- September 30, 2016
- Posted by: Kerry Tomlinson, Archer News
- Categories: Archer News, Cyber Crime, Cyberattack, Data Breach, Hacking, Power Grid
Survey shows some people are so afraid of hackers that they might not even turn out to vote.
Look online, and you’ll see some voters saying they’re voting out of fear this year.
But a new survey shows fear could also keep some people at home on Election Day—not a fear of the candidates, but of hackers messing with their vote.
Cybersecurity firm Carbon Black reported that its September survey of 700 people shows 56% are concerned the election will be hacked.
On top of that, seven percent say they’re so concerned about their voting data security that they’re considering not voting at all, according to the survey.
Seven percent might not sound like much. But the report points out that could translate to 15 million votes, if the survey represents the true feelings of American voters.
“If voters lose trust in the voting process, our democracy may be at risk,” Carbon Black’s report said.
Will the election be hacked?
Archer News’ own informal survey on social media also shows some concern over an election hack.
Hackers have already stolen secrets from the Democratic National Committee, as well as high-profile political figures like Colin Powell.
They’ve cracked voters’ databases in Illinois and Arizona.
And a Department of Homeland Security official has confirmed new information—voter database hack attempts in more than 20 states, NBC News reported Thursday. Four state systems in all were breached, according to ABC News.
Will the election be next?
“Yes! I think some will try to hack it,” wrote voter Nick Nickelson on Facebook. “Very sad what has been going on this past year. We need to get out and vote!”
Others say no.
“I think in this day and age too many different groups will be monitoring the election very carefully,” tweeted voter Randall Ross.
Archer News checked in with cybersecurity experts—will cyber invaders be able to get past defenses to hack the vote?
“Anything running a complex set of code is susceptible to be hacked, including the systems supporting the upcoming presidential election,” said Travis Smith with Portland-based cybersecurity company Tripwire.
“What is important to remember is that the attack surface for the presidential election is enormous,” Smith added. “The voting machines can be hacked, and may already have been, to favor a particular candidate over another.”
Smith said hackers might also try an indirect assault.
“Another option is to target the underlying systems which support the election machines, such as the power grid supporting certain areas of a key election state,” Smith said. “It’s possible that by bringing the power offline in a certain county, election offices would have to revert to paper ballots.”
“This could slow down the election process, creating long lines, and in theory prevent voters for a particular candidate from voting at all,” he said.
But other experts have a different answer to the question, “Could the presidential election be hacked?”
“Not really,” said Bob Bigman, former chief information security officer for the Central Intelligence Agency and founder of cybersecurity company 2BSecure near Washington, D.C.
“The actual voting machines are—with the exception of three to four states—still all manual infrastructure that may be electronically connected within each voting center, BUT are not part of a larger state or federal voting collection/tabulation network,” he said.
“Show up at your local voting center and don’t worry,” Bigman advised.
Still, Bigman foresees trouble if future voting systems become more automated.
“Well, it will eventually become fully automated and you will—eventually—be able to cast your vote from the browser on your favorite PC or smart device,” he said. “This is a recipe for disaster.”
Voting from your phone might seem convenient. But it might also be convenient for a cyber intruder.
“I say never do it because chances are it will indeed be subject to ‘hacks’ or DDoS [distributed denial of service] attacks,” Bigman said. “If they do head in this direction, then they will still need some type of out-of-band user authentication technique to ensure the identity of the voter.”
National experts testified at a congressional hearing this week that a cyber attack would not affect the November election, in part because the machines are older, reported CNET.
Another reason, they said—hundreds of counties use their own rules and voting machines, so it would be hard for a hacker to have a big impact on the vote.
“There is no national system that a hacker or a bad actor can infiltrate to affect the American elections as a whole,” said Thomas Hicks, chairman of the U.S. Election Assistance Commission
State elections officials say they are testing voting system security, and at least 18 states have asked for cybersecurity help from DHS.
The vote itself is safe, officials say. But what about voter registration—could the bad guys delete your name before you can vote?
“Deleting an entire precinct of voters—that’s absolutely possible,” former Virginia deputy chief information security officer Cathie Brown told CNN. “The grander the scope, the more likely they’ll get caught. But they might not get caught until after they’ve done the damage.”
Hackers have already left a mark on this year’s presidential race.
“While a presidential hack may be focused solely on attacking voting machines to favor a particular candidate, I would argue that the presidential election has already been hacked,” said Smith.
“Both the Republican and Democratic organizations have been hacked in recent weeks,” he explained. “Confidential information has already been leaked to the public, which has the potential to sway voters toward a particular candidate.”
Even if no one actually hacks the vote, one or both of the candidates could claim the election was hacked, simply because they disagree with the results.
The losing side—and its supporters—could say they don’t trust the count and refuse to concede, perhaps even taking the issue to court.
This kind of “hack” could keep the election going for months to come.
For some, that scenario is scarier than a real cyber attack on the vote.
“This is just the weirdest year ever,” wrote voter Charlotte Cherzan, who participated in the Archer News poll. “I wish we had better choices.”