Q&A: CDT’s William Adler

Even a Small Breach in Election Security Can Sow Distrust

By Mary Pieper

William T. Adler, senior technologist in elections and security at the Center for Democracy and Technology in Washington, recently participated in a news briefing on election security.

With record early voting leading into Tuesday’s election, Adler and his colleagues explained what election officials were doing to prevent security breaches. They also discussed online misinformation and voting suppression.

In a follow-up interview, Adler told Digital Privacy News that, while election officials had made numerous security improvements, vulnerabilities still existed.

An attack on just one voting machine could create widespread doubts about overall election security, he said.

You said during the news briefing that the Russians could scan nearly every state voter registration system in 2016 and could alter records in some of them. What have election officials done to prevent this and other cyberattacks from happening this year?

The thing about the Russians scanning all 50 states comes out of the Senate report on Russian campaign interference from last summer.

This doesn’t require any specific degree of skill.

The report is just saying they tried every state, so that in itself is not even that shocking.

If you wanted to affect the election, you would try to check every state and see which ones were the most vulnerable.

The report then goes on to detail two breaches that actually occurred: In Illinois, the report says they exfiltrated information from that database, including partial Social Security numbers, dates of birth and other identification.

And, then, there’s a second breach — but that section is almost entirely redacted, so we don’t really know what happened there.

Since this happened, every election official has been put on high alert on threats to voter registration databases.

In early 2017, the Cybersecurity and Infrastructure Security Agency at (the Department of Homeland Security) designated election infrastructure as critical infrastructure.

Along with the Federal Elections Systems Commission, they have been providing all sorts of cybersecurity help to county and state officials.

Since then, there have been all kinds of improvements made that should make attacks on voter registration bases less likely to succeed.

Private companies that provide cloud-protection services have also stepped up and are providing free services to election officials as well — and I believe those are in use in most states.

You also said some counties still are using outdated equipment that is vulnerable to cyberattacks. Can you cite any specific counties? How widespread is the problem?

I was mostly referring to the in-person voting infrastructure, which in some entire states and in many counties is very outdated.

If there was an attack on these voting machines, it would be very hard to detect.

Even if it was detected, it would be hard to conduct a recount to determine voter intent.

Every county in Louisiana and most counties in New Jersey are using direct electronic-recording voting machines without a voter-verified paper-audit trail.

These are the most vulnerable kinds of machines.

You just have to trust that the machine records your vote properly, that it hasn’t been tampered with to do something different.

This speaks to the need to raise federal minimum standards to require verified paper-audit trails, and then provide states and counties with the money to replace these vulnerable systems.

Even though it would be very difficult to conduct a widespread attack on these machines to the extent it would be able to swing an election outcome — if an attacker is able to alter even one machine or a handful of machines — that can be enough to create a really high level of distrust among voters in the election system.

That could potentially be just as harmful and damaging.

You also talked about lapses in physical security of voting equipment that have been reported this election cycle. What are the consequences of having such unsecured equipment?

There’s the possibility, although very slim, that someone could go in and reprogram a lot of machines.

But even if this happens just once, that would undermine confidence.

It’s very important that the counties that are responsible for securing these machines make it so there could be no unauthorized access.

Some of these machines in use have well-documented vulnerabilities that security researchers have shown in the 15 to 20 years that some have been on the market.

Researchers have shown that it is possible, for instance, to swipe out memory cards in these machines and replace them with malicious software.

It’s very important for counties to make sure that can’t happen. 

U.S. officials said recently that Iran and Russia had obtained U.S. voter data — and that Iran had been targeting Democratic voters with fake e-mails that contained their full names and physical addresses, threatening to harm them if they did not vote for Republican President Donald Trump. How alarming should this be to us?

There’s still a lot we don’t know about this attack.

Director of National Intelligence (John) Radcliffe said Russia obtained voter registration data. It’s unclear what that means.

It’s very important for voters to know that, in most states, there is a legal way to obtain voter registration data. In some cases, this includes full addresses and party registration.

It’s a matter of going to the county or state website and downloading the voter file.

If they obtained voter registration information in a legal way, it doesn’t necessarily mean there was a breach.

They use one piece of information they might have on a voter and then try to imply they have information on how you vote.

That is preposterous because the ballot in the U.S. is secret, even if voter registration information is public in some cases.

People are more savvy on these kinds of schemes than these hackers are counting on.

Mary Pieper is a writer in Iowa.

Sources (internal and external links):