informa
/
/
Announcements
Event
Cyber Threats, Cyber Vulnerabilities: Assessing Your Attack Surface | Dark Reading Virtual Event | <REGISTER NOW>
PreviousNext
Attacks/Breaches
Slideshow

7 Ways Electronic Voting Systems Can Be Attacked

Pre-election integrity tests and post-election audits and checks should help spot discrepancies and errors, but risks remain.
Jai Vijayan
Contributing Writer
October 14, 2016
Attacks on Election Management and Voter Registration Systems
Malware Uploads On Air-Gapped Systems
Poisoned Vendor Updates
Attacks on State-Level Vote Tabulation Systems
Physical Attacks
Vote Fractionalization
Insecure Internet Voting
1/7

Concerns about the fragility of US electronic voting systems to cyberattacks go back to 2002 when the Help America Vote Act was passed mandating the replacement of lever-based machines and punchcards with more modern voting equipment.

Those concerns have been greatly amplified this election season with reports of attacks on voter registration systems in some 20 states and intrusions into the Democratic National Committee’s computers by hackers believed to be out of Russia.

The attacks have stirred considerable fears about foreign adversaries and nation-state actors somehow disrupting the elections and even manipulating the outcome of the voting to favor one of the two major party candidates.

The reality is less alarmist than might first appear.

Recent attacks involving the theft of data from voter registration systems in Illinois and Arizona certainly serve as a warning about the potential for foreign actors to cause problems. But the fact is that the attacks have been on systems used to manage the elections and handle tasks like voter registration, not the voting systems that people will use to cast ballots.

The actual machines that people will use to vote are not Internet-connected and are therefore protected against a vast number of cyberattacks that people assume the systems are exposed to, the National Association of Secretaries of State said in an open letter to Congress recently.

In all states but five, a vast majority of the electronic voting equipment that voters use will have paper backups. Some voters will use what are known as Direct-Recording Electronic (DRE) voting systems to cast their votes electronically. Others will mark their choices on a paper ballot and feed it into an optical scanner that will do the ballot counting. In both cases, voters and election officials will have a so-called Voter Verifiable Paper Audit trail that will provide a reliable backup even if the machines fail or are somehow compromised.

Pre-election integrity tests and post-election audits and checks should help spot discrepancies and errors as well, the NASS has noted while cautioning against a loss of public confidence in the US voting system.

Despite such reassurances, security analysts point to several weaknesses in electronic voting systems that attackers could take advantage of to cause varying degrees of problems.

Here are seven of those security weaknesses in e-voting systems.

 
Next slide
Recommended Reading:
Editors' Choice
10 Recent Examples of How Insider Threats Can Cause Big Breaches and Damage
Ericka Chickowski, Contributing Writer
Windows 11 Available: What Security Pros Should Know
Kelly Sheridan, Senior Editor
Top 5 Skills Modern SOC Teams Need to Succeed
Jack Naglieri, CEO and Founder, Panther Labs
The New Security Basics: 10 Most Common Defensive Actions
Robert Lemos, Contributing Writer