Voters cast ballots on touch-screen voting machines during in-person absentee voting
at the Fairfax County Governmental Center in Fairfax, Va., in early October.
Rapid advances in the development of cyber weapons and malicious software mean that electronic-voting machines used in the 2012 election could be hacked, potentially tipping the presidential election or a number of other races.
Subscribe Today to the Monitor
Since the machines are not connected to the Internet, any hack would not be a matter of someone sneaking through cyberspace to change ballots. Rather, the concern is that an individual hacker, a partisan group, or even a nation state could infect voting machines by gaining physical access to them or by targeting the companies that service them.
The 2010 discovery of the Stuxnet cyberweapon, which used a thumb drive to attack Iran‘s nuclear facilities and spread among its computers, illustrated how one type of attack could work. Most at risk are paperless e-voting machines, which don’t print out any record of votes, meaning the electronically stored results could be altered without anyone knowing they had been changed.
In a tight election, the result could be the difference between winning and losing. A Monitor analysis shows that four swing states – Pennsylvania, Virginia, Colorado, and Florida – rely to varying degrees on paperless machines.
"The risk of cyber manipulation of these machines is quite real," says Barbara Simons, a computer researcher and author of "Broken Ballots," a book documenting e-voting vulnerabilities. "Most people don’t understand that these computer-based voting machines can have software bugs or even election-rigging malicious software in them."
There are plenty of software vulnerabilities to exploit, says Matt Blaze, a computer scientist at the University of Pennsylvania in Philadelphia. In 2007, he was on a team investigating touch-screen and other voting systems for California and Ohio. The resulting study concluded "virtually every important software security mechanism is vulnerable."
The paperless machines, however, stand out as particularly vulnerable.
"If there’s no paper trail, you can have the corrupted software display on the voting-machine screen whatever you want to display – and then after the voter leaves, record something completely different inside," says Richard Kemmerer, a computer scientist who heads the University of California, Santa Barbara, Computer Security Group.
Voting for Pac-Man
For example, Alex Halderman, a researcher at the University of Michigan, and a colleague at Princeton University hacked into a paperless touch-screen voting machine in 2010 and installed the video game Pac-Man. That lab exercise took three afternoons but did not break any tamper-proof seals and left no traces.
Similarly, he and Princeton researchers in 2006 demonstrated that if someone could get a few minutes’ unattended access to a paperless machine, that person could install a software virus that could spread to other machines and switch those machines’ votes before deleting all traces of itself.