Simple hack could alter Internet ballots

Basic cyberattacks could tamper with electronically submitted ballots, leaving no trace behind, according to research from computer science firm Galois.  

On the heels of election watchdog groups criticizing Alaska’s use of ballots submitted online, Galois demonstrated that electronic ballots could be modified through simply hacking into home routers, which often have minimal security measures.


“An off-the-shelf home Internet router can be easily modified to silently alter election ballots,” said the researchers, Daniel Zimmerman and Joseph Kiniry.

A few states now allow voters to receive and return a ballot electronically. Election officials argue it is a way to increase voter participation, while technologists insist heightened turnout isn’t worth the high risk of fraud.

Alaska’s tight gubernatorial and Senate races have drawn the most attention to the issue. With only a few thousand votes separating the candidates in each race, government accountability groups argue the 1,500 electronically submitted votes could cast doubt on the ultimate results.

In Alaska, voters can choose to access a PDF ballot via a secure Web portal after authenticating their identity. After filling out the ballot, they can submit it to election officials through that portal.

It’s during that transmission — voter to election official — that the ballot is highly vulnerable, the researchers said.

“Our attack transparently and untraceably alters a ballot to change a voter’s choices once the ballot has been sent,” they said. “The voter believes he has submitted a vote for some candidate, while the election authority receives a legitimate-looking vote for another candidate.”

A number of typical solutions — encrypting the PDF, encrypting the connection to the voter's server, tighter security on home routers — all have major flaws, leaving other avenues for vote tampering, Galois said.

Computer scientists have said the lack of connectivity — to each other and to the Internet — is the main factor preventing widespread voting fraud on electronic voting machines.

Internet voting relies on that connectivity.

“This method of vote submission is inherently unsafe, and should not be used in any meaningful election,” the researchers said.