While mail-in voting has raised fears and sparked court battles during this election, problems with technology ranging from voting machines to results websites could just as easily disrupt voting or sow doubts about the outcome.
Newly competitive battleground state Georgia is using controversial touch screen voting machines for the first time in a presidential election. In the critical swing state of Pennsylvania, where new voting machines malfunctioned last year, several counties have now also configured those machines to speed up ballot-counting in a way that doesn’t give voters a chance to hold the ballots in their hands.
And voting machines could turn out to be the least of the technological problems. Across the country, the servers that store voter data and post unofficial results are vulnerable to temporary outages — snafus that could worsen long lines on Election Day, block or discourage voters from casting ballots or fuel claims of election fraud.
“Any kind of disinformation about election-related technology, even if there is no hack, is cause for concern, because to be effective, all that is required is for the public to perceive a problem — whether real or not,” said Eddie Perez, director of technology development and open standards at the Open Source Election Technology Institute, an election technology advocacy organization.
Federal and state officials recognize these risks and have spent months warning people not to be too quick to believe alarming claims about hacked elections, saying not every technological glitch is evidence of a cyberattack. “Bad things sometimes happen,” Christopher Krebs, the director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, said at a recent conference — adding in a subsequent statement that voters should not “overreact to claims that exaggerate the importance of insignificant events.”
“This jump to ‘cyberattack’ — we can’t fall into that trap,” Krebs said.
His statement reflects the twofold challenge facing election officials: making sure their equipment works properly and preventing isolated problems from seeding doubt that undermines the entire process.
Georgia: Total reliance on risky machines
The technological situation is especially fraught this year in Georgia, where Joe Biden narrowly led President Donald Trump in some recent polls. The state updated its electronic voting machines in 2019 and is using them in a presidential election for the first time.
Georgia used to be one of several states that relied entirely on insecure paperless machines, which offered no way to conduct reliable recounts in close or questionable elections. But while those systems are a thing of the past in the state, people who study voting technology remain concerned about their replacements.
The new machines, known as ballot-marking devices, are essentially touchscreen computers that produce a paper, bar-coded ballot. The danger, security researchers say: Errors or tampering could cause the bar codes to differ from what the voter selected, making them less secure than paper ballots that voters mark by hand.
Ballot-marking devices, or BMDs, have emerged as the dominant voting method for Americans with disabilities, many of whom cannot hold pens or read the small text on paper ballots. But Georgia chose to deploy them for all voters, regardless of need.
Georgia officials downplay the risk of hacking or malfunctions, saying voters can verify that their vote was recorded correctly by checking the paper printout. But multiple studies have found that most voters do not do so. Signs explaining the process and instructions for poll workers seem to help, according to one study, but it is unclear how common such warnings are in the real world.
“There is no way to deter, contain, or correct computer hacking in BMDs,” wrote leading voting security experts Andrew Appel of Princeton University, Richard DeMillo of Georgia Tech and Philip Stark of the University of California, Berkeley. “These are the essential security flaws of BMDs.”
Hacking aside, the machines remain prone to glitches, configuration errors and other malfunctions, especially when poll workers have rarely used them before. This perfect storm of complexity and inexperience caused chaos during Georgia’s June primary, when ballot-marking devices failed to boot up, election staffers struggled to activate them and polling places ran out of the provisional ballots that provide a fallback option for voters. Precinct workers reported receiving only minimal training that did not cover technical troubleshooting for the new machines.
These kinds of technological breakdowns are ideal kindling for election discord: During the hours it takes officials to explain the dysfunction, rumors about tampering or hacking can spread and discourage some residents from voting. And small shifts in voter turnout could have enormous impact in a race as close as Georgia’s may be.
“It’s going to be very hard to correct misinformation this year as quickly as the misinformation spreads,” said Matt Blaze, a Georgetown University computer science and law professor who is one of the country’s leading voting security experts.
Pennsylvania: How ballots are counted is what counts
Electronic voting machines also represent a potential trouble spot in Pennsylvania, one of the most important states for both Trump and Biden, because of how some counties plan to use them.
After the 2018 election, Pennsylvania replaced its paperless machines statewide. Most counties bought ballot-marking devices for voters with disabilities and stocked paper ballots for everyone else. The rest bought the electronic devices for everyone, as Georgia did.
But some counties in the latter camp went further, announcing plans to configure their ballot-marking devices in “tabulator mode,” which tallies votes inside the machine rather than giving voters a paper ballot to bring to a scanner.
Eight of Pennsylvania’s 67 counties plan to use their machines in tabulator mode, according to data from the nonprofit group Verified Voting. These include Philadelphia, where problems in 2019 elections included frozen touchscreens and jammed printers, and Northampton County, where configuration errors led to machines wrongly recording zero votes for one 2019 candidate.
When in tabulator mode, ballot-marking devices still generate paper printouts, but after voters review them, they are automatically sent to built-in scanners, which centralizes the risk of hacking or glitches in a single piece of equipment.
Voting machines in tabulator mode also have an “auto-cast” feature that lets voters cast their ballot and send it to the built-in scanner without first reviewing the printout. Security experts have condemned this feature, and Pennsylvania requires counties to disable it, but there is no guarantee that every county and precinct will follow those instructions. With auto-cast enabled, a compromised or merely defective machine could miscast votes even if it displays them correctly on the summary screen.
