After Russian hackers made extensive efforts to infiltrate the American voting apparatus in 2016, some US states moved to restrict Internet access to their vote-counting systems. Colorado got rid of barcodes used to electronically read ballots. California tightened its rules for electronic voting machines that can go online. Ohio bought new voting machines that deliberately excluded wireless capabilities.
Michigan went in a different direction, authorizing as much as US$82 million for machines that rely on wireless modems to connect to the Internet. State officials justified the move by saying it is the best way to satisfy an impatient public that craves instantaneous results, even if they are unofficial.
The problem is, connecting election machines to the public Internet, especially wirelessly, leaves the whole system vulnerable, according to cybersecurity experts.
Illustration: Yusha
So Michigan’s new secretary of state is considering using some of the state’s US$10 million in federal election funds to rip out those modems before the presidential primary in March.
“The system we inherited is not optimal for security, since our election equipment can and has connected to the Internet,” said Jocelyn Benson, who won election as secretary of state and took office in January last year.
Benson convened a committee of cybersecurity experts to evaluate the state election system’s vulnerabilities.
“If that’s what the committee recommends, we’ll take them out,” she said.
Michigan’s experience illustrates a thorny challenge for state and local election officials as they try to update old and insecure equipment: Technology that has evolved over two decades to quickly transit election results from precincts to news organizations projecting winners has now been labeled a cybersecurity risk.
Michigan says its votes are safe from hackers, as its election system connects to the Internet only after votes have been counted. Cybersecurity experts differ.
Even brief exposure to the Internet can leave states vulnerable to infiltration and an attack on the credibility of their results, said Eddie Perez, global director of technology at the Open Source Election Technology Institute.
Part of the challenge of protecting this year’s vote is convincing localities to prioritize security over familiarity, convenience and accessibility.
Cybersecurity experts maintain that connecting election systems to the Internet, even briefly, exposes these machines to malicious attackers who might be intent on derailing or discrediting an election. It is not just voting machines that are vulnerable, but any piece of the election apparatus, including wireless-enabled printers, digital check-in tablets, tabulators and even the registration database, they said.
And yet, some local and state election officials remain committed to wireless-enabled machines, which allow them to quickly provide results to the public and more easily accommodate disabled voters. Heading into the US presidential election, Rhode Island, Wisconsin, Georgia and Florida are among at least 11 states that still allow voting jurisdictions to use wireless-enabled voting equipment.
“Connecting for a millisecond is enough to propagate malware through a system,” said Rich DeMillo, a computer science professor at the Georgia Institute of Technology and a member of Michigan’s election security panel. “Every weak link in the chain of network security is a problem, so opening the door to the Internet is just a bad idea in every conceivable scenario.”
In 2016, Russian hackers attempted to infiltrate most, if not all, state election systems, and downloaded voter data in Illinois, federal authorities have said.
However, there is no evidence that the hackers attempted to change the vote. Furthermore, while cybersecurity experts and some election officials fear that wireless connectivity exposes voting systems to hackers, there is no evidence that such an attack has occurred in the US.
Hacking the vote through wirelessly connected voting machines is one of several potential risks from foreign agents going into the elections in November. As it did in 2016, Russia could deploy an extensive disinformation campaign on social media to try to sway the vote — as could other adversaries. Hackers could penetrate voter registration databases and alter or delete information — potentially sowing chaos on election day.
However, remote election machinery hacks are almost certainly the easiest to prevent — by simply not allowing the equipment to connect to the public Internet.
The Cybersecurity and Infrastructure Security Agency, which is responsible for defending Americans from cyberattacks, has already advised local election authorities to avoid wireless connections altogether. In July, the US Senate Intelligence Committee issued a report on Russian meddling, saying states should remove any wireless networking capability.
Wireless connectivity of voting systems is such a bad idea that the US National Institute of Standards and Technology on Dec. 18 recommended restricting voting machines from connecting to external networks through cellular modems. The recommendation would allow cellular connectivity if individual machines are “air gapped” — isolated from unsecured networks.
An advisory committee of the US Election Assistance Commission could vote on the recommendations by next month, the first step in what is likely to be at least a year-long procedure to restrict the use of wireless modems in voting systems.
However, there is a catch: even if the Election Assistance Commission, the federal agency responsible for enforcing these non-binding voting machine guidelines, does approve such a prohibition, they will have no material impact on this year’s election.
Voting machine vendors have stated that it could take them as long as four years to build machines compliant with the new standards.
That means the Nov. 3 vote, starting with primaries in March, will occur across the US using some machines that cybersecurity experts do not trust.
“The added risk is just unnecessary,” said Andrew Appel, a computer science professor at Princeton University. “The only purpose of these modems is to call in results to the news media in seconds rather than minutes.”
The pressure to promptly transmit results to news organizations — and ultimately voters — is so great that election officials have no choice but to briefly connect voting systems to the Internet at the end of the night, said Paul Lux, the elections supervisor of Okaloosa County, Florida, and a member of the Election Assistance Commission advisory committee that develops technical guidelines.
“If everyone would just be patient on election night and let us produce the results, then there’s no real debate here about wireless transmission,” Lux said.
Election Systems & Software LLC, provider of more than half of the country’s voting machines, contends that these systems reduce wait time for results and are secure.
