http://www.defenseone.com/technology/2016/09/5-steps-make-us-elections-less-hackable/131242/?oref=d-topstory
By Patrick Tucker
As shadowy actors work to hack U.S. elections, a few simple steps could make electronic voting more secure, says one expert.
Voting machine vulnerabilities go well beyond what most voters know, warns Dan Zimmerman, a computer scientist who specializes in election information technology. There probably is not time to fix all of those vulnerabilities by November. But there are still things election officials could do to reduce the hack-ability of the U.S. presidential election. Here are his five steps for making the U.S. election less hackable.
1. More federal oversight (and not just on Election Day)
This week’s report sophisticated actors in Russia trying to penetrate voter databases sounded alarm bells about the U.S. election being hacked.
Zimmerman, who works with Free & Fair, a company that provides election-related IT services, says that because most electronic voting machines are not connected to the internet, the threat of remote hacking from Russia is small. The machines are far from secure, however.
“I haven’t observed anything in particular that would make me think somebody is developing some new attack against these machines. Some of these machines were so terribly easy to attack in the first place, essentially, my concern is that some of these machines have been designed in way such that somebody with an eighth-grade level of knowledge of computer science and a little bit of time could hack them.”
It’s an issue that’s been around for years, but lawmakers haven’t done much about it. Bottom line, there’s no federal standard for physical security around voting machines and that makes them very vulnerable. “They could be in a broom closet in a city clerk’s office. There is no federal level oversight other than there is something called the Election Assistance Commission, or EAC. The EAC was established in the early 2000s, basically as a response to the 2000 debacle, and has until recently effectively been a joke,” he says.
The first step could be more federal oversight of how voting machines are stored when not in use, complete with remote monitoring via cameras and other means.
2. Change laws to allow researchers to investigate voting machines
To protect against bugs or vulnerabilities researchers need to be able to investigate the machines for design flaws in code, but that means researchers poking around in code that is deemed proprietary under the Digital Millennium Copyright Act. Zimmerman calls the act “the blanket legislation that companies hide behind when they want to hide their source code.” Some recent exemptions exist for research into voting machines, but they are too recent and too few to have an impact in this election, says Zimmerman.
“Understandably academic and other interested parties are reluctant to do this sort of work in large numbers because of the threat of being sued into oblivion is pretty compelling,” he said.
3. Fix certification
The small handful of certification laboratories in the U.S. for electronic voting machines are not running serious cyber tests, says Zimmerman. “The level of testing that they do is not really sufficient to ensure that there aren’t any vulnerabilities in the voting machines. They will take a voting machine and they will test it to make sure that it counts votes correctly under their laboratory conditions. They will test it to make sure that it functions at different temperatures, that it can run for a certain amount of time on battery power, that the screen operates properly within certain tolerances.”
It’s not exactly Russia proofing.
4. Get a paper trail
If an electronic voting machine doesn’t print out a paper receipt then there’s just no way to be certain that the machine or the results have not been tampered with. Regardless, many states and jurisdictions, including certain parts swing states such as Pennsylvania and Florida don’t require voting machines to have a paper trail, according to data compiled by Verified Voter. Having a printed record allows for what Zimmerman calls a risk-limiting audit. After the votes are in, officials doing such an audit match a small random sample of printed receipts with what’s in the machines, since each ballot has a number.
“It’s been done Colorado, California, a couple of other places to very good effect. It’s quite an affordable thing to do for election officials,” says Zimmerman.
5. When all else fails send in a strike force
This year’s presidential election presents, if not a high likelihood of voter fraud and disenfranchisement, certainly a high chance of those allegations. In jurisdictions or polling places where vote tampering is suspected, Zimmerman recommends the rapid deployment of what he calls an Election Strike Force, a group of technical experts capable of solving problems and answering questions before the angry masses resort to chair throwing. “Think about the way that FEMA responds to natural disasters, only in this case it’s responding to electoral disasters. If there is a jurisdiction where something goes wrong with the machines, or where you have reason to believe that something is going wrong with the machines, there would be a team of cybersecurity experts,” he says.
Of course, before you can make electronic voting more secure, you first have to admit it’s less than secure right now. Not every state is excited to allow in the feds to help with electronic voting. As Nextgov reported recently, Georgia recently rejected an offer from the Department of Homeland Security to help secure the state’s voting machines.
Patrick Tucker is technology editor for Defense One. He’s also the author of The Naked Future: What Happens in a World That Anticipates Your Every Move? (Current, 2014). Previously, Tucker was deputy editor for The Futurist for nine years. Tucker has written about emerging technology in Slate, The ... Full bio
By Patrick Tucker
As shadowy actors work to hack U.S. elections, a few simple steps could make electronic voting more secure, says one expert.
