Foreign Hackers Allegedly Breach 2 State Election Databases - Page 2

According to a study by the Institute for Critical Infrastructure Technology, the voting system in the United States is highly vulnerable. According to James Scott, a senior fellow at the institute, the shift to electronic voting machines following the contested Bush/Gore election resulted in broad reliance on voting machines with little security. Some of these machines are so insecure that they can be attacked through known vulnerabilities using WiFi operated by an attacker in the parking lot near the polling station.

Tyler Cohen Wood, former Defense Intelligence Agency deputy division chief, said that a more significant threat probably exists in the areas where votes are consolidated by county and state election offices. Vulnerabilities exist through insider threats, the supply chain (including where voting machines are serviced and updated) and through the networks where poll results are tallied.

"We've gone from the hanging chad to where, for the most part, everything is electronic," said Wood, who is currently cyber-security advisor at Inspired eLearning. "If devices are connected and if there are vulnerabilities, it's possible for hackers to get in and change the voting."

An additional threat pointed out by Scott is that a series of persistent attacks and data exfiltration can undermine the faith in the voting process. While that might not actually change any votes, it can give rise to credibility among those who claim that the voting system is rigged. An increase in such credibility can cause delays through recounts, investigations, legal action and other challenges that could bring chaos to the voting in important elections.

Unfortunately, a great deal boils down to the motives of the alleged Russian hackers who broke into the voter registration database in Illinois. Was it just a poorly executed attempt at identity theft, or something much more sinister? Until more is known about the attackers, it's impossible to say.

But what it does mean is that in this age of state budget shortfalls, it's still necessary to find the money to improve voting security. While voting security has been a key part of elections in the United States, that doesn't mean that those elections are necessarily secure. But the states need to find a way to make voting as secure as it can be.

Wayne Rash

Wayne Rash

Wayne Rash is a freelance writer and editor with a 35 year history covering technology. He’s a frequent speaker on business, technology issues and enterprise computing. He covers Washington and...