The malware election: Returning to paper ballots only way to prevent hacking

The malware election: Returning to paper ballots only way to prevent hacking
© Getty

The key takeaway of special counsel Robert S. Mueller’s report on Russian interference in the 2016 election was that “There were multiple, systematic efforts to interfere in our election … and that allegation deserves the attention of every American.”

But with so much attention on what happened in 2016, we have lost much of the time available to protect the 2020 election.

This was immediately apparent recently at DEF CON, one of the largest hacker conventions on the planet. The conference, where tens of thousands of hackers descend on the pseudo-glamourous “pleasure pit” that is Las Vegas, includes the Voting Village, a pop-up research lab with an array of U.S. voting equipment available for security researchers to compromise.

ADVERTISEMENT

They were terrifyingly successful. High school hackers and security professionals united to take control of almost every voting system in the room, most of it currently in use around the U.S. They found systems with no passwords, no encryption, and operating systems so old that young hackers often had no previous experience with them.

That did not prevent them from completely dominating the machines. They accessed USB, compact flash and ethernet ports that were glaringly unprotected, and then proceeded to play video games and run pink cat graphics across the screens of ballot-marking devices and voter registration database systems.

This may seem like fun and games, but the ability to access the core controls of these voting machines illustrates that malware could easily be planted on them. That malware can change vote totals, or prevent thousands of people from voting. In one system we timed, it took exactly five seconds to connect the voting machine to a device that could inject malware through a port that was easy to access and only a few inches from where voters scan their ballots.

Once malware is on a voting machine, it can travel from that voting machine, to a central tabulating system, and then back out to all the other voting machines in a jurisdiction during the course of normal election procedures. Thus, a five second exploit, by one lone voter, in one precinct can infect and change the results in an entire county. Because of the way the Electoral College works, changing the results of a few counties in a few states could change the outcome of a presidential election.

Another even more effective technique would be to send a Chick-fil-A phishing email to a voting machine vendor (one of my hacker contacts tells me that is the best click bait.) Then, having gained access to the vendor’s system, sit back and relax while that vendor plants your malware for you on voting machines across the country. This technique was detailed by Professor J. Alex Halderman in a New York Times opinion piece, and a similar scenario unfolded in reality last year when an estimated half a million ASUS laptops were infected with malware using the vendor’s own branded software update.

ADVERTISEMENT

What can be done? The Defense Advanced Research Projects Agency (DARPA) is developing hardware that might be secure enough to compensate for risky software. They demonstrated an early prototype of their system at DEF CON. Hackers were not able to compromise it, but one college student pointed out to me that this was partly because it was down most of the weekend.

What computer and security experts recommend is actually remarkably non-technical: paper ballots, marked by hand whenever possible and audited by hand until there is strong statistical evidence that the outcome is correct. This is known as a risk-limiting audit. There are election security advocates who favor auditing all or many ballots by hand in a public transparent process, because that might give a higher level of confidence in the results.

Some counties like Columbia County New York are already doing that. One important principal is the separation of responsibilities--having a different entity either conduct or certify the audit than the board of elections that conducted the original count. This is an essential protective mechanism to establish.

Strong support also exists for the practice of releasing digital images of ballots to the public, in addition to an audit. If done correctly this provides a way for the public to search for potential inconsistencies in the results. Dane County Wisconsin has been posting ballot images online for several election cycles. 

It is imperative that we pivot immediately to the task of establishing secure protocols and robust audits for the 2020 election. Legislation called the SAFE Act requiring that a voter “have the option to mark his or her ballot by hand” and mandating risk-limiting audits for federal elections passed the House in June. But as many have pointed out, the bill is being blocked in the Senate by the Republican leadership. Likewise, a proposal to send 600 million dollars to states for election security is stuck without the support of Majority Leader Mitch McConnellAddison (Mitch) Mitchell McConnellDemocrats seize Senate floor to protest gun inaction: 'Put up or shut up' Democrats press for action on election security Hillicon Valley: Election security looms over funding talks | Antitrust enforcers in turf war | Facebook details new oversight board | Apple fights EU tax bill MORE (R-Ky.)

Some effective and long overdue lawsuits are having an impact, like one of the four launched by Coalition for Good Governance that is bringing more oversight to Georgia elections. But even without filing a lawsuit, there is much that an individual or a group concerned about the accuracy and security of our elections can do.

The non-partisan project I co-founded, called SMART Elections, will be collaborating with other organizations to establish a corps of trained volunteers to help ensure an accurate vote count. Members of a community can connect with local security experts and election officials to advocate for secure voting systems that use hand-marked paper ballots – for those able to mark their ballots by hand – and secure ballot-marking devices for those unable to. They can implement robust post-election audits, and engage in pro-active monitoring of election data and results. 

I encourage everyone concerned about fair elections to join us, or to find their own way to get involved in this mission-critical job.

Lulu Friesdat is a journalist and filmmaker whose  election security investigations have received more than 4 million views and been featured in Politico, Now This, MSN.com, the Young Turks, The Christian Science Monitor, Salon and TruthOut. Follow her on Twitter @LuluFriesdat.