If the Democratic National Committee can be hacked, could US election results be next?
It's a question being asked all over the country in the wake of last month's cyberattack on the DNC by Russian hackers, which the New York Times reported this week was even more serious than originally thought. The US Intelligence Community has suggested the hack was an effort by Russia to influence the US election, and now the Department of Homeland Security (DHS) and lawmakers are warning of the potential for a foreign government or independent operators to hack the election itself.
There are three main vulnerabilities: the election management systems that county and local officials rely on to organize (and sometimes tally) the vote, online voter registration data, and electronic voting machines. Most at risk are states and counties that use electronic voting but do not require paper ballot backups.
Those states include Texas and the swing states of Pennsylvania and Virginia.
Senator Tom Carper, the ranking Democrat on the Senate's Homeland Security Committee, wrote in a letter earlier this week to Homeland Security Secretary Jeh Johnson that a "cyberattack by foreign actors on our election systems could compromise the integrity of our voting process."
Johnson said last Thursday said he that would consider classifying voting as so-called "critical infrastructure" due to the "vital national interest in our electoral process."
DHS currently designates 16 sectors as critical infrastructure, including the defense, financial, and chemical industries. Other federal departments, including Defense and Treasury, in turn coordinate with DHS and implement its strategy in order to guard against cyberattacks.
But elections pose a particular problem because the federal government has little authority over them. Since the founding of the republic, voting laws have largely been left up to state, county, and local governments. There are about 9,000 different jurisdictions in the United States responsible for voting, and they use a variety of voting machines and election procedures.
DHS is "not a regulatory agency in this area," DHS spokesperson Scott McConnell said. In other words, it doesn't have any power over elections — at least not yet.
Assigning a critical infrastructure designation to elections could allow the DHS to draw up election security policy, build necessary infrastructure, and more easily give out grants to help improve election cyber defenses. It could also help the agency gather information about cyberattacks from election officials and industry players, says Jason Healey, who served as the director of cyber infrastructure protection at the White House from 2003 to 2005.
"You'd want some kind of information sharing group among election machine manufacturers to talk about vulnerabilities," said Healey, who is now a research scholar at Columbia University. "And you'd want another group that works with all the secretaries of state to help share information."
Although the federal government's Election Assistance Commission establishes standards for voting machines, adherence to these standards is "strictly voluntary." Twenty states do not have laws on the books codifying those standards, although most of those states test to them anyway.
Federal Trade Commission Chief Technologist Edward Felton demonstrated to Congress in 2007 that some voting machines were easily hackable. The types of machines Felton hacked are still used around the country, and the machines, now nearly a decade old, run on operating systems that include Windows XP, which has not had a security patch since 2014.
Edward Felton testifying before Congress.
The good news is that the mishmash of different machines makes a coordinated hack of the electoral infrastructure incredibly hard to pull off. Also, save for overseas and military voters in some states, elections aren't taking place over the Internet, and the machines are not online.
"To hack the election you have to somehow get to the voting machines themselves, one way or the other, going one-by-one," said Lawrence Norden, a deputy director at the Brennan Center for Justice and coauthor of a 2015 report on the risk to US voting machines. "If you want to influence a national election, it would take hundreds if not thousands of people to access these machines in polling places."
The biggest danger, says UC Berkeley Professor David Wagner, who has worked on electronic voting security for a decade, is that a hacker's program could be spread from one polling booth memory card to the central server where all the polling results are uploaded. But hackers would have needed to do this during the previous election in order to interfere with the current one.
Wagner and Norden both say the easiest way to prevent hacking is to make sure every vote has a paper trail, which would enable pre- and post-election audits to be conducted.
Eighty percent of the country's polling stations use paper ballots or have a paper backup. But updating the other 20 percent isn't high on the priority list of many cash-strapped governments.
"Things are really bad," Norden said. "We're investing zero money."
He and other experts worry that actors who want to interfere in a US election may not even need to hack the vote — they could merely say they did, and without the ability to double-check or audit ballots, there would be no way to prove the results were legitimate.
"You don't want that to happen in a very close election because then the whole integrity of the system is undermined," Norden said, "and people lose confidence in our democracy."
Follow Benjamin Gilbert on Twitter: @benrgilbert