Florida Gov. Ron DeSantisRon DeSantisPoll: Trump dominates 2024 Republican primary field Republican politicians: Let OSHA do its job Ben & Jerry's unveils new flavor in support of Cori Bush's public safety reform bill MORE recently made it official: when it comes to the security of America’s elections, we have seen the enemy… and it is us.
Governor DeSantis forthrightly acknowledged that, according to the FBI, two Florida counties’ election systems were infected by malware in the 2016 elections. Reportedly, that malware was furtively installed on at least two county employees’ computers via a run-of-the-mill email “spearphishing” campaign.
The malware installed then compromised county databases when those county employees used their computers to access their employers’ computer networks, allowing hackers to access vote and voter data stored elsewhere on those same networks.
Fortunately, it appears that the malicious code was used “merely” to infect databases separate from voting machines themselves and other internal ballot-tallying systems.
While the headlines out of Florida understandably focus on the unsettling infiltration of local election records, there is a larger and much more critical lesson of those breaches: voting and personal computers don’t and should never mix.
Yet, mix they still do — dangerously and pervasively.
Interference by foreign governments in the 2016 elections has dominated the headlines for years. Inherent vulnerabilities in our voting systems, created by their intersection with the Internet, have long been known.
Nonetheless, 33 states still allow some voters to cast a ballot through the Internet and/or by email — which is sent over the internet — in some fashion. Time is running out for these states to prevent future intrusions — intrusions that could well affect actual vote totals — by ending all such “I-voting” and “e-voting” programs before the next presidential election.
Not study them. Not limit them. Not adjust them. End them now.
My fellow computer scientists and I are generally not this emphatic, but we have long publicly warned that any forms of voting online, particularly by email, are vulnerable to undetectable attack. So are voter registration and election management systems, electronic pollbooks, voting machines, and vote tabulation systems. When voting itself is enabled online, these systems, too, are all vastly more at risk of being compromised and corrupted.
So, why does such irrational faith in Internet and e-mail voting persist? Perhaps because in an age of rapid and ever-accelerating technological change — one in which your 2019 smartphone is more powerful than any of the NASA computers that took us to the moon — it’s easy to assume that our elections should be just as “advanced.”
Also, everyone knows that computers make things more efficient, saving time and money. But when it comes to elections, computers also dramatically increase profound risks. We simply cannot now fully defend against a determined, expert and persistent adversary, as the FBI just confirmed for Gov. DeSantis and the rest of us.
The most important and urgently necessary fix is decidedly and, especially for a computer scientist, humblingly low tech: paper ballots.
As many already have, every state must pull the plug now on all forms of I- and e-voting in favor of requiring all — or virtually all — votes to be cast on paper ballots, preferably ones that voters mark by hand.
While this may seem inefficient, even archaic, paper ballots cannot be hacked and they leave a literal “paper trail” for election officials to readily track and transparently audit. Not incidentally, routinely performing state-of-the-art “risk limiting” audits after elections therefore is also mission critical.
Paper ballots and high-tech audits won’t stop foreign actors and other nefarious actors from trying to undermine our democracy, but they will make our elections dramatically more secure . . . and will keep us from being accessories to the crime.
Jeremy Epstein, an election- and cyber-security expert, is vice chair of the U.S. Technology Policy Committee of the non-profit and non-lobbying Association for Computing Machinery, the world’s largest and longest-established society of professionals in computing. Follow him on Twitter @jeremyinfosec