With news that Russia targeted voting systems in 39 states in 2016, it’s high time we start thinking about protecting our votes in 2018.
Though no authorities have gone so far as to suggest that the Russians managed to change vote tallies, doing so is entirely possible despite the fact that voting machines aren’t directly connected to the internet. Computer scientist Alex Halderman explained to NPR what such a process would look like:
“Before every election, the voting machines have to be programmed with the design of the ballots — what are the races, who are the candidates,” says Halderman.
He notes that the programming is usually done on a computer in a central election office or by an outside vendor. The ballot program is then installed on individual voting machines with a removable memory card.
“So as a remote attacker, I can target an election management system, one of these
programming computers. If I can infect it with malicious software, I can have that malicious software spread to the individual machines on the memory cards, and then change votes on Election Day,” says Halderman.
Halderman told NPR that in 14 states, at least some or all of the electronic voting machines leave no paper ballot voting trail.
In a Medium piece he wrote last November, he included the following graphic of the three states where some 70,000 votes tilted the electoral college in the direction of Donald Trump.