Jake Belcher

Intelligent Machines

How to hack an election—and what states should do to prevent fake votes

Two speakers at this year’s EmTech MIT conference addressed voting vulnerabilities.

Donald Trump won the 2016 presidential election thanks to the votes of just 107,000 people in three states. The intricacies of the Electoral College help create situations where a relatively small number of US citizens can decide who wins the presidency. How susceptible could these votes be to tampering? The answer: a lot more than you might realize.

In a live demonstration at MIT Technology Review’s EmTech conference today, J. Alex Halderman, professor of computer science and engineering at the University of Michigan, showed just how easy it would be to meddle with vote tallies to directly change election outcomes.

Halderman brought an AccuVote TSX machine to the stage in a live demonstration of the dangers. He had three volunteers use the machine to vote in a mock election between George Washington and Benedict Arnold. Cameras pointing at the screen and projected above the stage showed the three voters casting their ballots for Washington. Yet when Halderman printed the returns from the machine, the reported result was a two-to-one victory for Arnold. 

How did it happen? Through tampering with the ballot programming. For every election, officials have to program the candidates into the machine using a physical memory card. Halderman infected this card with malicious vote-stealing software before any voters got anywhere near the polling booths. 

“This machine you saw here is used in 18 states, and some of the states, including Georgia, use an even older version of the software than I showed here today,” he said.

Ron Rivest

Beyond the machines people use to cast their votes, the main targets for someone trying to tamper with a US election are voter registration databases and the electronic devices used to check voters in at polling stations, according to Ron Rivest, Institute Professor at MIT.

If this all sounds terrifying, don’t panic. There are simple steps the authorities can take to mitigate the threat of an attack.

“We need paper verifiable ballots, no internet voting, and we need to ensure we can audit ballots properly. Some kind of paper trail the voter can use to verify their vote is very important,” Rivest said.

At a national level, $380 million was allocated for shoring up election security in March, and the Secure Elections Act is currently working its way through Congress. This would require states to have audit processes and paper trails for their elections, moves both Rivest and Halderman strongly support.

Meanwhile, West Virginia is set to use a blockchain to verify votes this fall. Might this be the answer?

Rivest is unequivocal. “Absolutely not. For many applications, voting included, blockchain is just a poor database choice. It takes things you put in it and preserves them forever. It’s a very poor fit for voting,” he said.