Skip to content ↓ | Skip to navigation ↓

Today, Americans everywhere cast their votes in town and state elections, either via visiting a polling station or by mailing in a ballot. In so doing, the American people every year reconstitute the democratic principles that underlay the United States and honor a way of voting that has lasted for centuries.

However, the Internet has revolutionized our society, and it could just as fundamentally change the way we vote.

Advocates point to online voting as a means of technologized direct democracy – a more all-encompassing means of democratic participation that could reinvigorate the American political system. To advance that claim, supporters cite other countries, including Canada, Estonia, France and Switzerland, which have already begun to use web-based voting. By bringing voting to the people – a reversal in the electoral process – these systems could potentially increase voter turnout if implemented in the United States.

But cybersecurity experts are skeptical. The Internet is full of security risks, the scale and nature of which would make any online voting system difficult to protect. From a security perspective, it is therefore not advisable that the US, or arguably any country, implements an e-voting system anytime soon.

Given today’s cyber threats, online voting may be just a pipe dream for various reasons.

Non-standardized Disenfranchisement

Aside from security issues, the logistics required to set up a functional Internet voting system inhibit the United States from doing so.

First is the issue of standardization. Dwayne Melancon, CTO of Tripwire, is well aware of this challenge: “Trying to get all of the states on the same page with regard to electronic voting is not a simple task. We’ve seen what a debacle that nationalized approach was for healthcare. How could it be much better for voting?”

Were localities and/or states to opt out of the system, certain features of our current voting system, such as absentee ballots, would become more difficult. As Mark Stanislav, Security Product Manager at Duo Security, points out, “Voting, unlike banking or e-commerce, would require a very intense level of coordination among federal, state and local governments to create, manage and implement a system that people would feel comfortable using.”

Online voting could also disenfranchise a number of voters in the United States. Tim Erlin, Director of IT Security and Risk Strategy for Tripwire, explains: “Moving elections primarily online, or even ‘by default’ online, disenfranchises a huge number of voters. As of August 2013, 30 percent of households in the US did not have broadband access at home, and you can bet those are households that are already under-represented in government.”

The federal government would need to compensate for this potential shortcoming, either by making in-person/mail-based voting still available or by investing in e-voting infrastructure. Either of these options, however, would be costly, says Stanislav, “There’s the practical sense that the investment of the entire infrastructure to handle traditional voting up until now would be worthless. And the investment to provide access to voters without computers could actually be a lot of money.”

Those costs of course do not include user education, especially for older demographics that might feel more comfortable voting in person, anyway.

A Lack of Trust

Bob Loihl, Principal Software Engineer at Tripwire, quickly identifies the root of the security problem: “I think this biggest challenge to online voting is trust – we don’t trust what we can’t see.”

Part of this has to do with online security more generally, as Erlin observes: “If we can’t secure our payment systems, for which there is a significant financial motivation to do so, then how can we expect the government to secure online elections?”

The government is, effectively, a non-profit organization, and US elections rely on a huge number of volunteers, adds Erlin. “It’s not a model that lends itself to moving online easily. When you couple that with the previous failures in electronic voting machines, it’s a long, long road to online voting.”

And then there’s the issue of electoral inconsistencies in traditional voting infrastructure, problems which could feasibly become worse if the United States started to host voting online.

Lori MacVittie, a Security Evangelist for F5 Networks, is keenly aware of this problem: “The reality is we haven’t solved the challenges for in-person voting, either, and adding technology to the mix stirs up fear and uncertainty about the validity of the electoral process. Conspiracy theories already abound regarding the ‘calibration errors’ popping up with technology-enhanced voting, and those systems are not connected in any way to each other or the Internet.”

Were those systems to be connected to the Internet, MacVittie goes on to say, people’s trust in the government and in the voting process would diminish, which could lead to social unrest and popular demonstrations against the government.

In either case, people are afraid of fraud. “The fear of voter fraud, spoofing, and other types of tampering rightfully make everyone hesitant to move to online voting too quickly,” says Melancon. “On the one hand, you could say that the current approach to voting is subject to bribery, extortion, and other types of fraud; even if that’s the case, the ability to spoof large numbers of votes in an electronic world is much easier.”

Voter fraud could exist in many forms online. It could take on its traditional form, such as dead relatives or pets filling out ballots. Or it could become the stuff of sophisticated cybercriminals using an online voting system to manipulate an entire country. “While financially motivated malware is the topic du-jour, election-stealing malware would be a boon to criminals of the more politically motivated variety,” said Erlin. “Why would China bother with DDoS attacks when it could malware their way into power? Given the breach detection gap we have now, what would happen if we found an election had been manipulated years into the winner’s term?”

Clearly, the variability and pervasiveness of fraud makes online voting in the United States improbable for the foreseeable future.

Security Awareness at Work

There are concrete security challenges to online voting. A 2004 prototype called Secure Electronic Registration and Voting Experiment (SERVE) was found to have easy-to-exploit vulnerabilities, such as the possibility that hackers could modify voters’ ballots or allow themselves to vote more than once. Instances in which actual online voting systems have been breached are not hard to come by, also. And even with seemingly functional online voting systems, such as Estonia’s, there are always multiple ways for cybercriminals and insiders to get in.

For these reasons and more, Gabriel Gumbs, Managing Director, Research and Products at WhiteHat Security, states, “My take on the lack of e-voting in the US is that it is based on a general lack of trust by Americans that the system would work.”

But that is not a bad thing. Perhaps online voting more than most other subjects brings out Americans’ security awareness, something which the National Cyber Security Awareness Month tried to capitalize on in October.

Or perhaps it appeals more to people’s sense of privacy. David Monahan, Senior Analyst at Enterprise Management Associates, asks: “How do we set up an online voting system that we can separate from normal Internet activities conducted anonymously? This goes against the idea of Internet anonymity.”

Some Americans may think about their online security only as a tangent to privacy and online voting, but any security awareness is better than none. And that’s something we can all get behind this Election Day.

Hacking Point of Sale
  • KrashTestDumby

    Excellent article! But it doesn't cover the biggest threats…

    Target's breach began with a phishing email to an HVAC contractor. Using the HVAC credentials, the hackers gained access to Target's network. Once they were in, they installed malware. Millions of user's data was compromised before the issue was discovered. Imagine an election where an issue(s) weren't discovered for weeks, months or years afterwards.

    What about the biggest threat, insider attacks? Especially in a presidential election, where a single swing state is all that needs to be hacked in order to change the outcome (think: Gore v. Bush, 2000, state of Florida). *** July 2014, CERT, US State of Cybercrime Survey:
    ► "Damage caused by insider attacks are more damaging than outsider attacks" (32% of respondents)
    ► Confidential records compromised or stolen: 76%

    One disgruntled system administrator could – and with their intimate knowledge of the system, cover-up – changing valid votes after being cast. Wouldn't that be fun?

    And you made one small error. "… would require a very intense level of coordination among federal, state and local governments…" The federal government doesn't hold elections of officials. Voting by "We the People" for officials are conducted exclusively by the states. In the case of presidential elections, the states chose members of their Electoral College through a state-wide voting process, and counting the 538 votes by the Electoral College when they elect our president doesn't really warrant a complicated voting operation.