Understanding the Election Process and Its Vulnerabilities to Cyber Attacks

Understanding the Election Process and Its Vulnerabilities to Cyber Attacks
Photo by Element5 Digital / Unsplash

The integrity of the election process is vital to the functioning of a democratic society. In the United States, the election process involves several stages, each with its unique set of vulnerabilities to cyber attacks. Understanding these stages and the associated risks is crucial for ensuring secure and reliable elections.

1. Voter Registration

Process: Voter registration is the first step in the election process where eligible citizens enroll to vote. This typically involves collecting personal information such as names, addresses, and identification numbers.

Risks:

  • Database Breaches: Cyber attackers can target voter registration databases to steal personal information, which can then be used for identity theft or to create chaos by altering or deleting voter information.
  • Ransomware Attacks: Hackers can deploy ransomware to lock election officials out of the registration database, potentially disrupting the entire voting process.

2. Voter Education and Information

Process: Election officials and organizations disseminate information about the voting process, polling locations, and candidate information.

Risks:

  • Disinformation Campaigns: Foreign or domestic actors can spread false information through social media and other platforms to mislead voters, suppress turnout, or discredit candidates.
  • Website Defacements: Hackers can deface official election websites to display false information or propaganda.

3. Voting Systems

Process: Voting can be conducted through various methods, including paper ballots, electronic voting machines, and mail-in ballots.

Risks:

  • Electronic Voting Machine Hacks: Voting machines can be hacked to alter vote counts. Demonstrations, such as those highlighted in the documentary "Kill Chain: The Cyber War on America's Elections," have shown how these machines can be vulnerable to tampering.
  • Ballot Tampering: Physical ballots can be intercepted and altered or destroyed.

4. Vote Transmission

Process: After votes are cast, they are transmitted to central locations for counting.

Risks:

  • Man-in-the-Middle Attacks: During transmission, vote data can be intercepted and altered by hackers.
  • Network Vulnerabilities: Insecure networks used to transmit votes can be targeted to disrupt the transmission process.

5. Vote Counting and Results Reporting

Process: Votes are counted, and results are compiled and reported to the public.

Risks:

  • Result Manipulation: Cyber attackers can target the systems used to count votes and compile results to alter the outcome.
  • Denial-of-Service Attacks: Attackers can launch DDoS attacks on websites reporting results to prevent the dissemination of information or to cast doubt on the integrity of the results.

6. Post-Election Audits and Certification

Process: Post-election audits and certification processes are conducted to verify the accuracy of the election results.

Risks:

  • Data Integrity: If the systems and data used in audits are compromised, the integrity of the entire election can be called into question.
  • Audit Process Interference: Hackers can disrupt the audit process through cyber attacks on the infrastructure used for certification.

Notable Cybersecurity Incidents

  • SolarWinds Breach: A sophisticated cyber-espionage campaign that infiltrated numerous government agencies, including those involved in the 2020 elections. The breach demonstrated the vulnerability of supply chains and the far-reaching impact of such attacks.
  • FireEye Breach: The theft of FireEye's Red Team tools by hackers underscored the risks of even well-defended cybersecurity firms being targeted, raising concerns about the potential misuse of these tools in attacking election systems.

Mitigating the Risks

To mitigate these risks, several measures can be implemented:

  • Enhanced Cyber Hygiene: Regular updates and patches for all systems, strong authentication mechanisms, and comprehensive monitoring can help protect against cyber threats.
  • Paper Ballots and Audits: Using paper ballots and conducting rigorous post-election audits can ensure the integrity of the voting process and provide a verifiable paper trail.
  • Public Awareness Campaigns: Educating the public about the risks of disinformation and how to identify reliable sources can help combat the impact of false information.
  • Collaboration and Support: Federal agencies like CISA provide resources, training, and support to state and local election officials to enhance their security posture.

Conclusion

Securing the election process is a multifaceted challenge that requires vigilance, technological safeguards, and public awareness. As cyber threats continue to evolve, so too must the strategies to protect the democratic process.

For more detailed information, visit the Wikipedia page on Electronic Voting in the United States.

