We are one month away from Election Day. In recent weeks, election security has taken center stage in the media. This is a good thing. Awareness and education are important. Now, this awareness must be directly tied to action.
There are plenty of risks and doubt surrounding election security. The good news is that there are paths forward to help mitigate risks and re-establish trust with voters around the use of electronic voting machines and election systems.
Most importantly, our leaders and the manufacturers of these voting machines need to be reminded that they are
computers – very powerful machines. In today’s connected world, computers can easily be manipulated without the proper security measures.
Security concerns are not solely about an attacker compromising individual voting machines. They also include supply-chain risk. Many of our government processes rely on digital systems. At any point during election processes, an attacker can find a weakness and potentially change a vote, modify the party that the candidates represent, and more.
Our failure to secure these digital systems is placing our democracy at risk. We must consider the vulnerabilities at every stage: from the parts used in the manufacturing of electronic voting machines, to their manufacturing, delivery, storage, operation, and verification.
Here are four security recommendations to consider leading up to Election Day:
Hardened Machines, Systems and Processes with Continuous Monitoring
Electronic voting machines should be fixed-function, single-use devices. They should not have the capability to run new applications, connect to the Internet, or install updates. If the underlying operating system allows for different applications to execute, security software that prevents this and enforces policies must be used. Additionally,
continuous monitoring of the operation and health of machines, systems and databases needs to occur, as well as the inspection of what is occurring on the systems and what is being transmitted in order to look for anomalies. Voting machines should be given to non-partisan review boards to analyze and ensure that they were not tampered with and function as expected.
Verifiable Paper Audit Trail / Transparency
All electronic voting machines and processes must have a verifiable paper trail that should be fully auditable, both with operations (i.e. placing and tallying of votes) and of the underlying software and hardware components used. The types of machines, the versions, the vendors, and vendor political affiliations and contributions should be publicly posted in polling stations. Where applicable, alternatives to electronic votin should be provided at each polling station. Legislation should continue to pursue the safest alternatives to electronic voting.
Encryption of the database and tallied results should occur with a central commission holding the decryption keys. There should be auditing of transmission and decryption of the results, maintaining a forensically sound chain of custody.
There should be no network connectivity for any voting machine. If the system must be connected to other devices or the Internet, it should be a single, always-on virtual private network that routes all communications through a central hub over an encrypted connection.
With Election Day fast-approaching, we can work to mitigate the risks inherent in the current systems. Beyond November, we suggest that states take a hard look at the systems they are using. We hope they go back to the drawing board with security top of mind. We, of course, highly recommend that every eligible voter still vote and encourage the use of paper (or absentee) ballots whenever possible.