Successful computer hacks at major federal agencies, large corporations, and the Democratic National Committee have sparked concern that clever infiltrators from outside the country might attempt to tinker with the 2016 election results.
The Department of Homeland Security asserts there is no credible cyberthreat to the 2016 election results, and state election officials and other experts concur that a grand scale hack is extremely unlikely—at least on a national level.
“Recent high-profile hackings and concerns about the integrity of the vote have been on the front page more than once,” Connecticut Secretary of the State Denise Merrill said in a press conference Wednesday.
Merrill, also president of the National Association of Secretaries of State, added:
It’s highly improbable at best that a national election could be hacked. First of all, there is no national system of elections. Our election system is extremely decentralized, It is run [individually] by all 50 states and within those states, the counties are really responsible.
There was a strong push for internet voting, Merrill said, but that’s not something elections officials around the country found prudent.
“We had pressure to do internet voting, then something happens like Target getting hacked, and people say that’s not such a good idea.”
“The threat of hacking is greatly exaggerated,” @HvonSpakovsky says.
The absence of a national hack threat doesn’t mean zero risk. CBS News reported on a $15 magnetic device, available online, that can be used on individual electronic voting machines. Someone who is knowledgeable could insert the card, reset the machine, and vote more than once.
Hans von Spakovsky, a senior legal fellow at The Heritage Foundation who studies election issues, noted that even at a single polling place, none of the machines are networked. Thus, the scale of the threat is likely less than other voting fraud activities.
“The threat of hacking is greatly exaggerated,” von Spakovsky told The Daily Signal in an interview. “It could be a problem with individual voting machines, but individual electronic voting machines are not part of any national network.”
Nevertheless, lawmakers and commentators raise the possibility, particularly after allegations that the Russian Federal Security Service was behind the hacking of the Democratic National Committee and the Democratic Congressional Campaign Committee in what Sen. Tom Carper, D-Del., said might be an attempt to try to manipulate the U.S. election.
“If these reports are accurate, such an intrusion raises concerns about the ability of foreign actors to interfere in the American political process during the upcoming election, including through cyber attacks targeting electronic voting machines or the information technology of state and local election officials,” Carper, ranking member of the Senate Homeland Security and Governmental Affairs Committee, said in an Aug. 8 letter to Homeland Security Secretary Jeh Johnson.
Carper’s letter noted that in 2004 the U.S. Computer Emergency Readiness Team identified vulnerabilities in voting machines that “would allow malicious actors to modify vote totals.”
And, he wrote, the Argonne National Laboratory in Illinois in 2011 and the Virginia State Board of Elections in 2015 issued reports that “identified issues that left certain electronic voting machines vulnerable to physical or wireless intrusion without detection.”
Carper also said the CIA found that bad actors were attempting to manipulate election outcomes in other countries.
Johnson hosted a conference call Monday with the National Association of Secretaries of State, offering assistance from his department as well as from the Justice Department and the Commerce Department’s National Institute for Standards and Technology (NIST).
In a readout of the call, homeland security officials said:
While DHS is not aware of any specific or credible cybersecurity threats relating to the upcoming general election systems, Secretary Johnson reiterated that DHS, the Election Assistance Commission, NIST, and DOJ are available to offer support and assistance in protecting against cyberattacks.
Johnson told the state election officials that homeland security officials would consider designating voting machines as “critical infrastructure,” a national protection category given to 16 sectors including energy, emergency services, and food supply that the nation depends on to function. The readout added:
As part of the ongoing effort, the secretary also announced that DHS is convening a Voting Infrastructure Cybersecurity Action Campaign with experts from all levels of government and the private sector to raise awareness of cybersecurity risks potentially affecting voting infrastructure and promote the security and resilience of the electoral process.
In a statement Aug. 5, the National Association of Secretaries of State insisted a major hacking effort is extremely unlikely, but that officials should make other efforts to protect the aging electronic machines.
“A national hacking of the election is highly improbable due to our unique, decentralized process,” a statement by the association said. “Each state and locality conducts its own system of voting, complete with standards and security requirements for equipment and software. Most states publicly conduct logic and accuracy testing of their machines prior to the election to ensure that they are working and tabulating properly, then they are sealed until Election Day to prevent tampering. Furthermore, electronic voting machines are not internet-based and do not connect to each other online.”
Still, voices on both the right and the left raised concerns.
The conservative editorial board of Investor’s Business Daily called hacking “a very realistic concern, one that has been raised for years, and if it were to happen, it could have a huge impact, since around 4 in 10 voters will be casting ballots using electronic voting machines this year.”
The editorial added: “The real risk isn’t that Russians or some other foreign government will hack our elections. It’s that homegrown partisan hackers will do so to affect the results in key districts or states.”
Changing results isn’t the only goal for a cyberattack, Lawrence Norden, deputy director of the democracy program at the left-leaning Brennan Center for Justice, wrote in an op-ed for NBC News:
The threats to the integrity of our elections go beyond potential hacks to change the vote count on polling place machines. Attackers could attempt a ‘denial of service’ attack, where machines simply crash more often. In those cases, voters could be forced to wait in line for hours while technicians work to fix machines or replace them. Many would give up and never vote. Alternatively, the systems could be attacked after voting is complete, when results from individual machines are tallied at a central location.