The 2020 U.S. elections were notably marked by significant cybersecurity incidents, most prominently the SolarWinds and FireEye breaches. Here's a detailed look into these breaches and their implications:

SolarWinds Breach

  1. Overview: The SolarWinds breach, discovered in December 2020, involved a sophisticated cyber-espionage campaign that affected multiple U.S. federal agencies, including those responsible for overseeing the 2020 elections. The attack was attributed to a Russian APT group known as Cozy Bear (APT29), which is associated with Russia's SVR intelligence agency.
  2. Attack Method: The attackers infiltrated SolarWinds' software build system and inserted malicious code into the Orion software updates, which were then distributed to approximately 18,000 customers. This backdoor, known as SUNBURST, allowed attackers to gain access to networks of numerous organizations.
  3. Impact on Elections: While there is no evidence that the SolarWinds breach directly affected the voting infrastructure, the breach's timing and scale raised significant concerns about the overall security posture of critical infrastructure, including election systems. The incident underscored the potential risks of supply chain attacks on national security and public trust in electoral processes.

FireEye Breach

  1. Overview: Around the same time as the SolarWinds breach, FireEye, a leading cybersecurity firm, disclosed that it had been targeted by a highly sophisticated threat actor, believed to be the same Russian group behind the SolarWinds attack.
  2. Stolen Tools: The attackers managed to steal FireEye's proprietary Red Team tools, which are used to simulate cyberattacks and identify vulnerabilities in clients' systems. Although FireEye promptly released countermeasures to mitigate the risk of these tools being misused, the breach highlighted the increasing boldness and capability of state-sponsored hackers.
  3. Implications for Election Security: The breach of FireEye, a key player in election security, raised alarms about the possibility of these stolen tools being used to compromise election systems. It also demonstrated the attackers' ability to penetrate even the most secure and sophisticated cybersecurity defenses, raising concerns about the robustness of protections around election infrastructure.

Connection to 2020 Election Security

  1. Disinformation and Misinformation: Alongside these breaches, the 2020 elections were also plagued by disinformation and misinformation campaigns. These campaigns aimed to sow discord, undermine public confidence in the electoral process, and spread false narratives about the security and legitimacy of the elections.
  2. CISA's Role: The Cybersecurity and Infrastructure Security Agency (CISA) played a crucial role in defending against these threats. CISA provided guidance, resources, and support to election officials to help secure voting systems, mitigate cyber threats, and counteract misinformation.
  3. Post-Election Analysis: Despite the breaches and ongoing threats, multiple analyses and reports, including those by CISA and other federal agencies, confirmed that there was no evidence of any foreign actor changing vote tallies or otherwise compromising the integrity of the 2020 elections. The efforts to secure the elections were largely successful, but the incidents underscored the need for ongoing vigilance and improvements in cybersecurity practices.

Sources

These events highlight the critical importance of cybersecurity in protecting national infrastructure, including the integrity of democratic processes.

Kill Chain: The Cyber War on America's Elections

Is a documentary film released in 2020 that delves into the vulnerabilities of the American election system to cyberattacks. Directed by Simon Ardizzone, Russell Michaels, and Sarah Teale, and produced by HBO, the documentary provides a detailed examination of the various ways in which the electoral process in the United States can be compromised through cyber means.

Key Themes and Content

  1. Hacking Demonstrations:
    The film features numerous real-world hacking demonstrations by cybersecurity experts. It illustrates how easily voting machines and election infrastructure can be manipulated. The documentary aims to show that the integrity of the voting process can be compromised at multiple points, from voter registration databases to the actual voting machines used on election day.
  2. Expert Testimonies:
    The documentary includes interviews with a range of experts, including cybersecurity professionals, election officials, and former government officials. Notably, it features Harri Hursti, a Finnish hacker and cybersecurity expert, who demonstrates the vulnerabilities in various voting systems.
  3. Historical Context:
    "Kill Chain" provides a historical overview of election hacking, including the infamous hacking incidents of the 2016 U.S. presidential election. It highlights how foreign actors, particularly from Russia, have attempted to interfere with American elections through cyber means.
  4. Calls for Reform:
    The documentary argues for the urgent need for election reform in the U.S. to safeguard against cyber threats. It advocates for the use of paper ballots and other verifiable methods to ensure the accuracy and integrity of election results.
  5. Public Awareness:
    One of the primary goals of "Kill Chain" is to raise public awareness about the potential for cyberattacks on election systems and the importance of securing the democratic process against these threats.

