Ed Andrieski/AP
Kelly Raab (l.) and other voters cast their votes in Tuesday's presidential election on the last day of early voting in Colorado at the Arapahoe County Elections Facility on Friday.

Could computer hackers disrupt the US election? It’s happened in other countries.

Hackers have targeted elections in Mexico, Canada, Russia, and South Korea. Experts warn that it could happen in the US, causing temporary disruptions and perhaps delaying election results.

Will the US need to defend its right to vote from Internet hackers on Tuesday? If the experience of neighboring countries is any indication, the answer could be “yes.”

Already this year, Mexico and the Dominican Republic have both fended off cyberattacks on their national elections by the hacktivist group Anonymous. In Canada in March, the National Democratic Party had its party elections disrupted. Cyberattacks in the past year have also hit national elections in Russia, Ukraine, and South Korea.

To be sure, such attacks do not necessarily translate to the US election system. For all its flaws, US states still rely primarily on voting systems that utilize paper ballots or other paper backup systems that can be re-counted or audited to confirm votes. Yet the threat of even a temporary disruption or manipulation of electoral websites run by county and state officials if it affects perceptions of the vote outcome – even if it did not affect the actual results – remains a worry, cybersecurity experts warn.

RECOMMENDED: Top 5 most expensive data breaches

Last year a video appeared on YouTube claiming that Anonymous would target this year's presidential primaries and possibly the election itself. While some quickly dubbed the video a hoax, cybersecurity professionals aren't immediately dismissing the threat.

"These [hacker] attacks on elections are becoming quite an epidemic actually," says Carlos Morales, vice president of Global Sales Engineering and Operations for Arbor Networks, whose team worked with the Mexican Instituto Federal Electoral to soften the blow from attacking hacktivists.

During Mexico's federal election, hackers claiming to be part of the Anonymous online collective bombarded the Federal Electoral Institute (IFE) website that tallies votes with a distributed denial of service (DDoS) attack – which shoots data from myriad computers to make it hard to block the attempt to clog the Internet pipes at the target site.

Not only that, faked images were planted that appeared to show vote tallies being manipulated. In the Dominican Republic, the hacktivist group Anonymous Dominicana threatened a DDoS attack on Junta Central Electoral, the central election authority to disrupt the vote count and cast doubt on the validity of the election.

In both cases, the hacktivists failed mainly because both nations took action ahead of the vote to put in place systems that could deal with the electronic bombardment.

"Attacked, yes; damaged or disabled, not at all," said René Miranda, IFE’s chief information officer, as reported in a Mexican cybersecurity magazine.

One wild card in the United States, however, that could be directly affected by DDoS style attacks – the simplest, cheapest, and most anonymous kind of attack – is the rise of Internet-based voting. At present, some 32 states make online voting available to some 3 million registered voters, including military personnel and citizens abroad, according to the Carlsbad, Calif.-based group Verified Voting, which tracks voting technology.

Six of the states with Internet voting place some security restrictions on how completed ballots can be returned, while 24 others permit electronic votes to be returned "without restrictions," running the risk of ballots being intercepted and altered, the study says.

A DDoS attack that blocked a vote server on Election Day could have the effect of nullifying thousands of votes. Even though the votes would arrive by e-mail eventually, it would be a question whether state officials allowed them to be counted.

"There's going to be many more votes this year cast by Internet – we just don't know how many," says David Jefferson, a cybersecurity researcher at Lawrence Livermore Laboratory. "There is a question about what happens to those who might send in their ballot on the last day, but find that the vote servers are under a DDoS attack that lasts through closing of the polls – blocking their vote."

It's probable the vote would be delivered eventually, he says, but too late. So then the question is whether the vote would be counted. Certainly there would be strong pressure to do so – especially if the votes were from military personnel overseas – regardless of legal rules about the timing of delivered votes, he says.

There's also the possibility that website data could be manipulated by hackers.

"That would be embarrassing and cause conspiracy theorists or even honest people who don't understand the technology to worry about the actual counts," Dr. Jefferson says. "But that should not affect in any fundamental way the vote count."

Internet voting company officials say threats to the voting systems are overblown.

"We take security issues extremely seriously," Lori Steele, chief executive officer of Everyone Counts, a San Diego-based Internet voting company that provides services in Colorado, Utah, Washington, Florida, and Illinois told the Monitor in a July interview. "We use military-grade encryption and feel ours is the highest-level security of any voting system, including when you compare systems like mail or polling stations."

Others discount the Anonymous video on YouTube entirely and say while there may be a latent desire by hackers affiliated with Anonymous to do some harm to the US election, there's not much evidence that anything is cooking, say close observers.

"There's been nothing credible in the way of a plan emerging," says Gregg Housh, an unofficial spokesman for Anonymous, a loosely knit collective of hackers who have come to the defense of WikiLeaks and its embattled founder, Julian Assange. "Lots of people have said things like, 'I wish this [hacking the US election] could be done,’ but no actual credible threats exist that I've seen…. I would assume if something big does go wrong, though, that it will be blamed on Anonymous as usual."

RECOMMENDED: Top 5 most expensive data breaches

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to Could computer hackers disrupt the US election? It’s happened in other countries.
Read this article in
QR Code to Subscription page
Start your subscription today