Still, Katina Granger, a spokeswoman, said that the company does “not promote the use of modems. If customers request it, we provide cellular modem transmittal capability on a secure and encrypted network.”
Election Systems & Software also said the number of its election machines with wireless modems is relatively minuscule: 14,420 across 11 states. That would be almost two per jurisdiction, if spread across the entire country.
Another election machine manufacturer, Hart InterCivic Inc, which has the only wireless-enabled system to receive Election Assistance Commission certification, did not return messages seeking comment.
There is another group advocating for wireless connectivity of voting machines: accessibility groups. While cybersecurity experts are clamoring for less Internet connectivity, voters with disabilities are vying for more, including the ability to vote online.
Remote access to ballots “is just not going to be a priority as long as all of this attention is on security instead,” said Diane Golden, a member of a federal committee on voting standards and a voting rights advocate for citizens with disabilities. “Every step you take to increase security basically screws accessibility.”
For all the warnings about wireless-enabled voting machines from federal officials, the safety of elections is mostly the responsibility of more than 7,000 local voting jurisdictions, ranging from Los Angeles County with more than 5.5 million voters to small towns with just a few hundred.
In recent years, the federal government has provided US$300 million to improve state and local electoral security. Some states and cities have used the money to buy new voting machines and hire cybersecurity experts.
However, many believe that effort has fallen short of what is needed, leaving some election authorities preparing for the election with minimal technical and financial support.
Some election officials maintain that Internet access can be crucial in keeping election machinery functioning properly.
In Georgia, six counties ran a pilot program alongside municipal elections in November last year to test their new voting system, including new digital check-in machines — iPads used to identify voters — but when voters entered precincts on Nov. 5, the system failed.
To fix the glitch, state election officials connected the tablets to the Internet, using the same Wi-Fi found in polling places.
They figured, “if we turn on Wi-Fi for a minute, we’ll load the correct data and it will work like a dream,” said Gabriel Sterling, chief operating officer for the Georgia Secretary of State, who is overseeing the pilot project. “And it did.”
It is the kind of episode that gives cybersecurity officials heartburn, even if there is no evidence that anything went wrong in Georgia.
“It’s easy to use wireless in a bad way,” said Dan Wallach, a computer science professor at Rice University and a member of the Election Assistance Commission’s technical guidelines committee. “To configure it in a way that works and isn’t a security nightmare is just asking for a lot.”
In Michigan, Benson’s predecessor, Ruth Johnson, said the reason for investing in Internet-enabled machines was to transmit “pre-preliminary” results as quickly as possible.
She said the decision was not made in isolation. The state also chose to procure machines with a paper trail to audit their results to provide additional security.
The state might have to live with that decision if Benson’s panel determines that the modems cannot be ripped out without harming the rest of the hardware.
Benson hopes to know more by the end of this month, with the state’s primary looming in a little more than a month.
“If nothing else, these capabilities create a sense of insecurity in our results,” she said. “Until we have technology that can be completely secure, yes, we should be taking steps to get away from the Internet in our machines.”
After nine days of holidays for the Lunar New Year, government agencies and companies are to reopen for operations today, including the Legislative Yuan. Many civic groups are expected to submit their recall petitions this week, aimed at removing many Chinese Nationalist Party (KMT) lawmakers from their seats. Since December last year, the KMT and Taiwan People’s Party (TPP) passed three controversial bills to paralyze the Constitutional Court, alter budgetary allocations and make recalling elected officials more difficult by raising the threshold. The amendments aroused public concern and discontent, sparking calls to recall KMT legislators. After KMT and TPP legislators again
Taiwan faces complex challenges like other Asia-Pacific nations, including demographic decline, income inequality and climate change. In fact, its challenges might be even more pressing. The nation struggles with rising income inequality, declining birthrates and soaring housing costs while simultaneously navigating intensifying global competition among major powers. To remain competitive in the global talent market, Taiwan has been working to create a more welcoming environment and legal framework for foreign professionals. One of the most significant steps in this direction was the enactment of the Act for the Recruitment and Employment of Foreign Professionals (外國專業人才延攬及僱用法) in 2018. Subsequent amendments in
US President Donald Trump on Saturday signed orders to impose tariffs on Canada, Mexico and China effective from today. Trump decided to slap 25 percent tariffs on goods from Mexico and Canada as well as 10 percent on those coming from China, but would only impose a 10 percent tariff on Canadian energy products, including oil and electricity. Canada and Mexico on Sunday quickly responded with retaliatory tariffs against the US, while countermeasures from China are expected soon. Nevertheless, Trump announced yesterday to delay tariffs on Mexico and Canada for a month and said he would hold further talks with
Taiwan’s undersea cables connecting it to the world were allegedly severed several times by a Chinese ship registered under a flag of convenience. As the vessel sailed, it used several different automatic identification systems (AIS) to create fake routes. That type of “shadow fleet” and “gray zone” tactics could create a security crisis in Taiwan and warrants response measures. The concept of a shadow fleet originates from the research of Elisabeth Braw, senior fellow at the Washington-based Atlantic Council. The phenomenon was initiated by authoritarian countries such as Iran, North Korea and Russia, which have been hit by international economic