Election day used to mean people going out to cast their votes. Amid the ensuing COVID-19 health scare, however, the U.S. has decided to take voting online. But like anything that happens on the Internet, this year’s elections may be prone to cybersecurity issues.
In a previous post, we discussed the various cyber threats that can affect e-voting, ranging from glitches due to bugs to hacking. For some, the idea of election hacking still seems like a foreign concept. But as this year’s U.S. presidential election draws nearer, more and more people are raising election cybersecurity concerns.
Changing Times: What Makes the 2020 U.S. Presidential Election Different?
Andris Ozols, Michigan’s former chief research analyst, believes that the coronavirus pandemic severely affected the U.S. The country can’t ignore current events and had to change the election process. Voting had to be taken online so as not to spread COVID-19 further.
The change, however, brought not just cybersecurity issues to the fore but also other challenges. Ozols believes the U.S. government lacks transparency, for one, which can blindside voters. Other problems include police and law enforcement injustice, economic status, and increased participation and influence of the private sector.
Election Cybersecurity Issues
New Jersey, West Virginia, and Delaware recently announced that voters could cast their votes via OmniBallot, a web-based balloting platform developed by Democracy Live. Researchers from the Massachusetts Institute of Technology (MIT) and the University of Michigan, however, revealed that the platform has cybersecurity vulnerabilities.
Through reverse engineering, the researchers found that the platform employs a simple approach to online voting. It is not independent and isn’t configured for end-to-end verifiability, making it prone to manipulation. They also found that the application sends personally identifiable information (PII), including the voter’s name, choice, and device fingerprint, unencrypted, which threat actors can easily exploit.
Cybersecurity analysts also warn that the system can be infected with ransomware. From 2013 to 2019, government agencies were targeted by at least 169 ransomware attacks. And the frequency of attacks grows year on year. Some high-ranking cybersecurity officers from the U.S. Department of Homeland Security even fear that hackers can use ransomware to lock down voter databases. If that happens, the election may come to a standstill. This concern isn’t unfounded, too. As in 2016, Russian hackers were able to get their hands on voter registration databases because these were left insufficiently protected and accessible online.
What the Opposing Camps Say
Election security experts and key Democrats claim that the 2020 election can face potential equipment failures and cyberattacks mainly stemming from Russia and other countries with divested interests in its outcome. Election cybersecurity, in fact, has become a key talking point for Democrats on the campaign trail, some even promising to resolve issues as part of their priorities should they win—a far cry from past reality.
In 2016, cybersecurity concerns were a minor issue. It wasn’t something candidates talked about. This year, however, the subject has become a national concern. In response, the U.S. Congress included security measures as part of the US$1.4 trillion election spending. Unfortunately, the bills passed were blocked by the Republicans.
More recently, though, the Republicans have begun acknowledging the need for tighter security measures. After months of pressure and as the country’s intelligence community increased their warnings that a similar incident to that in 2016 may happen, they are starting to rethink their stand.
In a joint statement, the Department of Justice, Department of Defense, Department of Homeland Security, Director of National Intelligence, Federal Bureau of Investigation (FBI), National Security Agency (NSA), and Cybersecurity and Infrastructure Security Agency (CISA), revealed evidence that Russia, China, and Iran, along with other foreign entities, plan to interfere with the e-voting process either through hacking or influencing voter perceptions.
The ongoing divisiveness among government officials may only worsen the situation. For the online elections to successfully push through, the government needs to consider and take the experts’ advice.
Democracy comes at a price. The right to vote gave people the power to put someone in government. With election cybersecurity being a national issue, it may become the very weapon that can cripple a nation.
What will the 2020 U.S. presidential election be like? Will its result reflect the people’s choice? We need to wait for November to find out. Despite dire warnings, however, voting is a precious human right, so it’s still best to exercise it.