The State of Election Security

Clichéd as the concept of a perfect storm is, it also feels more apt than ever to describe this year’s American election—and that’s only taking into consideration the cybersecurity challenges voters face.

Since 2016, cybersecurity and election experts have been sounding an ever-louder clarion call that aggressive steps need be taken to ensure that computerized voting machines in the U.S. are secure enough to properly enroll registered voters, record their votes, and accurately count them, as well as take steps to protect elections from foreign manipulation, and to arrest the spread of election disinformation over social networks with education and awareness.

And that was before the Covid-19 pandemic killed more than 218,000 in the U.S., upended countless lives, the economy, and voting traditions. 

While some officials have been taking these hydra-headed threats to elections seriously, others have not, and too often ignored their concerns outright. Polls currently indicate ongoing uncertainty in all aspects of the election: the mechanics of how to vote, the trustworthiness of vote tabulation, the unfounded fear of fraudulent votes, and even how rapidly the election outcome will be known. A Pew Research study published on October 14 indicated large divides between voters along political party lines in all four of those categories. 

Misinformation and disinformation

One of the top questions about this year’s election concerns whether we’ll see a repeat of foreign disinformation campaigns seeking to influence the outcome, as we did in 2016. Three-quarters of Americans are worried about foreign governments and their allies interfering in this year’s election, and with good reason. In September, FBI Director Christopher Wray told the House Homeland Security Committee that Russia has been attempting to damage former Vice President and Democratic candidate Joe Biden’s campaign with “very active efforts” across social media, state media, online journals, and proxies. 

Wray’s comments were followed on October 14 with a New York Post story about alleged emails from Hunter Biden encouraging his father to meet with an adviser to the board of the Ukrainian oil company that the younger Biden also served on—an apparent conflict of interest. However, not only do the Bidens deny that the emails are authentic, but the evidence that supports the allegations has not been independently reviewed, and appears to come from Russian sources. The provenance of the story is so specious that one of the reporters bylined on the Post article says that she did not work on the story at all. 

Part of what makes it harder to fight disinformation this year, say experts, is that it’s not just foreign adversaries promoting disinformation—the White House itself is involved in its spread. President Donald Trump’s personal lawyer and former cybersecurity czar, Rudy Guiliani, provided the alleged Biden emails to Fox News, which declined to pursue the story. 

Guiliani then took them to the Post. Reporters have documented ties between the former mayor of New York City and pro-Russia Ukrainians and Russian operatives who have been known to conduct disinformation campaigns. (Guiliani also makes a less-than-flattering appearance in Borat 2, the latest Sascha Baron Cohen comedy.)

As with previous election years in 2016 and 2018, disinformation campaigns this year have goals that vary depending on the content of the allegations, says Pablo Breuer, co-founder and vice president of the Cognitive Security Collaborative and a member of the People Centered Internet organization. But unlike previous years, he says, the efforts to dissuade voters from trusting the ballot-casting and ballot-counting processes take on heightened importance as the Covid-19 pandemic forces municipalities to consider voting methods such as mail-in voting that they have previously been reluctant to embrace.

“This year with all the mail-in voting it’s going to take a while to count all the votes, I think there’s going to be a massive disinformation campaign to harm the post-election count,” Breuer says. “The campaigns will focus on voter suppression before the vote, and the legitimacy of the election after the vote.”

With just a week before Election Day, there are already several notable attempts to suppress the vote. President Trump made several attempts that discourage voters from trusting mail-in ballots (except in Florida, where he officially resides and has a strong base) or using early-voting ballot drop boxes. American intelligence agencies have reported a noticeable increase in Russian disinformation that discourages mail-in ballots, although they did not link Russia’s efforts directly to the President’s comments.

Vote fraud is increasingly rare, including absentee vote-by-mail, concludes Harvard’s Berkman Klein Center for Internet and Society in a study published on October 8 that analyzed 55,000 news stories, 5 million tweets, and 75,000 Facebook posts published between March and August of this year.

Other falsehoods spread on social media include unfounded rumors of a post-election Democratic coup; blocked mailboxes to prevent absentee voting; and the need for armed poll-watchers at voting locations this year, a historical form of voter-intimidation—of which there’s already been at least one documented incident.

 And the director of national intelligence Dan Ratcliffe says Russia and Iran are responsible for attempting to blame the violent right-wing Proud Boys organization for sending threatening emails to Florida voters if they didn’t vote for President Trump.

Russia is not the only top candidate for Internet-based election interference: China and Iran are also expected to attempt to interfere with the election. That’s according to William Evanina, the director of the National Counterintelligence and Security Center. But while stopping foreign and domestic disinformation interference remains a priority for the National Security Agency and the Department of Homeland Security, it’s not the only one facing voters and election officials.

Insecure technology protecting the vote

The other top concern facing election officials is the complicated, patchwork-by-design electronic voting systems that assist elections across the country. It is virtually impossible for a ballot cast in America in 2020 to never touch a computer, from computerized voter registries; to electronic pollbooks used at voting locations to verify that a person is who they say they are and should be voting at that location when they cast their ballot; to computer voting machines that record votes; to vote-tallying machines. 

While that doesn’t intrinsically put votes at risk, expert advice on how to secure that computerized chain has been ignored too often in the United States. That we know how to secure electronic voting systems, but haven’t broadly done so, is what worries election security experts.

