Electoral cybersecurity started to receive nationwide interest after the 2016 election when hackers working for the Russian government launched a targeted influence campaign on Facebook and broke into systems at the Democratic National Committee.
One result has been a heavyweight bout in Las Vegas. In one corner you have the computer hackers, in the opposing corner, the makers of voting equipment. Who was the winner? It depends on who you ask.
The Defcon computer security conference in Las Vegas invited hackers to test the security of the machines used for voting in our elections. Event organizers believe this exercise can help prevent manipulation of our elections by uncovering weaknesses in voting machines so that voting machine vendors can then patch the flaws or allow states to upgrade to more secure platforms. Manufacturers of the machines believe the exercise won’t uncover any issues that would occur during a real election.
After just one day at the event, hackers at the Voting Machine Hacking Village had figured out how to switch out software, uncover plug-ins that shouldn’t have been working, and discovered other ways a nefarious actor could manipulate the vote. Their findings make clear the need for voting infrastructure to be adequately vetted and for the companies that sell voting machines to sacrifice profit margins to improve the security of their equipment.
Concern for the security of our elections is not isolated to Defcon.
Top intelligence officials in the Trump administration have warned that Russia is yet again engaging in a campaign to interfere and disrupt our elections. With the midterm elections quickly approaching in November, Congress has earmarked $380 million to pay for improved election infrastrucutre .
Unfortunately, even with the $380 million provided by Congress, most states will still lack the proper funding to implement the next steps towards delivering secure voting infrastructure. The Congressional funds, while better than nothing, are the result of an effort that began nearly two decades ago with the 2002 Help America Vote Act. The bill and funds appropriated were not designed to tackle election meddling and cyberthreats that we face today.
For the safety and security of our elections, more resources are desperately needed.