This article is from the source 'nytimes' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at https://www.nytimes.com/2018/10/19/opinion/midterm-elections-hacking.html
The article has changed 4 times. There is an RSS feed of changes available.
| Version 2 | Version 3 |
|---|---|
| America’s Elections Could Be Hacked. Go Vote Anyway. | America’s Elections Could Be Hacked. Go Vote Anyway. |
| (14 days later) | |
| Will November’s election be hacked? A quick sampling of news stories over the past couple of years offers little comfort. | Will November’s election be hacked? A quick sampling of news stories over the past couple of years offers little comfort. |
| In the months before the 2016 presidential election, Russian hackers tried to infiltrate voting systems in dozens of states. They succeeded in at least one, gaining access to tens of thousands of voter-registration records in Illinois. | In the months before the 2016 presidential election, Russian hackers tried to infiltrate voting systems in dozens of states. They succeeded in at least one, gaining access to tens of thousands of voter-registration records in Illinois. |
| In April, the nation’s top voting machine manufacturer told Senator Ron Wyden of Oregon that it had installed remote-access software on election-management systems that it sold from 2000 to 2006. Senator Wyden called it “the worst decision for security short of leaving ballot boxes on a Moscow street corner.” | In April, the nation’s top voting machine manufacturer told Senator Ron Wyden of Oregon that it had installed remote-access software on election-management systems that it sold from 2000 to 2006. Senator Wyden called it “the worst decision for security short of leaving ballot boxes on a Moscow street corner.” |
| At a hacking convention last summer, an 11-year-old boy who had been coached on finding the vulnerabilities in a mock-up of Florida’s state election website broke into the fake site and altered the vote totals recorded there. It took him less than 10 minutes. | |
| All along, the nation’s top intelligence and law enforcement officials have been sounding the alarm, warning that Russia is engaged in a “24/7, 365-days-a-year” effort to disrupt the upcoming midterm elections and imploring Congress and the White House to take more decisive action. | All along, the nation’s top intelligence and law enforcement officials have been sounding the alarm, warning that Russia is engaged in a “24/7, 365-days-a-year” effort to disrupt the upcoming midterm elections and imploring Congress and the White House to take more decisive action. |
| President Trump may not believe that the risk is real, but the American people do. An overwhelming majority say they are concerned about election security, and more than 60 percent say the Trump administration should be doing more to protect the vote from foreign interference. | President Trump may not believe that the risk is real, but the American people do. An overwhelming majority say they are concerned about election security, and more than 60 percent say the Trump administration should be doing more to protect the vote from foreign interference. |
| Numbers like these suggest that whether or not hackers manage to gain access to voting systems, they have already achieved their main goal, which is to sow pervasive doubt over the integrity of American elections. Whoever wins, this lack of confidence is as damaging to the nation’s democracy as it is to its national security. And it drives down turnout at the polls, as voters who are already skeptical of the political process begin to believe not just that their vote won’t count, but that it literally won’t be counted. | Numbers like these suggest that whether or not hackers manage to gain access to voting systems, they have already achieved their main goal, which is to sow pervasive doubt over the integrity of American elections. Whoever wins, this lack of confidence is as damaging to the nation’s democracy as it is to its national security. And it drives down turnout at the polls, as voters who are already skeptical of the political process begin to believe not just that their vote won’t count, but that it literally won’t be counted. |
| Meanwhile, the Russians show no signs of slowing their efforts to disrupt American elections through disinformation campaigns. On Friday, the Justice Department charged a Russian woman working for a close ally of President Vladimir Putin with participating in a plot “to spread distrust toward candidates for U.S. political office and the U.S. political system.” | Meanwhile, the Russians show no signs of slowing their efforts to disrupt American elections through disinformation campaigns. On Friday, the Justice Department charged a Russian woman working for a close ally of President Vladimir Putin with participating in a plot “to spread distrust toward candidates for U.S. political office and the U.S. political system.” |
| What to make of it all? | What to make of it all? |
| First, the bad news. America’s voting systems, like all large and complex computerized systems, are highly vulnerable to cyberattack — whether by altering or deleting voter-registration data, or even by changing vote counts. “The vast majority of technical infrastructure for our voting is absolutely, without doubt, woefully insecure,” said Matt Blaze, a University of Pennsylvania computer-science professor who studies voting machine security. Both of the primary methods by which Americans cast their ballots — optical-scan machines and touch-screen monitors — can be tampered with fairly easily. | First, the bad news. America’s voting systems, like all large and complex computerized systems, are highly vulnerable to cyberattack — whether by altering or deleting voter-registration data, or even by changing vote counts. “The vast majority of technical infrastructure for our voting is absolutely, without doubt, woefully insecure,” said Matt Blaze, a University of Pennsylvania computer-science professor who studies voting machine security. Both of the primary methods by which Americans cast their ballots — optical-scan machines and touch-screen monitors — can be tampered with fairly easily. |
| The handful of companies that design and make nearly all of America’s voting machines insist that their equipment is cordoned off from bad actors on the internet, but in fact there are multiple ways in for anyone who is motivated, persistent and willing to commit a federal crime. | The handful of companies that design and make nearly all of America’s voting machines insist that their equipment is cordoned off from bad actors on the internet, but in fact there are multiple ways in for anyone who is motivated, persistent and willing to commit a federal crime. |
| These manufacturers could choose to share information in order to help researchers and experts identify security weaknesses, but instead they have zealously guarded it as proprietary, even when the outcome of a presidential election has been at stake — as John Kerry found out when his 2004 presidential campaign attempted to look into voting irregularities in Ohio. | These manufacturers could choose to share information in order to help researchers and experts identify security weaknesses, but instead they have zealously guarded it as proprietary, even when the outcome of a presidential election has been at stake — as John Kerry found out when his 2004 presidential campaign attempted to look into voting irregularities in Ohio. |
