With only a week left to the U.S. Presidential Election, voting is in the news and on most people’s minds (though many of us are also looking forward to the conclusion of this election cycle). This is especially true because of all the voting security stories that have been in the news lately.
Whether its nation-state adversaries trying to manipulate our election, domestic partisans making false robocalls to confuse voters, or even the President himself eroding public trust in the mail-in voting processes, everyone is worried about the security of the 2020 presidential race.
So, with that in mind, let’s explore seven myths around voting security.
Hackers Primarily Target Voting Machines
When the average person thinks of hacking the vote, they probably think of hacking digital voting machines, likely since this method is often covered in the news. Logically speaking, this makes perfect sense since directly changing votes feels like the most obvious way to affect an election. However, we believe targeting voting machines directly is the least likely way in which state-sponsored actors will manipulate the 2020 election.
Having said that, let’s be clear—digital voting machines are vulnerable to hacking. Researchers have repeatedly found security vulnerabilities in particular machines that cyber criminals could exploit to change results (though many require physical access to the machines). But just because it’s possible doesn’t mean it’s probable.
Why? First, every state in the U.S. uses different voting methods and equipment. Many states might even have different equipment in different regions. There is no single machine or standard a hacker could target to change many votes. Theoretically, smart hackers could still focus on key battleground states, but even then, they may need physical access. Changing our votes using the many types of voting machines around the country would be quite the task.
Second, and more importantly, I believe the U.S. response to confirmed digital vote tampering would be quite extreme. We already know state-sponsored attackers are “passively” manipulating the election. If we learned that they had hacked machines directly to change votes, I think we’d have a kinetic response—likely in the form of war. State-sponsored actors are already doing quite well spreading election disinformation in passive ways, so why risk more direct attacks?
Offline Digital Voting Machines are Secure
Another common voting machine myth is that offline equipment is more secure since it isn’t connected to the Internet, or any network for that matter. This is a complete and utter fairytale. As I already mentioned, many of the flaws in voting machines are only exposed physically, but that also mean these flaws can be exposed while the machine is offline. If you have even a single machine recording the wrong vote for the hundreds of people using it in a day, you will have a problem.
“But it’s hard to get physical access to these machines, and then you can only affect one at a time, right?” Wrong. Remember, offline or online, these digital machines often get shipped to locations together. They start at the same warehouse, or many end up in the same truck, where attackers could intercept and compromise many at once. There have also been reports of voting machines stored in insecure rooms days or weeks before an election, giving potential attackers easy access. Don’t forget that we ultimately need to extract the data from these machines (often via SD cards and other forms of storage) for counting. This offers another opportunity for an attack in the voting supply chain. Simply put – offline voting machines are not the “answer” to election security.
Blockchain Solves Digital Voting Security
We don’t have online digital voting in the U.S. yet but we are starting to talk about it. During these conversations, you’re almost guaranteed to hear someone bring up how blockchain can secure the vote with a cryptographically secure and immutable public ledger. If you haven’t heard of blockchain, it’s the technology that securely records all transactions in an immutable, cryptographically-signed, peer-to-peer, public ledger, without allowing hackers to change the record (and make off with stolen cryptocurrency).
If you need a secure, yet 100% public, ledger for records of any sort, blockchain really is a useful technology that can solve some specific problems. It certainly could be one of the building blocks to a secured online vote. The problem is, many less-technical folks talk about blockchain as if it’s some magical panacea that solves all security issues. That is a myth. While online voting may benefit from blockchain down the line, there are many other security challenges you need to solve to create a reliable and secure online voting standard. For one, how do you reliably authenticate users digitally, with so much credential fraud? Even if you produce a good online voting standard, what about simple malware that has infected the user’s computer, which could secretly change that user’s vote as it happened?
In short, it’s highly likely that we will generate online voting standards over the next decade that blockchain might be part of the equation, but don’t assume blockchain is all you need to secure digital votes.
Foreign Election Disinformation is Made Up or Fake News
So, you might be thinking at this point, “With so many myths… why do I hear so much about election hacking in the news?” State-sponsored attackers are pushing disinformation to stir up the electorate and polarize our country rather than directly hacking elections.
