After Russian hackers made extensive efforts to infiltrate the American voting apparatus in 2016, some US states moved to restrict Internet access to their vote-counting systems. Colorado got rid of barcodes used to electronically read ballots. California tightened its rules for electronic voting machines that can go online. Ohio bought new voting machines that deliberately excluded wireless capabilities.
Michigan went in a different direction, authorizing as much as US$82 million for machines that rely on wireless modems to connect to the Internet. State officials justified the move by saying it is the best way to satisfy an impatient public that craves instantaneous results, even if they are unofficial.
The problem is, connecting election machines to the public Internet, especially wirelessly, leaves the whole system vulnerable, according to cybersecurity experts.
So Michigan’s new secretary of state is considering using some of the state’s US$10 million in federal election funds to rip out those modems before the presidential primary in March.
“The system we inherited is not optimal for security, since our election equipment can and has connected to the Internet,” said Jocelyn Benson, who won election as secretary of state and took office in January last year.
Benson convened a committee of cybersecurity experts to evaluate the state election system’s vulnerabilities.
“If that’s what the committee recommends, we’ll take them out,” she said.
Michigan’s experience illustrates a thorny challenge for state and local election officials as they try to update old and insecure equipment: Technology that has evolved over two decades to quickly transit election results from precincts to news organizations projecting winners has now been labeled a cybersecurity risk.
Michigan says its votes are safe from hackers, as its election system connects to the Internet only after votes have been counted. Cybersecurity experts differ.
Even brief exposure to the Internet can leave states vulnerable to infiltration and an attack on the credibility of their results, said Eddie Perez, global director of technology at the Open Source Election Technology Institute.
Part of the challenge of protecting this year’s vote is convincing localities to prioritize security over familiarity, convenience and accessibility.
Cybersecurity experts maintain that connecting election systems to the Internet, even briefly, exposes these machines to malicious attackers who might be intent on derailing or discrediting an election. It is not just voting machines that are vulnerable, but any piece of the election apparatus, including wireless-enabled printers, digital check-in tablets, tabulators and even the registration database, they said.
And yet, some local and state election officials remain committed to wireless-enabled machines, which allow them to quickly provide results to the public and more easily accommodate disabled voters. Heading into the US presidential election, Rhode Island, Wisconsin, Georgia and Florida are among at least 11 states that still allow voting jurisdictions to use wireless-enabled voting equipment.
“Connecting for a millisecond is enough to propagate malware through a system,” said Rich DeMillo, a computer science professor at the Georgia Institute of Technology and a member of Michigan’s election security panel. “Every weak link in the chain of network security is a problem, so opening the door to the Internet is just a bad idea in every conceivable scenario.”
In 2016, Russian hackers attempted to infiltrate most, if not all, state election systems, and downloaded voter data in Illinois, federal authorities have said.
However, there is no evidence that the hackers attempted to change the vote. Furthermore, while cybersecurity experts and some election officials fear that wireless connectivity exposes voting systems to hackers, there is no evidence that such an attack has occurred in the US.
Hacking the vote through wirelessly connected voting machines is one of several potential risks from foreign agents going into the elections in November. As it did in 2016, Russia could deploy an extensive disinformation campaign on social media to try to sway the vote — as could other adversaries. Hackers could penetrate voter registration databases and alter or delete information — potentially sowing chaos on election day.
However, remote election machinery hacks are almost certainly the easiest to prevent — by simply not allowing the equipment to connect to the public Internet.
The Cybersecurity and Infrastructure Security Agency, which is responsible for defending Americans from cyberattacks, has already advised local election authorities to avoid wireless connections altogether. In July, the US Senate Intelligence Committee issued a report on Russian meddling, saying states should remove any wireless networking capability.
Wireless connectivity of voting systems is such a bad idea that the US National Institute of Standards and Technology on Dec. 18 recommended restricting voting machines from connecting to external networks through cellular modems. The recommendation would allow cellular connectivity if individual machines are “air gapped” — isolated from unsecured networks.
An advisory committee of the US Election Assistance Commission could vote on the recommendations by next month, the first step in what is likely to be at least a year-long procedure to restrict the use of wireless modems in voting systems.
However, there is a catch: even if the Election Assistance Commission, the federal agency responsible for enforcing these non-binding voting machine guidelines, does approve such a prohibition, they will have no material impact on this year’s election.
Voting machine vendors have stated that it could take them as long as four years to build machines compliant with the new standards.
That means the Nov. 3 vote, starting with primaries in March, will occur across the US using some machines that cybersecurity experts do not trust.
“The added risk is just unnecessary,” said Andrew Appel, a computer science professor at Princeton University. “The only purpose of these modems is to call in results to the news media in seconds rather than minutes.”
The pressure to promptly transmit results to news organizations — and ultimately voters — is so great that election officials have no choice but to briefly connect voting systems to the Internet at the end of the night, said Paul Lux, the elections supervisor of Okaloosa County, Florida, and a member of the Election Assistance Commission advisory committee that develops technical guidelines.
“If everyone would just be patient on election night and let us produce the results, then there’s no real debate here about wireless transmission,” Lux said.
