“They’ll be back in 2020, they may be back in 2018, and one of the lessons they may draw from this is that they were successful because they introduced chaos and division and discord and sowed doubt about the nature of this amazing country of ours and our democratic process.”
— Former FBI Director James Comey, testifying about the Russian government before a House Intelligence Committee hearing, March 20, 2017
We are facing a major national security threat. As former Director Comey stated, we know that Russia attacked our 2016 election, and there is every reason to expect further attacks on our elections from nations, criminals and others until we repair our badly broken voting systems. Despite a decade of warnings from computer security experts, 33 states allow internet voting for some or all voters, and a quarter of our country still votes on computerized, paperless voting machines that cannot be recounted and for which there have been demonstrated hacks.
If we know how to hack these voting systems, so do the Russians and Chinese and North Koreans and Iranians and ….
We are told not to worry, because these machines are secure, since they are never connected to the internet. But even if the machines are isolated from the internet, election information — such as candidate names and the location of each name on the ballot — is uploaded to those voting machines from digital memory devices. Those devices are initialized using computers that typically are connected to the internet at some time. It takes only a fraction of a second for a computer to be infected with a malicious virus. Once a computer is infected, the memory devices also can be infected, and they in turn can infect voting machines.
Some rationalize that there are so many different types of voting machines in the country that no one could possibly attack them all. But because of the Electoral College, a presidential election could be rigged by focusing on only a few precincts in a few battleground states. And since the same type of voting machine may be used in many different precincts and states, the computer-reported results of a national election could be compromised on a massive scale due to either a software bug or an election-rigging virus on a single type of machine.
The truth is we can’t know if paperless machines were hacked, because it’s impossible to know if the electronic tabulation of the votes was manipulated by software bugs or viruses or by malware inserted by nations, political parties, insiders or hackers.
What many people fail to realize is that any time computers are involved, the computer-declared results must be checked. Voter-marked paper ballots provide direct evidence of the intent of the voter. However, most paper ballots are counted by scanners that contain computers; like all software, scanner software is vulnerable. Therefore, we can’t know that scanner results are valid unless we actually examine the paper ballots by hand and compare them to the scanned results through a manual postelection ballot audit or recount.
Bad as paperless voting machines are, internet voting is even worse. France canceled plans for internet voting out of fear of Russian hacking. The Netherlands eliminated the use of computers in aggregating vote totals to avoid cyber threats — they have prohibited electronic voting machines for over a decade. Yet, in America there is very little outcry against profoundly insecure internet voting, despite almost daily news of successful attacks on our banks, businesses, government agencies, political organizations and individuals.
The integrity of elections is fundamental to democracy. No one wants our elections to be decided by another country or by a malicious hacker. To protect our democracy and secure our elections, we must rid ourselves of all internet voting and paperless voting systems and replace them with voting systems based on paper ballots. We also must reform our election laws to mandate routine manual postelection ballot audits before finalizing election results.
As Director Comey said, they will be back. We must be ready.
Barbara Simons is on the Board of Advisors of the Election Assistance Commission, an independent advisory board created by the Help America Vote Act of 2002, which meets in Minneapolis this week. She is a former president of the Association for Computing Machinery and co-author of “Broken Ballots: Will Your Vote Count?”