In the run-up to the 2016 U.S. presidential election, Russian hackers scanned the online systems of 21 states for voter registration vulnerabilities. Illinois was on that list. However, officials said Illinois election results were not affected.
What damage can a hacker do to an election by penetrating voter registration systems? Are states like Illinois prepared for the 2018 elections? Or can foreign actors actually change election results?
Worldview host Jerome McDonnell spoke with Clare Malone, senior politics writer for FiveThirtyEight, about an investigation published this week on the vulnerabilities in America’s election system. Here are some interview highlights.
Dealing with hackers is a new problem for U.S. elections
Clare Malone: This is a really new problem that we haven’t necessarily thought through all that much until very recently. It’s a problem of federalism [because] states, rightly, want to maintain control of their elections. They want to be the people who are administering their elections. But yes, there was some confusion and some ugly claims in the press back in 2016, right before the election or just after the election when the Department of Homeland Security realized that Russian state hackers were trying to get into [the voting] systems. And so they were taking precautions and scanning state election sites. And states didn’t like the federal government coming onto their territory. …
So, you’re really seeing an interesting, actually quite old-fashioned American problem, which is where the balance of power between states and the federal government lies.
Election security can vary from state to state
Malone: The [Election Assistance Commission] can’t tell states, “No, you can’t use that voting system.” It can only certify or decertify machines. And it has not actually decertified any machines.
States get to choose, basically, whatever system they want to use. … It’s really up to states to say, “We know the security measures of this voting machine we’re using. We know the security measures of this contractor that we’ve contracted out to make up our electronic ballots.” So the federal government is a little bit hamstrung in this situation.
One scenario of what could happen if elections are hacked in 2018
Malone: [Hackers] could somehow get into online voter registration systems, like what happened in Illinois, or digital poll books at polling stations. [They] could potentially change the information on voter files so that when you show up to vote, something about your ID looks different from what they have in their computer system. So you wouldn’t be allowed to vote. Or you’d be given a provisional ballot. But your ballot wouldn’t be counted that day.
But what happens in that instance is on election day, when lots of people’s IDs don’t match the computer system, you get really long lines. You get people’s feeling of disenfranchisement. It’s a hacking of our faith.
Possible hacking prevention tactics for 2018
Malone: [Individual] states need to be paying a lot more attention to this and they need to update the standards for their online systems, the security at the Board of Elections office, and the security surrounding their individual voting machines. …
The people who make voting machines and who are contractors — who sometimes draw ballots for states — those people should be more answerable to federal regulatory power or state regulatory power, because they are private companies and we don’t know what their security practices are. So, I think there needs to be a lot more transparency and attention paid to voting security.
This interview has been edited for brevity and clarity. Click the “play” button to listen to the entire interview, which was adapted for the web by Bea Aldrich.