Election Systems & Software LLC, provider of more than half of the country’s voting machines, contends that these systems reduce wait time for results and are secure.
Still, Katina Granger, a spokeswoman, said that the company does “not promote the use of modems. If customers request it, we provide cellular modem transmittal capability on a secure and encrypted network.”
Election Systems & Software also said the number of its election machines with wireless modems is relatively minuscule: 14,420 across 11 states. That would be almost two per jurisdiction, if spread across the entire country.
Another election machine manufacturer, Hart InterCivic Inc, which has the only wireless-enabled system to receive Election Assistance Commission certification, did not return messages seeking comment.
There is another group advocating for wireless connectivity of voting machines: accessibility groups. While cybersecurity experts are clamoring for less Internet connectivity, voters with disabilities are vying for more, including the ability to vote online.
Remote access to ballots “is just not going to be a priority as long as all of this attention is on security instead,” said Diane Golden, a member of a federal committee on voting standards and a voting rights advocate for citizens with disabilities. “Every step you take to increase security basically screws accessibility.”
For all the warnings about wireless-enabled voting machines from federal officials, the safety of elections is mostly the responsibility of more than 7,000 local voting jurisdictions, ranging from Los Angeles County with more than 5.5 million voters to small towns with just a few hundred.
In recent years, the federal government has provided US$300 million to improve state and local electoral security. Some states and cities have used the money to buy new voting machines and hire cybersecurity experts.
However, many believe that effort has fallen short of what is needed, leaving some election authorities preparing for the election with minimal technical and financial support.
Some election officials maintain that Internet access can be crucial in keeping election machinery functioning properly.
In Georgia, six counties ran a pilot program alongside municipal elections in November last year to test their new voting system, including new digital check-in machines — iPads used to identify voters — but when voters entered precincts on Nov. 5, the system failed.
To fix the glitch, state election officials connected the tablets to the Internet, using the same Wi-Fi found in polling places.
They figured, “if we turn on Wi-Fi for a minute, we’ll load the correct data and it will work like a dream,” said Gabriel Sterling, chief operating officer for the Georgia Secretary of State, who is overseeing the pilot project. “And it did.”
It is the kind of episode that gives cybersecurity officials heartburn, even if there is no evidence that anything went wrong in Georgia.
“It’s easy to use wireless in a bad way,” said Dan Wallach, a computer science professor at Rice University and a member of the Election Assistance Commission’s technical guidelines committee. “To configure it in a way that works and isn’t a security nightmare is just asking for a lot.”
In Michigan, Benson’s predecessor, Ruth Johnson, said the reason for investing in Internet-enabled machines was to transmit “pre-preliminary” results as quickly as possible.
She said the decision was not made in isolation. The state also chose to procure machines with a paper trail to audit their results to provide additional security.
The state might have to live with that decision if Benson’s panel determines that the modems cannot be ripped out without harming the rest of the hardware.
Benson hopes to know more by the end of this month, with the state’s primary looming in a little more than a month.
“If nothing else, these capabilities create a sense of insecurity in our results,” she said. “Until we have technology that can be completely secure, yes, we should be taking steps to get away from the Internet in our machines.”
South China Sea exercises in July by two United States Navy nuclear-powered aircraft carriers reminds that Taiwan’s history since mid-1950, and as a free nation, is intertwined with that of the aircraft carrier. Eventually Taiwan will host aircraft carriers, either those built under its democratic government or those imposed on its territory by the Chinese Communist Party (CCP) and its People’s Liberation Army Navy (PLAN). By September 1944, a lack of sufficient carrier airpower and land-based airpower persuaded US Army and Navy leaders to forgo an invasion to wrest Taiwan from Japanese control, thereby sparing Taiwanese considerable wartime destruction. But two
This year, India and Taiwan can look back on 25 years of so-called unofficial ties. This provides an occasion to ponder over how they can deepen collaboration and strengthen their relations. This reflection must be free from excitement and agitation caused by the ongoing China-US great power jostling as well as China’s aggressive actions against many of its neighbors, including India. It must be based on long-term trends in bilateral engagement. To begin with, India and Taiwan, thus far, have had relations constituted by various activities, but what needs to be thought about now is whether they can transform their ties
The US Navy’s aircraft carrier battle groups are the most dramatic symbol of Washington’s military and geopolitical power. They were critical to winning World War II in the Pacific and have since been deployed in the Indo-Pacific region to communicate resolve against potential adversaries of the US. The presence or absence of the US Seventh Fleet — the configuration of US Navy ships and aircraft in the Indo-Pacific region built around the carriers — generally determines whether war or peace prevails in the region. In the immediate post-war period, Washington’s strategic planners in the administration of then-US president Harry Truman shockingly
On Thursday last week, US Secretary of State Mike Pompeo delivered a barnstorming speech at the Richard Nixon Presidential Library and Museum in Yorba Linda, California, titled “Communist China and the Free World’s Future.” The speech set out in no uncertain terms the insoluble ideological divide between a totalitarian, communist China and the democratic, free-market values of the US. It was also a full-throated call to arms for all nations of the free world to rally behind the US and defeat China. Pompeo elaborated on a clear distinction between China and the Chinese Communist Party (CCP), in an attempt to recalibrate the