| Our reliance on these newer voting technologies is largely a result of the failures of older ones. In the weeks after the 2000 presidential election, the entire country sat on edge as Florida poll workers painstakingly examined butterfly ballots and hanging chads. Following that disaster, Congress passed the Help America Vote Act, which established a federal agency, the Election Assistance Commission, to serve as a resource and clearinghouse for state election officials. But the commission, which has been a political football since its creation, is perennially understaffed and underfunded. Most of the nearly $4 billion that it initially got from Congress was spent on new electronic machines that were designed without anticipation of the sort of coordinated cyberattacks America now faces. And these machines are now approaching the end of their useful life. | Our reliance on these newer voting technologies is largely a result of the failures of older ones. In the weeks after the 2000 presidential election, the entire country sat on edge as Florida poll workers painstakingly examined butterfly ballots and hanging chads. Following that disaster, Congress passed the Help America Vote Act, which established a federal agency, the Election Assistance Commission, to serve as a resource and clearinghouse for state election officials. But the commission, which has been a political football since its creation, is perennially understaffed and underfunded. Most of the nearly $4 billion that it initially got from Congress was spent on new electronic machines that were designed without anticipation of the sort of coordinated cyberattacks America now faces. And these machines are now approaching the end of their useful life. |
| Now for some good news. Elections officials have become acutely aware of these risks to America’s electoral security, especially after the wake-up call they got in 2016. In a rare example of bipartisanship, Republicans and Democrats are communicating with one another and with their counterparts around the country, sharing information and shoring up defenses where needed. | Now for some good news. Elections officials have become acutely aware of these risks to America’s electoral security, especially after the wake-up call they got in 2016. In a rare example of bipartisanship, Republicans and Democrats are communicating with one another and with their counterparts around the country, sharing information and shoring up defenses where needed. |
| Most encouraging, the key fixes are relatively simple, and everyone agrees on what they are. | Most encouraging, the key fixes are relatively simple, and everyone agrees on what they are. |
| One, provide a paper trail for every vote. Hackers work most effectively in the dark, so they love voting machines that produce no paper verification. Currently, five states — Delaware, Georgia, Louisiana, New Jersey and South Carolina — run their elections entirely on paperless touch-screen machines. But all five states are considering a switch back to paper ballots in time for 2020. In this year’s midterms, 19 states and Washington, D.C., will use only paper ballots. | One, provide a paper trail for every vote. Hackers work most effectively in the dark, so they love voting machines that produce no paper verification. Currently, five states — Delaware, Georgia, Louisiana, New Jersey and South Carolina — run their elections entirely on paperless touch-screen machines. But all five states are considering a switch back to paper ballots in time for 2020. In this year’s midterms, 19 states and Washington, D.C., will use only paper ballots. |
| Two, audit the vote. The best way to do this is known as a risk-limiting audit, which means comparing the digital tally to a manual count of a randomized sample of paper ballots. This type of audit can identify voting tabulation errors resulting from either malicious attacks or software failures. | Two, audit the vote. The best way to do this is known as a risk-limiting audit, which means comparing the digital tally to a manual count of a randomized sample of paper ballots. This type of audit can identify voting tabulation errors resulting from either malicious attacks or software failures. |
| Three, give states more resources. After dragging its feet for years, Congress in March approved $380 million in grants to states for election security. A little more than a third of the money will be spent on enhancing cybersecurity. A little more than a quarter will go toward buying new voting equipment. The rest will be spent on improving voter-registration systems, running vote audits and communicating better with voters around election time. | Three, give states more resources. After dragging its feet for years, Congress in March approved $380 million in grants to states for election security. A little more than a third of the money will be spent on enhancing cybersecurity. A little more than a quarter will go toward buying new voting equipment. The rest will be spent on improving voter-registration systems, running vote audits and communicating better with voters around election time. |
| That money is good, but it’s far from enough. And while the states are spending it in the right ways, Congress could help even more by passing the Secure Elections Act, a bipartisan bill that appeared headed toward passage until it got hung up over the summer. | That money is good, but it’s far from enough. And while the states are spending it in the right ways, Congress could help even more by passing the Secure Elections Act, a bipartisan bill that appeared headed toward passage until it got hung up over the summer. |
| What can voters do? For starters, take advantage of early voting if your state offers it. The sooner votes are in, the more time officials have to detect irregularities. “Every time someone votes early, they’re part of the fight against foreign interference,” said David Becker, who runs the Center for Election Innovation and Research. | What can voters do? For starters, take advantage of early voting if your state offers it. The sooner votes are in, the more time officials have to detect irregularities. “Every time someone votes early, they’re part of the fight against foreign interference,” said David Becker, who runs the Center for Election Innovation and Research. |
| Most important, don’t stay home because you believe that cyberattacks will rig the results of the election. “It’s true that these systems are vulnerable,” said Mr. Blaze, the voting-security expert. “It’s also true that you should vote on Election Day. The worst outcome would be if people conclude that there’s no point in voting.” | Most important, don’t stay home because you believe that cyberattacks will rig the results of the election. “It’s true that these systems are vulnerable,” said Mr. Blaze, the voting-security expert. “It’s also true that you should vote on Election Day. The worst outcome would be if people conclude that there’s no point in voting.” |
| Follow The New York Times Opinion section on Facebook, Twitter (@NYTopinion) and Instagram. | Follow The New York Times Opinion section on Facebook, Twitter (@NYTopinion) and Instagram. |