Election security is the most challenging problem Matt Blaze said he has ever encountered in his career -- and that was before the COVID-19 pandemic.
During his keynote address for the Black Hat USA 2020 virtual conference, the security researcher warned that the current election infrastructure faces a myriad of threats, from simple denial-of-service attacks to tampering with vote tallies or deleting records.
"Unfortunately, these attacks are not merely theoretical," Blaze said, citing analysis from leading computer scientists and security researchers. "In fact, every current voting system that's been examined is terrible in some way and probably exploitable."
Blaze, McDevitt Chair in Computer Science and Law at Georgetown University, has studied the security of modern voting systems and election infrastructure for more than 20 years. He explained how integrity and accuracy issues plagued voting machines for decades, citing the punch hole ballots in Florida from the 2000 presidential election.
This article is part of
But the move to more electronic and software-based voting machines hasn't resolved those issues, he said. In fact, in some cases, it's worsened them by introducing paperless voting technology or complex blockchain-based software that doesn't ultimately improve security. In addition, Blaze said election security must account for more than just the software code within voting machines, such as county election management software on the back end.
Matt BlazeProfessor, Georgetown University
"I don't think I've ever encountered a problem that's harder than the security and integrity of civil elections," he said. "It's fundamentally orders of magnitude more difficult and more complex than almost anything else you can imagine."
It wasn't all bad news for election security, however. Blaze noted two important developments, starting with a term called software independence coined by Ron Rivest, co-inventor of the RSA algorithm and co-founder of RSA Security. In 2006, Rivest co-authored a research paper that outlined how voting systems could be designed in a way that would prohibit an undetectable change or flaw in the software code from altering the elections results.
More recently, Philip Stark, professor of statistics and associate dean at the University of California, Berkeley, developed a model for what's called "risk-limiting audits," which samples a subset of election results to ensure the results are accurate and haven't been subjected to errors or tampering.
Still, Blaze noted that threat actors targeting U.S. elections may not even be trying to swing vote tallies one way or another. "Foreign-state adversaries are a little different from traditional attackers in an election system because they might not want to choose a winner," he said. "They may be satisfied with simply disrupting the overall process and casting doubt on the legitimacy of the outcome and making it difficult to vote or to know who won. And that is both an easier goal and one for which many different kinds of attacks [are possible] than the kinds of attacks where you want to pick the winner."
Matt Olney, director of threat intelligence at Cisco Talos, wrote a research paper on election security that was published last month that, in part, analyzed how threat actors broke into voter registration databases in many states prior to the 2016 presidential election and caused disruption. Olney told SearchSecurity he expects those kinds of attacks to continue as we approach November.
"We have certainly seen, in cooperating with our partners in the election space, the same sort of attacks attempted we had seen before. What is hard to do sometimes is to say, 'Is this attack state-sponsored, or is it part of a broader campaign?'" he said. "I would anticipate that a lot of the same sort of activity would happen."
COVID-19 and mail-in ballots
Blaze said there are new challenges for election infrastructure this year beyond the hacking threats and security issues of the past.
"This a very different talk than I would've given four or five months ago," he said, adding that the "wrinkle" of COVID-19 has further complicated an already challenging situation for U.S. elections.
The logistics of massive mail-in ballots are daunting, he said, because it will entail not only making and mailing out more ballots, but also checking signatures and finding places to properly store and secure the received ballots. Those are "labor-intensive" issues for many state and local governments that may not have the funding or resources to widen the scale of their absentee ballot systems.
Elections officials, therefore, will have to "prepare for a very wide range of scenarios that may not come to fruition," which could entail printing large numbers of mail-in ballots that ultimately won't be used or preparing large volumes of in-person voting that may not happen.
Despite those challenges, Blaze said there was reason for some optimism. Many of these logistical problems are familiar ones to computer scientists and researchers, he said, who can provide expertise and assistance. Blaze ended his keynote with a call to action for the infosec community to call their local election officials and inquire how to help, whether it's as a poll worker and ballot signature judge or IT support.
"The optimistic note is: We can do this," he said, "but we need to engage now."