The implementation of e-voting has generated both advantages and technological risks
Technology provides us countless comforts, but it also cements the way for scammers and cybercriminals to take advantage of people through technological fraud. That kind of crime involves the use of technology in a variety of possible ways to deceive people, steal data, attack computer systems, and more.
In the most recent years cybercrimes have reached electoral processes in different places, manifesting themselves in many different ways. People can get in front of the ballot box influenced by fake information, try to vote more than once or, on the other hand, try to cast votes according to their convenience.
Digital forensics experts from the International Institute of Cyber Security consider that electronic voting could facilitate both technological crimes and electoral fraud if the platforms involved in the process are not protected enough. Some of the potential risks of implementing e-voting are:
Interference from foreign governments
The intervention of foreigners in electoral processes became a subject of public domain because of the allegations related to the Russian government and the election of the President of the United States, Donald Trump in 2016. However, this is not a new practice, and digital forensics experts believe it has been going on for decades. The difference is that thanks to the current technology it is easier to wreak havoc at a distance than in the past.
Voting machines and their security flaws
Electoral propaganda repeatedly mentions that “every vote counts”, and there was a time when people could feel that they were really making a difference in politics by going to the polls. But reports of unsafe voting machines have ignited alarms among the electorate, leading some people to think that their votes may not be counted by some defective machine.
A recent cybersecurity event featured the so-called “voting village” where hackers were encouraged to try to break into voting machines to find vulnerabilities. A 50-page report on the status of cybersecurity in these machines found that, in one case, one of these devices presented a vulnerability that was reported more than 10 years ago.
Possible malware risk
Five states of the United States have implemented electronic voting without a verifiable backup system of paper ballots. Georgia is one of them and, despite voters’ concerns a judge has just decided that the state will not adjust its processes for the upcoming midterm elections. Critics say that without using paper records to support electronic voting, it is impossible to recount if necessary.
In addition, hackers could contaminate electoral systems with malware. If such a scenario occurs, the records of a complete voting machine could be erased without a trace. In this way, hackers don’t have to manipulate the data to change the votes and they could simply erase the device information, something that is not very difficult to achieve for a hacker with average abilities.
Further research found that wireless computer accessories could become access points for hackers, allowing them to access attacked systems to perform malicious actions.
Manipulation of voter registration data
Many voters currently not only issue electronic votes. They are also prepared to vote by pre-registering as voters and waiting for further instructions. Allegations in several states claim that hackers have already successfully entered voter registration databases. The consequences of these attacks depend on the actions that the hackers decide to carry out.
Obsolete voting machines on the brink of collapse
Most of the voting equipment used in the United States is more than a decade old and the software of the machines counting the votes is just as old. In addition to this latent cybersecurity risks, this has an impact on people’s confidence in the electoral system.
How to make e-voting more reliable?
Despite the somewhat pessimistic panorama, experts in digital forensics believe that there are things to do that could improve the security and reliability of the electronic voting equipment. Some experts consider that the blockchain, the digital accounting system typically associated with cryptocurrency, could be a useful alternative to current methods, since entries in the blockchain cannot be changed once confirmed.
A slightly more drastic alternative is to return to paper ballot systems and verify voter registration databases to eliminate duplication and allow people to vote by mail, at least until the correct implementation of a system of electronic voting with security measures in line with current computer risks.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.