ABC News: Yes, It's Possible to Hack the Election
Yes, It's Possible to Hack the Election
By RICHARD CLARKE NEWS ANALYSIS — Aug 19, 2016, 10:25 AM
ET
After reports of alleged Russian hacking into Democratic
Party computer networks, some commentators have suggested that the Russians
could hack the results of the U.S. elections. Other analysts have, well before
this year’s campaign, suggested that election results in the U.S. could be
electronically manipulated, including by our fellow Americans. So could an
American election’s outcome be altered by a malicious actor on a computer
keyboard?
I have had three jobs that, together, taught me at least
one thing: If it’s a computer, it can be hacked. For Presidents Bill Clinton
and George W. Bush, I served as the White House senior cybersecurity policy
adviser. For President Barack Obama, I served on his five-person post–Edward
Snowden investigative group on the National Security Agency, intelligence and
technology. And for over a decade I have advised American corporations on
cybersecurity.
Those experiences confirm my belief that if sophisticated
hackers want to get into any computer or electronic device, even one that is
not connected to the internet, they can do so.
The U.S., according to media reports, hacked in to the
Iranian nuclear centrifuge control system even though the entire system was
air-gapped from the internet. The Russians, according to authoritative
accounts, hacked into the Pentagon’s SIPRNet, a secret-level system separate
from the internet. North Koreans, computer forensics experts have told me,
penetrated SWIFT, the international banking exchange system. Iranians allegedly
wiped clean all software on over 30,000 devices in the Aramco oil company. The
White House, the State Department and your local fast food joint have all been
hacked. Need I go on?
Now consider that a majority of states use some kind of
combination of electronic voting and a type of paper trail, but there is no
standard nationwide. In most states the data that are used to determine who won
an election are processed by networked, computerized devices. There are almost
no locations that exclusively use paper ballots. Some states allow direct from
home voting over the internet. Others employ electronic voting machines that
produce no paper trail, therefore there is nothing to count or recount and no
way to ensure that what a voter intended is what was recorded and transmitted.
Some systems produce a paper ballot of record, but that
paper is kept only for a recount; votes are recorded by a machine such as an
optical scanner and then stored as electronic digits. The counting of the paper
ballots of record — when there are such things — is exceedingly rare and is
almost never done for verification in the absence of a recount demand.
The verification systems in place in most states can
check only two things well. First, they can provide a basis for comparing the
number of people who showed up and were allowed to vote at a location with the
voter total reported at the end of the day by that precinct. Second, they can
compare the total votes for a candidate reported by each precinct to the state
capital against the number that the capital says it received from each
location.
What they cannot verify without counting paper ballots
(if they exist at all) is that your vote for Candidate A showed up in the
electronic device tabulating the totals as a vote for Candidate A. The process
of recording which person got your vote can — almost always — be hacked.
The ways to hack the election are straightforward and are
only slight variants of computer system attacks that we see every day in the
private sector and on government networks in the U.S. and elsewhere around the
world. Malware can be implanted on voting machines. Almost none of these
machines have any kind of malware detection software like those used at major
corporations and government agencies. Even if they did, many of those
cybersecurity tools are regularly defeated by today’s sophisticated hackers.
At this year's Black Hat cybersecurity conference, the
cybersecurity firm Symtantec had a voting booth to demonstrate the various ways
to trick the system.
In America’s often close elections, a little manipulation
could go a long way.
In 2000 and 2004, there were only a handful of
battleground states that determined which presidential candidate had enough
Electoral College votes to win. A slight alteration of the vote in some swing
precincts in swing states might not raise suspicion. Smart malware can be
programmed to switch only a small percentage of votes from what the voters
intended. That may be all that is needed, and that malware can also be
programmed to erase itself after it does its job, so there might be no trace it
ever happened.
I have to emphasize that we have no evidence that such
hacking has ever taken place in the U.S. or that it is about to occur. What we
do know is that it could happen. There is nothing to stop it from happening in
many parts of the country, and there is not even an effort to see if it is
happening.
It does not have to be this way. Congress could create
voting security standards for the election of its members and of the president.
It has not done so, leaving it instead to the states to protect the integrity
of the democratic process.
Minimal election security standards could be simply
stated: 1) No vote recording machine shall be connected electronically to any
network — including but not limited to local area networks (LANs), Wi-Fi, the
internet and virtual private networks (VPNs). 2) Every voting machine must
create a paper copy of each vote recorded, and those paper copies must be kept
secured for at least a year. 3) A verification audit by sampling shall be
conducted within 90 days on a statistically significant level by professional
auditors to compare the paper ballots of record with the results recorded and
reported.
There are other things that would be nice to have to
provide additional levels of assurance. One of the best ideas is that the software
used to run voting machines be restricted to open source applications, whose
code could be publicly examined. Another proposal that makes sense is that
voting machines be required to run a certified malware detection software
application before, during and after the voting process.
Some states will, of course, say that there is no risk
justifying these proposals. (Many of the states that will claim this will be
the same states that passed voter ID fraud laws although there was no evidence
of any significant voter fraud.) They will claim that it is not the federal
government’s job to regulate the democratic election of federal officials.
Finally, many states will protest that verifying our democratic processes would
be too expensive for them. That last complaint could be answered by Congress’
paying for its own elections and for the president’s.
If someone makes the charge after this election that the
results were altered by hackers, our country has almost no way of credibly
refuting that claim. Thus American voters will have no way to know if they can
trust the results of the election, unless it is a landslide, so large that it
seems unlikely that the winning margin was purely the result of malicious
activity.
In any close election, because we have not done the
simple things that could protect the integrity of our democratic process, there
will be room for doubt.
Comments
Post a Comment