Critical Reception

The documentary received generally positive reviews from critics, who praised it for its timely and important subject matter. It was noted for its thorough investigation and the urgency with which it presented the need for reform in the American electoral system.

Impact

"Kill Chain" has contributed to the ongoing discourse about election security in the United States, especially in the context of increasing concerns about foreign interference in elections. It has been used as a resource to educate policymakers, election officials, and the general public about the critical vulnerabilities in the current election infrastructure.

Further Information

For more details, you can visit the Wikipedia page on Kill Chain: The Cyber War on America's Elections.

2024 Election Enhancements CISA

The article discusses the efforts of the Cybersecurity and Infrastructure Security Agency (CISA) to enhance the security of the 2024 elections through the launch of the #Protect2024 initiative. This initiative provides state and local election officials with a comprehensive set of resources and tools aimed at addressing the growing cybersecurity and physical threats to election infrastructure.

Key components of the initiative include:

  1. #Protect2024 Webpage: This serves as a central hub for election officials, offering access to free resources, training, and security services to help manage risks to election systems and assets​ (CISA)​​ (CISA)​.
  2. Election Security Advisors: CISA has hired ten new advisors with extensive election experience to support local election offices. These advisors will provide tailored assistance and expertise to address the unique challenges faced by different jurisdictions​ (CISA)​​ (SecurityWeek)​.
  3. Cyber and Physical Security Assessments: Since the beginning of 2023, CISA has conducted over 340 cybersecurity assessments and 520 physical security assessments. These efforts are part of a broader strategy to enhance the security and resilience of the election infrastructure across the country​ (CISA)​.
  4. Addressing Misinformation: CISA is actively working to combat misinformation and disinformation, particularly those fueled by AI, which could undermine public confidence in the electoral process. This includes providing accurate information and resources to election officials and the public to counteract false narratives​ (CISA)​.
  5. Collaboration and Training: CISA collaborates with various federal, state, and local partners to provide training, conduct tabletop exercises, and share weekly vulnerability reports with election stakeholders to ensure they are prepared to mitigate potential threats​ (CISA)​.

For more detailed information, you can explore the official CISA resources and updates on their website.

Election officials push back against draft federal rule for reporting potential cyberattacks
A group of state election officials is urging the nation’s cybersecurity agency to revise a draft rule that would require election offices to disclose suspected cyberattacks to the federal government, casting the mandate as too burdensome on overworked local officials.

Election Hacking Attempts: Hart InterCivic, Dominion, and Smartmatic

Election technology providers like Hart InterCivic, Dominion Voting Systems, and Smartmatic have been targets of various hacking attempts and misinformation campaigns. Here is a detailed look at the incidents involving these companies and the broader implications for election security.

1. Hart InterCivic

Overview: Hart InterCivic is an American company that provides election management and voting systems. They supply hardware and software solutions for elections, including electronic voting machines and tabulation systems.

Hacking Attempts:

  • 2008 Election: In 2008, researchers from the Ohio Secretary of State's office conducted a comprehensive review of several voting systems, including those from Hart InterCivic. The review found vulnerabilities that could potentially be exploited to alter vote counts or compromise voter privacy. However, there were no publicized incidents of successful hacks during actual elections.
  • Vulnerability Reports: Various reports and academic papers have highlighted theoretical vulnerabilities in Hart InterCivic systems. These typically involve physical access to machines or insider threats rather than remote hacking scenarios.

2. Dominion Voting Systems

Overview: Dominion Voting Systems is a Canadian company that provides electronic voting hardware and software. Dominion's systems have been widely used in the United States, especially in the 2020 elections.

Hacking Attempts and Misinformation:

  • 2020 Election: Following the 2020 U.S. presidential election, Dominion became the subject of numerous unfounded conspiracy theories. Claims of vote switching and foreign interference were widely debunked by multiple investigations, including those by the Department of Justice and CISA.
  • Real-World Incidents: While there have been no confirmed cases of successful hacking that affected election outcomes, security experts have pointed out vulnerabilities that could be exploited under certain conditions. For example, a 2019 report by the Senate Intelligence Committee highlighted concerns over the security of election systems, including those from Dominion, but did not provide evidence of successful exploits.
  • Litigation: Dominion has filed defamation lawsuits against several individuals and media outlets that propagated false claims about their voting systems, seeking to clear their name and hold those spreading misinformation accountable.