If you’ve followed the news lately, you’ve likely heard our intelligence community reporting on state-sponsored hackers from Russia, China and Iran who are all trying to manipulate U.S. citizens around the election. This voting security myth centers around “what” disinformation really is. Many people think it’s lies or fake news, or some made up story. A lot of disinformation is actually based on some kernel of fact that threat actors try to expose to more people in order to polarize communities. For instance, you may have heard about Proud Boys or white supremacist groups a lot lately. These groups are not made up. They do exist in America and real U.S. citizens belong to them. However, they represent a tiny minority in our country, so in normal situations, they would not have a loud voice. That’s where state-sponsored propaganda and disinformation come in. These threat-actors find other groups with beliefs that might be somewhat adjacent to the more extreme group. This new group may not directly believe what the more extreme group does. In fact, in normal times they might think that group is too extreme, but using social media, state-actors can start to cross-pollinate the articles and memes of the more extreme group to a wider audience of those with similar interests and overall ideologies. The idea is that over time, the less extreme group will grow more extreme. While I started with an example to the right, this disinformation tactic appears on both sides of the political spectrum.
Disinformation is not always based on lies. In fact, it’s more often based on an unpopular truth that the adversary wants to normalize by making it more popular. In this way, the true goal of these nation-state actors isn’t to change our vote, but to polarize our country and weaken our trust in democracy. Don’t fall for it.
One National Digital Voting Standard is Huge Danger
Another major myth is that a single online voting standard is a huge risk and can’t be secured. As the community has talked about the idea of an online vote, many security researchers have argued that it could never be secured, and shouldn’t happen at all. They argue if historical examples teach us anything, it’s that these voting systems are rife with flaws and vulnerabilities, so trying to create some online voting system will be full of holes. They also warn if you have one system for all the nation’s voting, it will be a huge target for attackers.
I disagree! I think you can create at least acceptably safe online voting, and in order for it to be secured it MUST be a single standard system. You can never attain 100% security and any online voting system will inevitably, eventually expose flaws. However, there are secure design paradigms that greatly minimize exposed flaws and can mitigate any exposures with other fail-safe measures.
The cryptographic community is a good example. Many businesses (and government intelligence agencies) rely on encryption and cryptography for security. That said, cryptography can have holes and bad implementations. That is why this industry comes together transparently to publicly publish all the details of new encryption ciphers. By openly publishing how the encryption standard works, other mathematicians and cryptographers can aggressively prod and attack this proposed public standard, looking for holes or mistakes to strengthen the standard over time. New encryption ciphers often have gone through years or even a decade of such public testing before they are released and supported as a standard.
A standard digital online voting mechanism could be the same. If you designed it with the entire security, cryptography, and tech community, and you put it through years of public testing and exposure, the community could plug most of the holes before we ever used it. Yes, being one standard—and a public one to boot—means the attackers would know what to target, but that is the same for most cryptography ciphers. It’s this open testing that makes them so secure and resilient to attack.
Mail-in Ballots are Insecure
Unfortunately, in 2020 we don’t just have to guard against foreign actors attempting to manipulate our vote, but we seem at greater risk of our own leaders trying to falsely erode public confidence in voting security. This year, political leaders started a campaign of distrust against mail-in voting, citing “how bad, dishonest and slow [mail-in voting] is.” These claims are simply false, and there are many studies to back it up.
First, absentee ballots—a form of mail-in voting, has existed in around two-thirds of states for quite some time. Mail-in voting’s security has been tested. Do some cases of fraud exist? Yes, but they are statistically irrelevant and very minor. Note, cases of fraud have occurred with other voting mechanisms too. There is no evidence anywhere that mail-in voting increases fraud. If you are really worried about fraud (though it is statistically unimportant), you should know that most of the mistakes in vote counts are actually due to clerical errors (humans unintentionally messing things up). These types of issues happen with and without mail-in voting. The narrative that mail-in voting is riskier and more prone to fraud than any other type we use is simply not factual based on all the evidence we have today.
Your Vote Doesn’t Matter Due to Rampant Voting Fraud
All this worry about election security, whether from foreign or domestic actors, is designed to make you think your vote doesn’t matter, and probably won’t count. This is a complete and utter myth instituted by people who are attacking democracy. If there is one myth you realize, let it be this one. Your vote does matter, and the vast majority of votes in the U.S. will get counted properly if you do your part. Voting fraud is a cross-partisan issue and I want your voter to matter, whomever you vote for. So, go out and vote. Don’t let the fear of insecurity win. Though attackers do sometimes crack systems, if we keep working against them, and living our lives despite them, our votes will count. Go Vote!
If you would like to learn more about voting fraud myths, read this article from the non-partisan Brennan Center.