Information Warfare and Security Flaws: Why the American Voting System Is Still at Serious Risk
As the 2018 midterms proceed, there are still significant risks to the integrity of the voting system â€“ and information warfare continues to try to influence the American publicâ€™s choices when they cast their ballots.
On the day of the election, there were a number of early hitches in voting at individual polling places, such as polling places opening late and vote-counting machines not plugged in. But there seem not â€“ at least not yet â€“ to be major problems across the country.
However, not all the election-related news and information voters have been encountering in recent days and weeks is accurate, and some of it is deliberately misleading. As this electionâ€™s results come back, they will reveal whether the misinformation and propaganda campaigns conducted alongside the political ones were effective.
Securing election systems
Americaâ€™s electoral process remains highly fragmented, because of the countryâ€™s cherished tradition of decentralized government and local control. While this may leave some individual communitiesâ€™ voting equipment potentially vulnerable to attack, the nationâ€™s voting process overall may be more trustworthy as a result of this fragmentation. With no unified government agency or office to provide, administer and protect election technologies, thereâ€™s not one central national element that could fail or be attacked.
Across the country, though, many districtsâ€™ voters will cast ballots with the help of machines that have long-standing security concerns. Fortunately, 45 states keep a paper record of each vote cast â€“ whether for fear of threats to voting integrity or just budget constraints preventing purchase of newer gear. But that means five states â€“ Louisiana, Georgia, South Carolina, New Jersey and Delaware â€“ donâ€™t keep paper records of their votersâ€™ choices.
Voting machine vendors have been reluctant to appear before Congress to explain their systemsâ€™ security practices â€“ and shortcomings. However, federal agencies have helped some states reduce the likelihood of voting machines being hacked or physically tampered with.
Beyond voting machines
Election security is about much more than voting machines and vote-counting systems, though they are the most visible technologies at work on Election Day. State systems that track voter registrations, or allow users to register online, are enticing targets for hackers, too. Security firm Carbon Black reported that 81 million voter records from 20 states are available in online forums. This data, obtained by hacking various official and corporate databases, could be used to facilitate voter fraud or sow confusion at polling places on Election Day: How would you feel if you were told that someone using your name and address had already voted?
There are security concerns even in states like Oregon, where everyone votes on paper and mails in their ballots in advance of Election Day. That stateâ€™s election officials were targeted by hackers seeking to gain access to state email and database systems. With that access, attackers might be able to digitally impersonate a government official to send false or confusing emails, press releases or other notifications to citizens, journalists or poll workers.
Also at risk are public-facing official websites that carry election information. Merely changing the reported location of polling places or voting hours could prevent some people from voting. Also vulnerable are statesâ€™ methods of announcing preliminary election results. At a major internet security conference in August, children were able to compromise replicas of several statesâ€™ election-reporting systems. The most remarkable was that in just 10 minutes, an 11-year-old boy cracked the security on a copy of the Florida secretary of stateâ€™s website and was able to change the publicly announced vote totals for candidates. That could be enough to cast doubt on whatever was later reported as the official results â€“ and the integrity of the system itself.
Managing information on social media
A more difficult threat to defend against is information warfare, which doesnâ€™t attack voting machines or election officialsâ€™ computers. Rather, it targets votersâ€™ perceptions and decisions, seeking to influence how they vote.
Long before the 2016 U.S. presidential election, information warfare was influencing elections around the world, including in Ukraine, Myanmar and Egypt. But after 2016, Facebook and Twitter came under intense scrutiny for their role in providing digital environments that facilitated the spread of misinformation to sow discontent, and special counsel Robert Mueller began investigating Russiansâ€™ influence efforts.
In the run-up to the 2018 midterms, Russians and others were still hard at work trying to influence Americans to vote in ways that help foreign interests. In October, the U.S. Department of Justice charged a Russian woman with creating thousands of fake social media accounts allegedly representing American citizens to â€œcreate and amplify divisive social media and political contentâ€ before the election.
This year, though, unlike two years ago, social media companies are taking action. Twitter and Facebook have both deleted thousands of accounts they identified as engaging in propaganda and influence-peddling. And they have made other efforts to identify and fight falsehoods on their platforms, too.
Nevertheless, online misinformation continues to thrive. More than 80 percent of the Twitter accounts that often shared links to false and misleading information in 2016 are still active today. And the amount of online misinformation is higher than it was two years ago.
Investigating alleged wrongdoing
U.S. intelligence and police agencies are concerned about the potential effects of misinformation on the American electorate. But large proportions of the country donâ€™t trust those organizations to be politically independent. It doesnâ€™t help that the White House continues to claim, without evidence, that voter fraud is a significant problem.
Mainstream news organizations can find themselves under scrutiny too, either for reporting falsehoods that appear to gain traction online or for failing to filter out or properly identify inaccurate information for their readers.
Protecting democracy is a huge challenge. Iâ€™ve written before that it involves more than technical solutions to computer problems. The U.S. government, and the people it serves, must find the desire and the drive to establish secure and trustworthy procedures for running elections across the country. Education is also key, teaching people from an early age how to recognize propaganda and misinformation, and think critically about the information they encounter. Facts are not subject to alternative views; without widespread agreement on common objective realities, society and government cannot function well.
Technology continues to evolve, presenting challenges to individuals and society alike. Emerging â€œdeepfakeâ€ technology is already helping create convincing videos of people appearing to say and do things they never said or did. In addition, intelligent social media bots are becoming more human-like, making identifying and blocking them much more difficult. Thatâ€™s just some of the challenges that democracies will face in the future.
Many of these problems will not have a clearly defined fix, because they involve a nuanced balancing of individual rights and social necessities. Real and lasting solutions must come from civil discourse by rational and objectively informed people who have, above all, the actual honest desire to do it right.