© Josh Sager – August 2016

In an increasingly digital world, hackers have gained the power to disrupt many vital systems and compromise our personal data. Society has adapted to many of these new threats by increasing digital security systems, but hackers are constantly looking for the cracks in this security. Unfortunately, one system that has not been hardened to these new threats is our electoral system, specifically our voting infrastructure.

According to reporting by Michael Isikoff of Yahoo News, hackers—potentially sponsored by Russia—have broken into two state election databases. While the FBI has confirmed the breaches, they have refused to identify which state databases may have been compromised (leaks suggest that they are likely Arizona and Illinois, but this is not confirmed). If hackers manage to infiltrate voter databases, they can steal data (for identity fraud), alter or remove voter data from the registry, or even attempt to shut the system down, throwing the voting system into chaos.

The attacks on state voter databases are not isolated incidents, and there have been several other very high profile hacks associated with this election cycle. Earlier this year, the DNC was hacked and thousands of emails were leaked, exposing that DNC officials favored Hillary over Bernie and had been working to actively undermine his campaign. Additionally, the Hillary campaign was hacked, revealing internal communications by Clinton staffers.

Russia has been blamed for each of these hacks, although there is very little publically available evidence that supports these accusations. Ultimately, the identity of the perpetrators of these hacks is far less relevant than the fact that they have occurred at disturbing frequency. It is apparent that hackers have begun to take a serious interest in the US electoral system and that our current security systems are woefully unprepared to deal with the threat.

The Danger of a Stolen Election

Hackers intruding into electoral databases, party servers, and candidate communications accounts are serious concerns, but they absolutely pale in comparison to the danger of hackers intruding on our voting systems on Election Day. In many states, it would be possible for hackers to break into our voting systems and, in real time, alter the results to reflect whatever result they want while leaving no trace of their interference.

The vulnerability of states to this type of interference depends upon the voting systems they are using. Some states are immune (e.g. Massachusetts) because they use paper ballots which cannot be remotely altered, while others (e.g. Virginia and Pennsylvania) are prime targets because they use electronic voting with no paper trail. The Verified Voting Foundation has created a county-level breakdown of voting machines which will let you see how vulnerable your voting station is.

The security measures protecting many electronic voting platforms is essentially non-existent and there have been numerous examples of hackers and academics demonstrating this vulnerability to prove a point. Just last year, a Princeton professor named Andrew Appel purchased an old voting machine and, in less than 10 minutes, infected it with viral firmware which would spread to networked machine and allow him to remotely and untraceably alter election results. Unless programmers sorted through the thousands of lines of code for the infected machines after the election and found his virus (which they never do) nobody would ever know that the election was stolen.

Hackers don’t even need to alter the number of votes to change the election results. If they create fractional values for each vote (e.g. counting a Trump vote as 1.02 and a Hillary vote as 0.98), they can shave percentage points off of candidates in order to create realistic looking results that wouldn’t be challenged.

Put simply, this situation is a threat to democracy itself. If a foreign power, corporation, or even simply a group of individuals decides to steal our election, we are wholly unprepared to stop them. Due to the Electoral College and dramatic polarization in our nation today, switching the votes in several key swing states (e.g. Virginia, Pennsylvania and Florida, all of which use highly-vulnerable technology) would have an immense impact on the election results.

Such a plan to corrupt our democracy would cost virtually nothing to a foreign government and would let them change the course of American public policy. They could ensure the election of candidates who are favorable to their interests or who oppose their adversaries; similarly, corporations could alter elections results to favor candidates who support tax cuts, deregulation, corporate welfare, trade deals, or other policies that increase their profits.

This vulnerability must be addressed immediately. The integrity of our elections is a nonpartisan concern that every American should be able to support, and the marginal costs of updating our current voting infrastructure are completely overshadowed by the potential risk of such a hack.