One Way to Protect Elections From Hacking: Paper Ballots

Photo: Marvin Joseph/The Washington Post/Getty Images

Yesterday’s report from the Intercept, sourced from leaked top secret documents from the National Security Agency, is both shocking and unsurprising. Shocking because it appears to confirm that an arm of the Russian government tried to interfere with the American voting process last year by targeting election vendors, and unsurprising because many security and elections experts had already assumed this to be the case. It’s a useful report for the public to see, though, because its existence emphasizes and reiterates how insecure our complicated election apparatus is — and how difficult it will be to shore up, secure, and guarantee elections in the future.

It’s worth stating up front, in bold, that the report contains no evidence that these hackers were successful in manipulating the vote count or anyone’s ability to vote, only that they tried. As I’ve said, this is unsurprising: Cybersecurity researchers have been warning about the lax security and regulation of electronic voting for years, though there has been little in the way of resources, or imperatives, to fix it. (And, of course, anyone elected by dubious means is unlikely to graciously cede power in the aftermath.)

According to the NSA leak, “Russian intelligence obtained and maintained access to elements of multiple US state or local electoral boards.” One of those elements was likely the email account of VR Systems, an election vendor. An email account is not the same as infiltrating, say, an actual voting machine, but it’s only a few degrees removed, and since many people use the same log-in information across multiple accounts — or use their email accounts as the fail-safe for resetting passwords — it’s a very dangerous breach.

This kind of interconnection and overlap between accounts, combined with the multiple layers of the election process, is exactly what makes determining the extent of an attempted hack so tricky, and what makes perfect security all but an impossibility. When we talk about “elements of … electoral boards,” we might be talking about an employee’s email account, a database, maybe a router in somebody’s home or office, their phone, their Facebook account or their spouse’s, or the Wi-Fi-enabled light bulb in the office. The tangled web of “elements” leaves even the most security-conscious people vulnerable.

It gets more tangled as you zoom out. Voting procedure and regulation differ from state to state. In one sense, this is comforting — the U.S. voting system is so disorganized, it cannot be hacked by a singular method — but it also means that within that tangle of election boards and third-party vendors, there are many weak links in the chain. There are a number of services a vendor might provide beyond simple vote-tallying (election rolls, for instance) that would allow malicious actors to attack election integrity in indirect ways. You wouldn’t need to directly change votes if you could make voters from a certain party disappear from the voter registry, for example.

For this reason, security solutions need to go beyond immediate defense and also include the same fail-safe backstop that’s secured elections for 300 years: Paper. Hard copies of ballots and voter rolls make it more difficult to undermine trust in the system. We don’t need to eliminate electronic voting (though it’s worth pointing out that there’s no real problem with the voting process that electronic voting is solving, and it’s unclear why it’s truly necessary), but we need to make sure it’s backed up by paper ballots that can be counted by hand. Similarly, there need to be multiple databases of registered voters — including at least one hard copy — that allow people who file provisional ballots to have their votes counted.

Paper ballots would help solve the other underlying problem with election security: The appearance of insecurity can be as dangerous as actual insecurity. Whether or not the GRU was able to hack the election is almost beside the point in the current political climate; if the point is to sow doubt in the democratic process, the revelation that the Russian government attempted a hack is still nonetheless a win. The more complicated our system gets, and the fewer guarantees we can make about its integrity, the worse this dilemma becomes.

One Way to Protect Elections From Hacking: Paper Ballots