Documente Academic
Documente Profesional
Documente Cultură
ii
List of Figures
iii
Executive Summary
The purpose of this document is to discuss the security issues with voting machines and
how to improve them. Government involvement in voting machines, contributing motives that
compromise our nations voting systems, and options are considered. Americans do trust their
voting machines because of the recent election. However, due to the cost of upgrading the voting
machines, local and state government cannot afford to purchase new machines.
Criminals that take advantage of the technology to sell voter information is one of the
largest contributing motives to compromise our voting systems and voter registration rolls. By
creating a team that would be dedicated to securing the vulnerabilities, upgrading the outdated
voting systems, and by funding the voting systems, the government will be able to improve its
voting systems.
iv
Voting Machines
In recent elections, we have come to encounter that our voting machines are easily
manipulated. People did not really put that much thought into them in the past as it was not as
significant as the past election, or at least not many people paid attention as much as they do
now. Americans do not trust our Election Systems and we have a lot of evidence that shows that
voting machines are easily manipulated and they can change the outcome of our elections.
software creators, installers and administrators is money. The government does not have enough
funds to invest what it needs to be invested in voting machines. So, there has not been a real need
After what happened with the 2000 election, those machines were replaced with the electronic
voting system. But this system was not the most ideal. They did not think about voting system
security or what challenges could arise. This solved some problems but created a whole lot of
new ones. Computers, as we well know, with time need updates, if not, they can get obsolete,
our voting machines are very old computers with very old software. For example, most of those
machines are running on Windows XP, and Microsoft hasnt released a security patch since
2014.
There is no real evidence of direct voting machine interference as of right now but the
machines are susceptible to malware or major hacking. It is not just about switching election
results, this could damage the machines and in some cases, prevent people from voting. Voting
machines are just computers and they run on lots and lots of lines of code, so they are not perfect
1
Another reason why this is such a big deal with manufacturers is that its believed that
manufacturers really do not have a clear understanding of all the aspects of an election. So, they
are creating voting machines but if the client really doesnt know much technology and the
manufacturer doesnt know the product and they cant do adequate testing, its bound to fail.
Most voting machines are made by two manufacturers and they do not share their software code
among each other, so there is no real testing to see if they will work well together.
The good news is that some states are starting to get next generation systems by August
of 2018. This is quite costly but way necessary. Its important to remember that computers do
not last forever, they have a shelf life and they need to be updated, you cant have a 20-year-old
machine and expect it to work at 100%. Hopefully, more and more States will follow that lead
Every State is individual and has their own system, this, in my opinion, has a sense of
disorganization and its really not uniform. I believe having a centralized focus for voting
machines will be ideal. If everybody functions the same way, then it would be easier to maintain,
also the risk of inconsistencies will be decreased, there will be a better way to document how
things get done and States could help each other when they have problems as well. A uniform
If the Federal Government goes ahead and sets a standard for voting machines in all
States, this could also work, then again, I dont think all of them will choose to do the same thing
but at least there would be some rules they need to follow. There has got to be Federal Funding
2
Very Specific guidelines on how their elections have to be done. What should be requested from
the manufacturers of Voting Machines, how should this software work and what it should do, I
do believe that if possible, elections should be done the same in each State, meaning, no more
paper ballots, all should be done electronically, except absentee ballots of course.
Another idea would be that State and local Elections could be the responsibility of each
locality, but when its a Federal Election it should be the responsibility of the Federal
do need the help, and this would improve our Election System.
I understand that the constitution separates Federal powers from State powers but, we all
elect a president, we all require elections, so we do need to have a system in place that works and
works fine. This does not necessarily mean that the States will be giving up independence or the
power to the Federal Government but, they could use the help. The current system does not
work. Everybody does things differently and there is a lot of room for error.
If this cant be changed because of the constitution, at least the Federal Government
With regards to motives driven to the compromise of our nations voting systems and
registration rolls, one of the largest contributing motives was found to be the act of attaining the
information provided on the voter registration, which the attacker would then plan to sell.
Another motive that was found to compromise voting systems/ voter registration was also found
on the contrary of attaining personally identifiable information (PII), but instead, influence the
election with political motives not financial. Finally, a third motive that found from conducted
3
research was that an attacker targeting these voting systems only has motives of voter integrity
In cases where the motives of an attacker are to sell information for financial gain by
attaining access to the systems, ABC News has claimed: nearly half of the states in the U.S.
have recently been targeted by foreign hackers, four of which have successfully been breached
(Levine & Thomas, 2016). We come to the realization that it is no longer a matter of
hypotheticals at this point, that argument is mute. We are facing on a much grander scale
criminals attempting to breach these systems than years in the past. Russian hackers were also to
blame for cyberattacks on Democratic organizations, as per what was released from WikiLeaks.
