juanjo tugores - Fotolia
Why U.S. election security needs an immediate overhaul
There's no evidence that threat actors have been able to manipulate or change vote counts in our elections, but Kevin McDonald says that doesn't mean it can't -- or won't -- happen.
As several 2018 midterm House and Senate races hung in the balance waiting for contested recounts and potential court battles, I couldn't help but think about how so few votes can have such a massive impact.
No matter where you fall on the political spectrum, the prospect of election interference should be disturbing to you. Few things can shake up an electorate's confidence in the legitimacy of a government more than election tampering.
Dead or ineligible people voting or bad actors messing with registration rolls are serious concerns. But few things are more disconcerting for U.S. election security than foreign governments attempting to interfere with our elections using cyberattacks that change votes.
Considering the country-wide consternation after the 2000 presidential election between George W. Bush and Al Gore -- which was decided by just 537 votes in the state of Florida -- it is easy to imagine the Constitutional chaos that would ensue if an election-altering attack was made public. It doesn't take a massive conspiracy impacting millions of votes to alter an election when the margin of victory is so thin.
After Hillary Clinton's historic 2016 loss to Donald Trump and the specter of Russian election tampering via computer hacking, attention to what is now known as fake news and internet troll farms spreading misinformation rose quickly. While I am not one of them, many Americans are convinced the election was essentially stolen by Russian interference.
However, this is not to say Russian threat actors didn't wage an election inference campaign against the U.S. On Oct. 7, 2016, the U.S. Director of National Intelligence and the Department of Homeland Security (DHS) publicly denounced Russia for its actions surrounding the 2016 election.
"The U.S. Intelligence Community (USIC) is confident that the Russian Government directed the recent compromises of e-mails from US persons and institutions, including from US political organizations," the two organizations said in a joint statement. "These thefts and disclosures are intended to interfere with the US election process."
On Jan. 6, 2018, the Department of Homeland Security determined that election systems should be "designated as a critical infrastructure subsector."
In testimony to the Senate Select Committee on Intelligence on June 21, 2017, Jeanette Manfra, assistant secretary for the office of cybersecurity and communications in the Department of Homeland Security, said "DHS began, in August 2016, to receive reports of cyber-enabled scanning and probing of election-related infrastructure in some states. Some of this activity appeared to originate from servers operated by a Russian company." Manfra went on to reveal that 21 states were targeted, while still more were probed via scanning and other efforts.
After two decades in security and technology and having worked in and on defense and critical infrastructure security assessments and remediations, I have serious concerns. Protections provided for our sensitive systems are seriously lacking nearly across the board. No network or device is perfectly secure, and determined actors will generally find a way to achieve their objectives. But the government's attitude about election security is perhaps more concerning than the voting machine vulnerabilities themselves.
Several top officials have put forth weak defenses of U.S. election security efforts. For example, Mantra said, "We assessed that multiple checks and redundancies in U.S. election infrastructure, including diversity of systems; non-internet connected voting machines; pre-election testing; and processes for media, campaign and election officials to check, audit and validate results, make it likely that cyber manipulation of U.S. election systems intended to change the outcome of a national election would be detected."
In a further show of arrogance, Jeh Johnson, former DHS secretary, said in an open session of the House Intelligence Committee that he knew of no evidence of votes being changed or suppressed by cyberthreat actors.
This all brings me the ardent claim made by Manfra earlier this year. "First off, let me be clear: we have no evidence, old or new, that any votes in the 2016 elections were manipulated by Russian hackers."
I understand the need to avoid panic or undue concern, but the weakness of the above assurances is unnerving. U.S. election security is about so much more than just the machines. It is about the entire process, from registration to ballot delivery and return. This includes how votes are cast and counted and how they are reported and documented.
Let's look at just a few known issues with election security:
- A ProPublica survey found that more than one-third of all the counties that are currently reviewing close elections have hackable email systems. With the prevalence and effectiveness of confidence scams in which email is hacked to impersonate a powerful person, this is a serious issue.
- A program called CrossCheck was designed to improve election security by ensuring voters only voted in one county. CrossCheck was found to be insecure while also holding the information of nearly half of America voters. The users were using only rudimentary passwords, sharing them readily and not using multifactor authentication
- A number of states are using electronic voting machines that don't produce any kind of paper trail. According to a study by the Center for American Progress, 14 states were rated as unsatisfactory in the category of voter-verified paper audit trail. For example, Kansas has 15 counties that use electronic machines with no paper ballot or receipt, which means there is no paper trail to check against electronic vote counts. Kansas also allows overseas voters to submit their votes electronically. These systems are fraught with potential for bad actors to interfere.
- In April of 2018, election technology vendor Election Systems and Software (ES&S) acknowledged to Sen. Ron Wyden (D-Ore.), that they had "provided pcAnywhere remote connection software to a small number of customers between 2000 and 2006." ES&S claims it was only used to do maintenance work on the machines. I say where there is potential remote access, there are potential opportunities for hacking. This is also true for machines with Bluetooth, cellular and wireless access capabilities.
- A flaw, first disclosed in a 2007 report by the Ohio Secretary of State, is still present in the heavily used Model 650 ballot-counting machine from ES&S, according to a report from Defcon's Voting Village. The report claims the M650 voting machine is used in nearly half of the states in the U.S. While ES&S claims that leveraging the flaw requires physical access, Defcon researchers said that they can access machines remotely and hack them in two minutes.
- A replica of the Florida state elections website was hacked by an 11-year-old girl at this year's Defcon voting machine hackathon. Seriously.
- Election officials are in way over their heads and election organizations are underfunded. California's top election official and Secretary of State Alex Padilla said at a Defcon 2018 panel, "While I thank the United States Congress for appropriating $340 million last month, let me be abundantly clear: We need more resources." This is from the 8th largest economy in the world. If California is begging for cash, who knows what other, far less affluent states are feeling.
- Based on a 2016, top-secret National Security Agency document published by The Intercept, it is very obvious that not only did Russians attempt to access election systems, but they also succeeded and likely used that data to continue their influence campaigns. The document also shows there is no confidence to say what did not happen because officials just don't and cannot know.
The fact that there has been no evidence of vote changes does not mean they did not occur, especially when the security of the systems lack basic cyberdefenses.
Any statement by our government about U.S. election security rings hollow. They do not have any way of making such declarations with veracity. These statements are coming from the same agencies that watched as data for some of our most sensitive weapons systems was stolen by the Chinese, and whose own hacking tools were released to the public.
So what does this all mean? If we hope to trust our election systems and, therefore, our democracy, we have to get serious about the election security issue. We have to demand that our do-nothing elected officials pony up for much-needed improvements. We have to demand that some standards for the security of our national elections are developed and enforced.
The $340 million approved for U.S. election security this past year is too little and too late. Frankly, I am over the excuses. There is money to be found in government waste, which we all know about.
Last year, former Republican Senator Jeff Flake released a book cleverly titled Wastebook: PORKemon Go, which highlighted 50 absurd things on which the government spends taxpayer money. The list includes things like a $74 million program that allows for taxpayer-funded loans to be repaid with peanuts and $3.5 million to study why people are afraid to go to the dentist. I think our election integrity is more important. Don't you?