DEFCON Election Hacking Report Hammers Home Need to Safeguard Our Elections
- David Vance
Statement of Karen Hobert Flynn, Common Cause President
Americans expect and deserve free and fair elections, but the release of a report on the Voting Machine Hacking Village at DEFCON last summer lays bare the vulnerabilities of our nation’s election equipment, databases and infrastructure. The Atlantic Council’s convening of a bipartisan group of national security advisors, cybersecurity experts and election officials to establish protocols to safeguard our elections is welcome news.
The threat to our elections from hostile nations is very real and the Russian attack on the 2016 election should leave no doubt that this problem must be confronted, not ignored, or it will only increase. One need look no further than the years of Russian attacks on elections in Europe and former Soviet satellite states to understand that cyberattacks on our election infrastructure will remain an evolving threat.
The Department of Homeland Security’s designation of our election systems as “critical infrastructure” was a positive step, but more must be done. We have confidence in the experts assembled by the Atlantic Council to recommend protocols which we hope every state will follow. But every state must take steps now to address this very real and growing threat to our democracy.
The good news is that with respect to protecting votes themselves, the solutions are low tech and within reach of every state and county. As we have emphasized previously, every state must have:
- Voting machines that produce a voter-verified paper record for every vote. The ballot counted must be the ballot that the voter marked.
- Robust, risk-limiting post-election audits of electronically tallied outcomes. To detect malware altered electronic tallies, election officials must hand count enough ballots to confirm the electronic outcome. Colorado will begin using these sophisticated auditing methods this November. A similar measure was signed into law in Rhode Island last month.
- A ban on the use of electronic mail (email, web based platforms) in the voting process. We must listen to security experts who have shown that votes cast via email or a web-based platform can be hacked, altered and deleted. Because voters have no way to “check” whether their ballots were recorded correctly, ballots sent by this process are especially at risk.
To view the DEFCON Voting Machine Hacking Village report, click here.