stories related to elections and hacking:
Novel raises question of whether election could be hacked
How hackers could influence the presidential election
Your campaign contribution could expose you to identity theft