A Voter’s Guide to Election Security
Americans are now voting in the first major election since Russians launched a broad assault on the 2016 presidential campaign.
And while election officials and security experts remain vigilant through Election Day, voters have a critical role in the fight to keep elections safe and accessible.
The average voter shouldn’t be too concerned about foreign interference in elections, said Maurice Turner, a senior technologist at the nonprofit Center for Democracy and Technology in Washington, D.C. But, he said, that doesn’t mean she should be passive about secure elections.
By understanding the system, its flaws and what needs changing, voters can call for accountability from election officials and state policymakers.
“I’m hoping for a quiet Election Day,” Turner said. “I’m hoping that we can focus on the issues that are on the ballot versus how we’re going to count the ballot.”
It starts with voters knowing whether they’re properly registered
Malicious actors might attack the midterms by manipulating voter registration rolls.
While a May report from the Senate Intelligence Committee said the “U.S. election infrastructure is fundamentally resilient,” it also outlined Russian attempts in 2016 to scan election systems in 21 states and aggressively try to infiltrate six of them.
No vote tallies were altered, nor was any voter registration information changed or deleted, but the Russians still stole the personal information of half-a-million voters, according to July indictments handed down by the special counsel, Robert Mueller.
If hackers were able to get into state voter registration databases, they could change party affiliations or addresses, or delete voters from the databases entirely. Any discrepancy could lead to mass confusion on Election Day. Confusion leads to long lines, which could frustrate voters enough to make them give up on voting.
If voters check their registration status online before Election Day and spot an error, correcting it can not only save them a headache on Election Day, but it also might flag a potential hack for local officials. Voters in 37 states and the District of Columbia can register to vote online, the National Conference of State Legislatures reported. And vote.org lists ways all voters can check their registration.
Voting machines are a major problem across the country
Voting machines are woefully old in the United States, making them easily hackable.
Voters in 41 states will use election equipment that is more than a decade old, an analysis by the Brennan Center for Justice at New York University Law School found. In 13 states, some counties will use less secure paperless voting machines, according to the nonprofit Verified Voting. Five states use only paperless voting machines, opening them to potential breaches.
Voting machines, and especially older models, are susceptible to hacks, even if they’re not connected to the internet, said Lawrence Norden, the deputy director of the Brennan Center’s democracy program. Even memory cards in central locations in a polling place can be compromised by hackers, he said.
Many of these issues could be resolved if states and counties moved to paper ballots.
In March, Congress allocated $380 million for state and local election security. While counties used the funds for cybersecurity training and new election equipment, many local officials complained it was not enough money.
Some states, such as Arkansas, were able to improve their voting machines. This year, 54 of the state’s 75 counties — serving more than two-thirds of Arkansan voters — will be voting with new equipment.
But other states are still plagued by problems. Voting machines broke down in about a dozen precincts of Richland County, South Carolina, meaning voters in the August Republican special election runoff had to cast their votes using paper ballots. The county elections director blamed it on a programming error.
A bill in Congress stalled in August that would have provided an additional $250 million to states to shore up election security.
Hackers haven’t been able to change votes
While Russian hackers were able to infiltrate certain election systems across the country, they did not change any votes, the Senate Intelligence Committee found. So, if someone’s vote is changed, the cause likely is a faulty machine — not a foreign adversary.
During early voting in Texas last week, old voting machines changed some people’s intended votes to a candidate of another party when they voted straight-ticket.
Keith Ingram, the state’s director of elections, blamed user error and warned voters to double-check their selections before casting a ballot. The Austin-based nonprofit Texas Civil Rights Project said it was yet another reason to replace the state’s outdated voting machines.
Georgia voters this month complained that voting machines changed some of their votes for Democrat Stacey Abrams to votes for her opponent in the gubernatorial race, the Republican Brian Kemp, who also is the secretary of state there. The complaint filed by the NAACP blamed the issue on “old dilapidated machines” that “should have been replaced about 10 years ago.”
Vote-flipping is a technical issue that’s not new in elections and primarily is caused by old touch screens. Voters in Georgia, Nevada, North Carolina, Pennsylvania, Tennessee and Texas complained of vote-flipping during the 2016 presidential election, ProPublica found.
Misinformation campaigns don’t end when voters go to the polls
After the polls close, the next challenge is ensuring results are transmitted and posted accurately, Turner said.
Hackers may attempt to attack a county website, taking it offline and hiding results, or take over social media accounts to broadcast false results, Turner said.
It’s important, then, for county officials to have secure social media accounts, he said. It’s also important for voters to follow their local election officials on social media to make sure they’re getting information directly from the source.
Later, a post-election audit — with a paper trail — is an opportunity for officials to test whether their vote count was accurate and if machines operated properly. But only 26 states require election officials to conduct an audit after elections using paper records, according to the Brennan Center.
“Audits empower people to feel like their vote counted and feel engaged in the process,” said Aquene Freechild, co-director of nonprofit Public Citizen’s Democracy Is For People campaign.
Voters in states and counties that lack audits cannot be sure their votes were fully counted, she said.
Security is not an endpoint; it’s a practice
Elections are still short of being 100 percent secure, Turner said.
“There needs to be recognition by voters to elect officials at state, local and federal levels that are going to continually improve security to face a continually evolving threat,” Turner said.
Information-sharing between every level of government should be a priority, Turner said. Indeed, 1,300 local election officials are now members of the Elections Infrastructure Information Sharing and Analysis Center, a federally funded organization designed to help protect and respond to cyber threats.
They can receive information about attacks or specific threats, but also share that type of information from their own network as a heads-up to colleagues elsewhere. But only 1 in 10 local election jurisdictions nationwide participate in the program.
Faulty machines and long lines are normal problems of local election management, said Marian Schneider, president of Verified Voting. But it’s still up to voters, she said, to insist on safe elections.
“It’s like preparing for a natural disaster,” she said. “While a hack on Election Day is a risk, not a certainty, we can never get that risk down to zero.”