Modern field guide to security and privacy

Can the vote really be hacked? Here's what you need to know

The Democratic National Committee breach and FBI warnings of hackers tampering with election boards has some officials on edge. But simple fixes could further safeguard the vote.

Lucy Nicholson/Reuters
The prototype of a new touchscreen voting machine is seen at the office of the Registrar-Recorder/County Clerk in Norwalk, California.

Recent cyberattacks on state voter databases and the Democratic National Committee are raising fresh concerns that hackers could manipulate the upcoming presidential election.

In Washington on Tuesday, Rep. Barry Loudermilk (R) of Georgia said, "Rightly, we should be concerned about the integrity of our election system," during a congressional hearing in which lawmakers quizzed officials about the potential flaws at US polls. 

Indeed, the DNC hack and data dump, which cybersecurity experts and unnamed US officials have blamed on Russian operatives, and the recent FBI warning that unknown hackers tampered with state board of elections in Illinois and Arizona have surfaced troubling questions about the mechanics and processes that underpin American democracy.  

But should Americans really be concerned that hackers could tamper with – or even tip – the upcoming presidential vote? And if that's even possible, what are the precautions that election officials and law enforcement are taking to protect the vote?

"When people hear how the Russians have infiltrated political parties or state election sites, they immediately jump to, 'Oh, they can flip votes and change the result of an election,' " said Lawrence Norden, deputy director of the Democracy Program at New York University’s Brennan Center for Justice.

That's much easier said than done, said Mr. Norden. State boards of elections and law enforcement officials are working to protect the vote, and election officials do have measures in place to safeguard elections. For instance, the Department of Homeland Security said it will monitor closely for suspected breaches on voting systems and work with election boards to bolster their security. 

Still, according to Norden and other experts, more needs to be done. Here's a closer look at potential problems at today's ballot box and some solutions to harden the vote against hackers. 

Why are officials and politicians worried this year?

There are two sets of concerns – one pertaining to online voter registration systems and the other to the equipment that voters will use to cast their ballots in November.

The attacks on voter databases in Illinois, Arizona, and potentially other states highlight vulnerabilities in some online voter registration systems, says Pamela Smith, president of election watchdog group Verified Voting.

The incidents underscore the need for election officials to scan their systems for flaws, implement proper security controls, and to maintain up-to-date master files of voter records that are separate from the public facing online system, said Ms. Smith.

Formal ballot accounting and reconciliation procedures for all ballots and votes on election day can help spot discrepancies, Smith added.

States should also take advantage of the help being offered by the DHS and the FBI, she said.

According to Norden, even with the extra help, election officials must still ramp up security around online voter registration systems and on the actual equipment that Americans use to cast their ballots in November 

According to him, this includes measures like pre-election testing of all equipment, adequate physical security measures for preventing unauthorized access, maintaining a chain of custody for voter records, and introducing contingency measures in case of equipment failures.

Paperless voting 

Unlike online voter registration systems though, the actual machines that voters will use to cast their ballots are standalone systems that are not connected to the Internet. That means the chances of foreign hackers somehow breaking into them and flipping votes are remote.

The concerns with voting equipment have to do with other issues. Over the past few years, almost all states have moved to using paper ballots or electronic voting systems that maintain a verifiable paper audit trail of the ballots, said Smith.

However, five states – South Carolina, Georgia, Louisiana, Delaware, and New Jersey – will use completely paperless voting systems. Other states – including Pennsylvania, Virginia, Kentucky, and Tennessee – will use a combination of paper ballots and paperless voting systems, depending on the county.

The concern with paperless systems is that it is harder to prove with absolute certainty that votes were recorded as cast. Paperless systems do not offer the same solid audit trail that a paper ballot does.

"It is likely that all those systems are working just fine. But what we would like to see is that every jurisdiction can prove they are working just fine," in a voter verifiable fashion, said Smith.

According to Norden of New York University, a paper trail also provides an added level of confidence for voters. "A paper record is really important because of all the talk about rigged elections and Russian potentially interfering in the election process."

Outdated machines

Rapidly aging machines are another concern for the Brennan Center of Justice, which issued a report last September estimating that 43 states will use equipment that will be least 10 years old this November. That number has only marginally improved since the report was released, says Norden.

In 13 states, a majority of the machines will be at least 15 years old. "As machines get older, they are more likely to fail. That is the rule of all mechanical device," he said

Nearly every state, according to the Brennan Center, has at least some machines that are no longer manufactured. That means, if something goes wrong, election officials might have trouble finding replacement parts.

Older machines can also have serious security and reliability issues, the Brennan Institute says. Virginia, for instance, decertified almost a quarter of its voting systems last year because of a vulnerable wireless feature that would have let attackers compromise the systems, Brennan Center’s report noted.

"Newer machines are more secure for a few reasons," Norden says. They go through much more testing than they did a decade ago and use better more secure components.

The Institute for Critical Infrastructure Technology released a report this month warning that many electronic voting machines are so riddled with vulnerabilities that almost anyone with rudimentary technical skills could break into them in order to corrupt voting results.

"The systems are shockingly vulnerable at the cyber and physical levels, and have been vulnerable for over a decade," says James Scott, author of the ICIT report. "The Electronic Voting sector suffers from little oversight, lax regulation [and] poor cyberhygiene."

What's this I hear about internet voting?

Several states also allow voters to cast their ballot over the internet. That could be a major problem. According to the Electronic Privacy Information Center, votes cast over the open internet can be intercepted and subverted.

The nonprofit organization Verified Voting and other watchdogs define internet voting as a system in which a voter returns his or her completed ballots via email, transmits it through a web portal, or submits a facsimile of a paper ballot over the internet. Even many of the states where this takes place warn voters that casting votes in this manner is risky.

Thirty-one states allow internet voting but most restrict it to military and overseas residents or citizens with disabilities. Many also require voters to mail in paper ballots separately. Only Alaska allows for any registered voter to ask for and submit ballots electronically.

Where can I find out what system my county uses?

Verified Voting has a detailed breakdown of the polling place and early voting equipment that will be used in each county in each state in the upcoming November elections. Simply select your state and county from the interactive map on Verified Voting’s website to see what equipment you will be using and how to use it.


You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to

QR Code to Can the vote really be hacked? Here's what you need to know
Read this article in
QR Code to Subscription page
Start your subscription today