The Senate Intelligence Committee held a hearing on Russian election hacking yesterday, and the expert testimony wasn't all that reassuring.
Because while federal officials assure us that they didn't succeed, one expert left us with more questions about the integrity of our 2016 vote. He should know, because J. Alex Halderman, a professor of computer science at Michigan University and director of the Center for Computer Security and Society, has been hacking election systems for years and says you can do it without leaving a trace.
"I know firsthand how easy it can be to manipulate computerized voting machines," he told the committee in his opening statement.
"As part of security testing, I've performed attacks on widely used voting machines, and I've had students successfully attack machines under my supervision."
He said whether election functions are centralized or not doesn't matter.
"Some election functions are actually quite centralized. A small number of election
technology vendors and support contractors service the systems used by many local
governments. Attackers could target one or a few of these companies and spread
malicious code to election equipment that serves millions of voters," he said.
"Furthermore, in close elections, decentralization can actually work against us. An
attacker can probe different areas of the most important “swing states” for
vulnerabilities, find the areas that have the weakest protection, and strike there.
"In a close election, changing a few votes may be enough to tip the result, and an attacker can choose where—and on which equipment—to steal those votes. State and local elections are also at risk."
Halderman also warned our election infrastructure "is not as distant from the Internet as it may seem."
He explained that before every election, voting machines are programmed with the ballot design.
"This programming is created on a desktop computer called an election management system, or EMS, and then transferred to voting machines using USB sticks or memory cards, he said. "These systems are generally run by county IT personnel or by private contractors. Unfortunately, election management systems are not adequately protected, and they are not always properly isolated from the Internet.
"Attackers who compromise an election management system can spread vote-stealing
malware to large numbers of machines."
He said experts recommend paper ballots with optical scanners -- with required post-election audits.
"One of the reasons why post-election audits are essential is that pre-election “logic and accuracy” testing can be defeated by malicious software running on voting machines. Vote-stealing code can be designed to detect when it’s being tested and refuse to cheat while under test," he wrote in a footnote to his opening statement.