Russian hackers have been seen stealing assets from one another, refuse to collaborate. Theyre
all vying for power, to sell Putin on how good they are (Nakashima, 2016).
Motives that were of political agenda on behalf of attacker were found to be another
influence on data breaches of voting systems. For example, after the attack on the voting
systems in Illinois, it was concluded that they didnt steal information for financial gain but
rather to influence future elections. This is something to consider when voting for future
elections because you never really will know if those around you were subjected to bribery from
those whom allocated this information. As of now, Dr. Andy Ozment (secretary for cybersecurity
and communications for DHS) has stated that "We have not seen intrusions intended to in any
way impact individuals' votes and actual voting" (Levine & Thomas, 2016). Having read that, it
does make one wonder that just because it may not have happened in the past is no reason to
stipulate that it wouldnt occur in the future is anything but absurd. The hackers that hacked the
Illinois voting systems managed to extract information from as much as 200,000 peoples
4
personal data. What appears to be the ultimatum for these criminals was not bank or credit
information to sell but rather voting history so establish if theres an opportunity to influence
future votes through such ways as bribes or threats (Ortega, 2016). This presents a large
problem for our future elections as a country because many individuals could be misguided by
An addition motivation that was identified attacks on voting systems was to create
confusion and loss of voter confidence in future elections. According to the Department of
Homeland Security, more than 20 states have been targeted for their voter registration systems
(U.S. official: Hackers targeted voter registration systems of 20 states, 2016). Federal officials
have made claims that security threats aside, a hacker cannot alter an elections outcome due to
the systems not being connected to the internet. Releases from now President Donald Trump
during the election suggested that the election is going to be rigged. With that in mind, we can
conclude that voter confidence just from even that one statement by a former candidate can cause
lack of trust in the authenticity of our nations voting system. It has become a common
expression in the citizens perception as I am sure you may have heard before: Why even vote?
It doesnt matter who I vote for because the election is rigged. Without voter confidence, more
and more citizens will be less interested in politics feeling they no longer have a voice regarding
whom should be elected. Thus, added security to these voting systems is critical to the future
integrity of our nations democracy. For without it, this country will likely become a communist
5
Security Issues with Voting Machines
State and local governments are doing little to secure their voting machines due to the
cost associated with upgrading the technology, the politicians that are behind the government,
Election officials in 31 states would like to buy new voting machines but they do not
know where the money will come from. It costs millions of dollars to replace the outdated
machines. For example, in California, the secretary of state estimates that it could cost up to
$450 million to replace the voting machines there (Rauf, 2017). Without help from the federal
Politicians are not motivated to campaign on a promise to upgrade the voting machines in
their state/district because of other state-run programs that will garner more votes. Communities
need to make their voices heard about issues they care about and should contact their federal,
state and, local representatives to convince them to protect the security of our votes. Only when
Election Assistance Commission (EAC) which was the only federal agency that protects against
voting machine attacks. The vote passed 6 to 3 and the committee chair stated that the EAC has
outlived its usefulness and purpose (Harper, 2017). The recent election proved that the EAC
6
How to Improve Our Voting Systems
The government can improve its voting systems by creating a team that would be
dedicated to securing the vulnerabilities, upgrading the outdated voting systems, and by funding
Creating a team that would be dedicated to securing vulnerabilities in the nations voting
systems would allow the government to analyze and detect threats. To find vulnerabilities, this
team would be tasked with breaching the voting systems with the approval of the reestablished
Polling equipment is actually falling apart in some states and there is dire need to upgrade
the voting systems. The last time the U.S. government updated its voting machines was in the
year 2000 after the widely controversial Bush/Gore election. The lifespan of a voting machine is
10 to 20 years, closer to 10, and in 14 states machines are going to be 15 years or older. Figure 1
below is a comparison between how many states use outdated voting machines and the ones that
40
30
20
10 7
0
Decade old machines Newer Machines/Different
Voting Method
7
There are a variety of options states can choose from when purchasing new voting
equipment. These options include direct appropriation, splitting the cost, setting up a grant
program, buying equipment in bulk, generating dedicated revenue, and passing a statewide bond
measure.
In relation to what following steps should be taken for U.S. voting systems whether it be
research has found that there are three directions in which we could take as a nation to better
fulfill the data integrity and security of PII. The first direction is to, instead of reconstructing
existing systems from the ground up with cybersecurity set as a priority to rather upgrade the
existing system with a new one. Another direction our nation could go to value security in our
voting systems is to go fourth with keeping the existing systems and simply reconstruct them
from the ground up. Lastly, a stressing of urgency to have voting stems remain decentralized will
With regards to the first direction our nation could go to better secure our voting systems,
is by upgrading the existing system to a new system. What was learned from our research is that
in 43 States have electronic voting equipment that is more than a decade old (Dacuan, 2016).