The entire system of voting in America is in a better place now than it was in 2016, but that’s a “very low bar,” says Susan Greenhalgh, former vice president of policy and programs at the National Election Defense Coalition and now a senior advisor on election security at the nonpartisan, nonprofit Free Speech For People. She worries that the entire system by which states conduct their elections has not advanced enough to be resilient to different kinds of attacks.

“What I find frustrating is that we’ve had four years since 2016 when foreign actors and malign agents were trying to get into our election system, which should have been a hair-on-fire moment for our election officials across the country to implement more secure protocols and more resilient systems,” she says. 

The two most consequential improvements to secure the vote Greenhalgh and other experts want are paper trails for votes so that electronic votes can’t be deleted by hackers, and mandatory, robust, and consequential audits of election results so that close elections can be fairly re-counted. 

Those changes have been implemented in a piecemeal manner at best, she says. According to the election-monitoring nonprofit Verified Voting, there is no paper trail for any precinct in Louisiana, nor most precincts in Mississippi, New Jersey, or Tennessee. Another four states have a significant percentage of precincts without a paper trail. While this is an improvement over 2016, when all or significant majorities of the voters in 10 states were not offered a paper record, it still leaves significant numbers of election officials without a way to verify the intent of the voters they represent in 2020.

Paper ballots and paper records of electronic votes are important to have in elections because they are less susceptible to interference, says Maggie MacAlpine, a founding partner at Nordic Innovation Lab and cofounder of DefCon’s Voting Village, which in 2017 helped expose critical security vulnerabilities in voting machines that vendors denied the existence of.

“Paper ballots are the big fight that’s been going on for 10 years. If you’re in one of those states that’s not fully over into paper ballots, you need to fight for that because just in terms of mistakes, it’s very hard to verify and audit elections without them,” she says.

The auditing process that many experts including Greenhalgh and MacAlpine are advocating for is a risk-limiting audit, in which officials hand-count randomly sampled precincts until they can establish with high statistical confidence that hand-counting all of the paper records would yield the same winner. However, very few jurisdictions require risk-limiting audits despite their ability to ensure fair recounts at a fraction of the cost of more traditional recounting methods.

Only Colorado and Rhode Island require risk-limiting audits, even after the bipartisan Senate Intelligence Committee called the method a “best practice to mitigate risk” in its 2018 report on improving election security. Although risk-limiting audits were mandated in the Secure Elections Act of 2018, the bill did not make it out of committee because of opposition from some Republicans and a bipartisan cross-section of Secretaries of State, Greenhalgh says. 

Making it even harder to secure election technology is that voting-machine vendors have almost universally opposed independent audits of their software and hardware. That’s what led to the rise of the Voting Village, and despite major voting-machine vendor ES&S finally creating a vulnerability disclosure program earlier this year, technological audits of voting machines still keeps election security experts up at night.

“People were given this false sense of security that the machines can’t be hacked,” says Greenhalgh. “Even Devin Nunes said [in a March 2018 Report on Russian Active Measures written by the House Permanent Select Committee on Intelligence, which he chaired] that these machines give people a false sense of security.”

What must be done to secure American elections 

Despite the serious problems facing election security in the United States, experts recommend several concrete steps to make them more secure, which they hope will have the additional impact of improving public confidence that elections, from ballots cast for local offices all the way up to national elections for president, are fair.

The insidious idea that “fake news” is just fiction masquerading as news is really dangerous. Real disinformation is entirely, or at least mostly, true. It is just framed to fit a narrative that benefits the propagandist.

— thaddeus e. grugq (@thegrugq) April 16, 2019

Disinformation is particularly hard to stop because ultimately it’s based on facts, albeit a very skewed version of the facts. Cybersecurity expert The Grugq tweeted, “The insidious idea that ‘fake news’ is just fiction masquerading as news is really dangerous. Real disinformation is entirely, or at least mostly, true. It is just framed to fit a narrative that benefits the propagandist.”

While it’s good that federal government agencies are taking a hand in combating election disinformation, Breuer says that it’s crucial for states, counties, and cities to get involved before disinformation narratives start to spread in order to stop them.

In the case of absentee ballot disinformation, he says, states can play an important role in protecting the public that social media platforms never will be able to match because “it’s directly counter to their business model.”

“What the states should do is produce public service messages explaining how mail-in votes are protected against fraud, how they’re tabulated, and why they’re secure,” Breuer says. “In many cases, the reason these things happen is because nobody puts out good information ahead of time. States should be sharing factual information 180 days beforehand. That way you can vaccinate people against some of the more bombastic information campaigns.”

The fight to secure election systems is harder in many ways because it requires a significant influx of money from the federal government, says MacAlpine. Along with advocating for paper ballots and risk-limiting audits at the local and state levels, she says, it’s important for voters to cast their ballots as early as possible. 

“Fraud is easier to detect when more people vote. Vote as early as you can. You flatten the curve when you send in your mail-in ballot,” she says. 

Voting technology and security expert Ben Adida, the founder of VotingWorks, the only nonprofit election equipment vendor in the U.S., says that election technology needs an overhaul. He wants to see “simpler” voting systems that are easier to operate and less prone to failure. There needs to be “more affordable equipment so counties can update more regularly and get rid of outdated, insecure older systems,” he says. 

Perhaps the most challenging complication when improving election security is voters face threats unlike any other. 

“The most important thing to understand is that the voting threat model is absolutely unique. It's not like banking, health data, the military, or anything else we consider high security. We need the loser to be convinced of the result, we need the public to be confident their vote was counted, and we need individual ballot secrecy. It's incredibly demanding,” Adida says.