Even with the auto-cast feature off, the use of tabulator mode in eight counties creates an environment ripe for security fears and false alarms.
In addition to the usual anxieties about machine failures, some Pennsylvanians may find it particularly troubling that they can’t hold their ballots in their hands the way they’re used to doing. Any uncertainty and suspicion is a dangerous thing during an election, and misinformation exploiting these fears could be especially consequential in one of the most vital electoral battlegrounds.
“It's a really bad idea to configure ballot marking devices in tabulator mode,” Blaze said, arguing that the feature places more trust in the machines than they deserve.
A country of soft targets
Voting machine problems grab the most headlines, but the election could also suffer from the failure of other equipment, which is almost entirely unregulated at the state and federal levels:
— Chief among these systems are the electronic poll books that have increasingly replaced paper binders as the primary way of checking in voters. E-poll books are essentially tablet computers loaded with voter data. When connected to the internet to download the data, they are vulnerable to hackers, who can steal or alter registration records. When not connected to the internet, they are still susceptible to crashes, like the widespread outages that fueled hourslong lines in Durham County, N.C., in 2016.
“If those fail, no one can check in to vote, and [they] can't vote except by provisional ballots,” Blaze said. “And again, while they don't affect the integrity of the tally of the votes that got cast, that still can affect the outcome of the election if people weren't able to vote in the first place.” (Some counties have paper voter lists as a fallback option.)
— Voter registration databases are also tempting targets for anyone seeking to sow chaos on Election Day. States have added new protections against tampering since 2016, when Russian operatives breached Illinois’ system, but the mere claim of a successful hack would stoke fears about the reliability of the database.
The federal government is worried about this possibility. In a recent alert, the FBI and CISA warned Americans not to trust claims about vulnerable databases and stolen data. Many states make such data public, sometimes for a fee.
“While cyber actors have in recent years obtained voter registration information,” the agencies said, “the acquisition of this data did not impact the voting process or the integrity of election results.” On Friday, the two agencies disclosed that Iranian hackers had breached one state's voter registration database and used the stolen information in a campaign that involved voter intimidation emails.
— The websites that states and counties use to report unofficial results are practically wide open compared with voter databases. Results websites often lack basic protections and dedicated IT support. Hacking remains a real threat to these sites, researchers say, especially in closely contested jurisdictions.
Short of breaking into a results website, an attacker could blast it with a tsunami of garbage traffic, overwhelming its server and temporarily taking it offline. These so-called distributed denial of service attacks are child’s play for hackers, and only websites with special defensive services can withstand them.
Such an attack could further undermine trust in the election results. A determined and well-resourced adversary — such as Russia — could conduct simultaneous attacks in multiple states in hopes of causing nationwide chaos.
These denial of service attacks “could easily happen and could cause all kinds of problems,” said Duncan Buell, a computer science professor at the University of South Carolina. “It might not corrupt the election, but it could certainly disrupt the election.”
By targeting a few specific places, such as North Carolina’s Research Triangle and Pennsylvania’s major cities, “you could very easily cause enough chaos that it would suppress a vote that was expected to lean strongly one way or the other,” Buell said. “That is something that we definitely need to be on the lookout for.”
The FBI and CISA are worried about this scenario and have cautioned the public not to overreact if hackers take down election websites. In such an attack, they said in a recent alert, “the underlying data and internal systems would remain uncompromised, and anyone eligible to vote would still be able to cast a ballot.”
— The computers that election workers use are also potential targets. Some of these machines are used to program voting machines and e-poll books and to manage the collection and publication of election results. But there is no federal oversight of these computers’ security, and state oversight varies. When DHS investigated the Durham County e-poll book failures, it found many problems with how county election computers were used and protected.
Some vulnerabilities can’t simply be patched
While these problems are serious, federal, state and local officials are significantly better prepared to handle them than they were in 2016. Their partnerships with each other, and with a vast constellation of supportive tech companies and nonprofit groups, have improved in recent years, honed at conferences, during exercises and in the heat of the 2018 midterms.
“We’re in a much better place than we were four years ago,” said Ben Hovland, the chair of the Election Assistance Commission, a federal agency that offers guidance to election supervisors.
CISA’s cybersecurity assessments have helped state and local officials understand their weaknesses. A nationwide network of monitoring sensors feeds data about malicious activity to federal officials, leading to reports that help states prepare their systems before the threat arrives at their doorsteps. The speed and quality of such information-sharing has also increased, as organizations with different insights and responsibilities have formed bonds and fine-tuned their processes.
Training, too, has helped. In 2016, many county clerks didn’t know how to handle cyber threats, according to voting technology researchers. Today, many states boast about their regular security training sessions for county officials and poll workers. The quality and consistency of this training varies, but federal and state officials have invested heavily in pushing cybersecurity knowledge down to the local level, where it could make the biggest difference.
Still, even with the best training and information sharing available, most experts expect some technological problems or hacking attempts on Election Day. The question is whether officials will be able to both handle these technical challenges and reassure voters that their ballots will count.
“You have to win both the reality game and the perception game,” Buell said. “Even if it actually does work, if it is not perceived to work, then you lose.”