Outdated equipment in and of itself is not only difficult to operate with newer released software
but also a lack of internal security from patchwork and bug fixes. This is mostly why we can
expect individuals to attempt attacking these machines is because of their overall lack of security
thereof.
8
Another direct solution to this issue is to just go forward by reconstructing the existing
systems from the ground up. By doing so what will be sorely needed is essential oversight and
funding. Funding by the state can in most cases not afford to replace all voting systems without
extended financial help from the federal government. With reconstruction from ground up with
focuses on cybersecurity, these systems will have a better chance at mitigating the chances of
data breeches of the systems. More importantly, this can also be a cost-effective solution. If
enough states got on board with this idea, the federal reserve would supply the states funding to
Lastly, a solution that could easily be implemented is stressing the awareness and
urgency of decentralizing the voting registry systems. Currently, most of our nations voting
systems run offline, thus being labeled decentralized. However, not all the states have switched
to this type of voting machine. By having the systems fully functional offline (no connection to
the internet), it is formally impossible to breach the voting systems themselves from across the
other side of the world. Pros to this solution are that it would save states funding billions of
dollars, and would help ensure the integrity and security of voters using the systems. A con to
this solution is that it does not prevent breeches from those made in person physically tampering
with the machines and it is a concept that the government has been having difficulties trying to
inform every voting station of this important and easy to do the concept.
9
References
Barrett, B. (2016, August 02). America's Electronic Voting Machines Are Scarily Easy Targets.
Retrieved May 31, 2017, from https://www.wired.com/2016/08/americas-voting-machines-arent-
ready-election/
Berman, A. (2017, February 08). House Republicans Just Voted to Eliminate the Only Federal
Funding Elections Technology. (2017, May 10). Retrieved May 31, 2017, from
http://www.ncsl.org/research/elections-and-campaigns/funding-election-technology.aspx
Dacuan, L. (2016, March 16). THE 2016 RACE TO UPGRADE VOTING TECHNOLOGY
HEATS UP. Retrieved May 31, 2017, from Onvia: https://www.onvia.com/company/blog/2016-
race-to-upgrade-voting-technology-heats
Levine, M., & Thomas, P. (2016, September 29). Russian Hackers Targeted Nearly Half of
States' Voter Registration Systems, Successfully Infiltrated 4. Retrieved May 31, 2017, from
ABC News: http://abcnews.go.com/US/russian-hackers-targeted-half-states-voter-registration-
systems/story?id=42435822
Nakashima, E. (2016, June 14). Russian government hackers penetrated DNC, stole opposition
research on Trump. Retrieved May 31, 2017, from The Washington Post:
https://www.washingtonpost.com/world/national-security/russian-government-hackers-
penetrated-dnc-stole-opposition-research-on-trump/2016/06/14/cf006cb4-316e-11e6-8ff7-
7b6c1998b7a0_story.html?utm_term=.70e43853bffc
Oosting, J. (2017, January 24). Michigan plans to replace all voting machines by 2018.
Retrieved May 31, 2017, from
http://www.detroitnews.com/story/news/politics/2017/01/24/voting-machines/96991230/
Ortega, A. (2016, October 04). Hacking an election requires more than compromising a machine.
Retrieved May 31, 2017, from The Hill: http://thehill.com/blogs/congress-
blog/technology/299190-hacking-an-election-requires-more-than-compromising-a-machine
RAUF, D. S. (2017, March 12). States Scramble for Funding to Upgrade Aging Voting
Machines. Retrieved May 31, 2017, from https://www.usnews.com/news/best-
states/texas/articles/2017-03-12/states-scramble-for-funding-to-upgrade-aging-voting-machines
Smith, G. (2012, October 22). Electronic Voting Machines Still Widely Used Despite Security
Concerns. Retrieved May 31, 2017, from http://www.huffingtonpost.com/2012/10/22/electronic-
voting-machines-2012_n_1992992.html
10
Agency That Makes Sure Voting Machines Can't Be Hacked. Retrieved May 31, 2017, from
https://www.thenation.com/article/house-republicans-just-voted-to-eliminate-the-only-federal-
agency-that-makes-sure-voting-machines-cant-be-hacked/
U.S. official: Hackers targeted voter registration systems of 20 states. (2016, September 30).
Retrieved May 31, 2017, from Chicago Tribune:
http://www.chicagotribune.com/news/nationworld/ct-hackers-target-election-systems-20160930-
story.html
11