Voting machine vulnerabilities go well beyond what most voters know, warns Dan Zimmerman, a computer scientist who specializes in election information technology. There probably is not time to fix all of those vulnerabilities by November. But there are still things election officials could do to reduce the hack-ability of the U.S. presidential election. Here are his five steps for making the U.S. election less hackable.
1. More federal oversight (and not just on Election Day)
This week’s report sophisticated actors in Russia trying to penetrate voter databases sounded alarm bells about the U.S. election being hacked.
Zimmerman, who works with Free & Fair, a company that provides election-related IT services, says that because most electronic voting machines are not connected to the internet, the threat of remote hacking from Russia is small. The machines are far from secure, however.
“I haven’t observed anything in particular that would make me think somebody is developing some new attack against these machines. Some of these machines were so terribly easy to attack in the first place, essentially, my concern is that some of these machines have been designed in way such that somebody with an eighth-grade level of knowledge of computer science and a little bit of time could hack them.”
It’s an issue that’s been around for years, but lawmakers haven’t done much about it. Bottom line, there’s no federal standard for physical security around voting machines and that makes them very vulnerable. “They could be in a broom closet in a city clerk’s office. There is no federal level oversight other than there is something called the Election Assistance Commission, or EAC. The EAC was established in the early 2000s, basically as a response to the 2000 debacle, and has until recently effectively been a joke,” he says.
The first step could be more federal oversight of how voting machines are stored when not in use, complete with remote monitoring via cameras and other means.
2. Change laws to allow researchers to investigate voting machines
To protect against bugs or vulnerabilities researchers need to be able to investigate the machines for design flaws in code, but that means researchers poking around in code that is deemed proprietary under the Digital Millennium Copyright Act. Zimmerman calls the act “the blanket legislation that companies hide behind when they want to hide their source code.” Some recent exemptions exist for research into voting machines, but they are too recent and too few to have an impact in this election, says Zimmerman.
“Understandably academic and other interested parties are reluctant to do this sort of work in large numbers because of the threat of being sued into oblivion is pretty compelling,” he said.
3. Fix certification
The small handful of certification laboratories in the U.S. for electronic voting machines are not running serious cyber tests, says Zimmerman. “The level of testing that they do is not really sufficient to ensure that there aren’t any vulnerabilities in the voting machines. They will take a voting machine and they will test it to make sure that it counts votes correctly under their laboratory conditions. They will test it to make sure that it functions at different temperatures, that it can run for a certain amount of time on battery power, that the screen operates properly within certain tolerances.”
It’s not exactly Russia proofing.
4. Get a paper trail
If an electronic voting machine doesn’t print out a paper receipt then there’s just no way to be certain that the machine or the results have not been tampered with. Regardless, many states and jurisdictions, including certain parts swing states such as Pennsylvania and Florida don’t require voting machines to have a paper trail, according to data compiled by Verified Voter. Having a printed record allows for what Zimmerman calls a risk-limiting audit. After the votes are in, officials doing such an audit match a small random sample of printed receipts with what’s in the machines, since each ballot has a number.
“It’s been done Colorado, California, a couple of other places to very good effect. It’s quite an affordable thing to do for election officials,” says Zimmerman.
5. When all else fails send in a strike force
This year’s presidential election presents, if not a high likelihood of voter fraud and disenfranchisement, certainly a high chance of those allegations. In jurisdictions or polling places where vote tampering is suspected, Zimmerman recommends the rapid deployment of what he calls an Election Strike Force, a group of technical experts capable of solving problems and answering questions before the angry masses resort to chair throwing. “Think about the way that FEMA responds to natural disasters, only in this case it’s responding to electoral disasters. If there is a jurisdiction where something goes wrong with the machines, or where you have reason to believe that something is going wrong with the machines, there would be a team of cybersecurity experts,” he says.
Of course, before you can make electronic voting more secure, you first have to admit it’s less than secure right now. Not every state is excited to allow in the feds to help with electronic voting. As Nextgov reported recently, Georgia recently rejected an offer from the Department of Homeland Security to help secure the state’s voting machines.
Patrick Tucker is technology editor for Defense One. He’s also the author of The Naked Future: What Happens in a World That Anticipates Your Every Move? (Current, 2014). Previously, Tucker was deputy editor for The Futurist for nine years. Tucker has written about emerging technology in Slate, The ... Full bio
No comments:
Post a Comment