3. Smartmatic

Overview: Smartmatic is a multinational company that provides electronic voting technology and services. Smartmatic's technology has been used in various countries around the world.

Hacking Attempts and Controversies:

  • 2004 Venezuelan Recall Election: Smartmatic first gained significant attention during the 2004 Venezuelan recall election. Allegations of vote manipulation were raised, but subsequent audits and reviews found no evidence of fraud. However, the controversy highlighted the potential for election technology to become a focal point in disputes.
  • 2020 U.S. Election: Like Dominion, Smartmatic was also targeted by conspiracy theories after the 2020 U.S. presidential election. These theories falsely claimed that Smartmatic's technology was used to manipulate vote counts. Smartmatic only provided technology for the 2020 Los Angeles County elections and had no involvement in other contested states.
  • Legal Actions: In response to the baseless allegations, Smartmatic filed defamation lawsuits against individuals and media companies that perpetuated the false claims, similar to Dominion's approach.

Broader Implications for Election Security

The incidents and misinformation campaigns surrounding Hart InterCivic, Dominion, and Smartmatic underscore several key points about election security:

  • Vulnerability Awareness: Theoretical vulnerabilities in election systems need to be continually assessed and mitigated through rigorous testing, audits, and updates.
  • Disinformation Threat: Misinformation and conspiracy theories can significantly undermine public confidence in the electoral process, even when there is no factual basis for such claims.
  • Legal and Policy Responses: Companies like Dominion and Smartmatic have taken legal actions to address the spread of false information, which is crucial for maintaining the integrity of their services and the trust of the public.

Ensuring the security and integrity of election systems requires a multi-faceted approach that includes technological safeguards, transparent auditing processes, and proactive measures to combat misinformation. Providers like Hart InterCivic, Dominion, and Smartmatic play crucial roles in this landscape and must continuously adapt to evolving threats.

For more detailed information on electronic voting in the United States, visit the Wikipedia page on Electronic Voting.

2016 Philippine election controversy involving Smartmatic

Smartmatic was involved in a controversy related to the 2016 Philippine general elections. In this case, there were allegations and legal disputes concerning the integrity of the election process. Here’s an overview of what happened:

Background

Smartmatic in the Philippines: Smartmatic provided the technology for the automated election system in the Philippines. They supplied vote-counting machines for the 2010, 2013, and 2016 elections. Their involvement aimed to ensure a quicker and more transparent voting and counting process compared to the manual system used previously.

2016 Election Controversy

Allegations and Issues:

  1. Allegations of Fraud: During the 2016 elections, there were numerous claims of election fraud and manipulation, particularly after an alleged script change in the transparency server during the counting of votes. Critics argued that this change could have affected the integrity of the vote count.
  2. Six State Controversy: There were reports and rumors suggesting that Smartmatic’s technology was used to alter the election results in six states, which affected the overall outcome of the election. These allegations were part of a broader narrative that suggested manipulation of results to favor certain candidates.
  3. Official Responses:
    • Smartmatic’s Defense: Smartmatic denied any wrongdoing and maintained that the changes made to the transparency server were merely cosmetic and did not affect the actual vote count. They argued that the changes were intended to correct a typographical error and were not related to the vote tally itself.
    • Philippine Authorities: The Commission on Elections (COMELEC) of the Philippines conducted investigations into the allegations. They concluded that there was no substantial evidence to prove that the script change affected the election results.
  4. Legal and Political Fallout: The controversy led to multiple legal challenges and a significant political fallout. Candidates and political parties that felt aggrieved by the election results pursued cases in the courts, demanding a thorough investigation into the election process and the role of Smartmatic.

Conclusion

The 2016 Philippine election controversy involving Smartmatic highlighted significant challenges and criticisms related to the use of electronic voting systems. While allegations of fraud and manipulation were widespread, official investigations did not find conclusive evidence that the integrity of the election was compromised by the script change.

For more detailed information, you can refer to:

Smartmatic implicated in alleged bribery scheme involving top Filipino election official | CNN Business
Smartmatic, the voting technology company suing Fox News and former President Donald Trump’s top allies over their false claims that its machines rigged the 2020 election, was implicated in an alleged bribery scheme involving the former top election official in the Philippines, according to court filings obtained by CNN.

Read more