Emerging Tech

Blog archive
People voting

Hack shows risks, but not the folly, of online voting

I almost had to go back on a remark I made a few months ago, that the United States should push forward with online voting. This was right after the presidential election, where we saw huge lines in some states like Virginia, with polls having to stay open an extra four hours to accommodate people who were still waiting to cast their ballots. Newly reelected President Barrack Obama even pointed it out as an issue that needed to be fixed in his victory speech.

This week CNN reported that there has been an actual cyberattack on a voting system in the United States, or I should say that there was one, in August of 2012, that we are just learning about thanks to a court hearing. The attack took place in Miami-Dade County, Fla., of all places, an area that has somehow become synonymous with election-related problems since the days of the butterfly ballot.

In this case, apparently, no voters were confused by the system, and no votes were changed. Instead a system whereby citizens could obtain absentee ballots was attacked. Hackers apparently created a program to send spam ballot requests into the system. There were 2,500 fake requests made before system administrators discovered that the requests were all coming from a small set of computers (tracked though their IP addresses) and that the requests were coming in too quickly to have been sent by actual humans sitting at a keyboard.

The attack in question was apparently stopped, no real damage was done and nobody really knows what the hacker’s motives were.

But it’s worth noting that there was not very much security on the system, according to an article in the Miami Herald. I suppose nobody thought that a system to simply request an absentee ballot would be that much of a target.

Now that this attack has come to light, it will likely give ammunition to those who say that elections should never be put online. It’s not a bad argument, though it assumes that pen and paper elections can’t be manipulated, which we all know has been done in certain instances in the past.

Instead, this attempted breach should be a warning that almost any part of an election system is a target. That’s not so different from online banking, credit card machines and anything else protecting money or, in the case of an election system, power in society.

GCN’s Cybereye Bill Jackson has pointed out that securing voting rights and moving them to an electronic or online format involves a lot more than just securing the voting machine. I don’t think anyone believes that we should casually begin to elect our leaders by a new method without first securing the process from both ends and the middle. At the same time, it’s a worthwhile effort that could increase turnout, and ultimately make elections more representative of the entire population of the country.

Doing all that will be hard, but when has that stopped the United States? One of my favorite leaders, John F. Kennedy, once famously said that, “We choose to go to the moon in this decade and do the other things. Not because they are easy, but because they are hard.” Surely online voting would qualify as one of those other things.

Posted by John Breeden II on Mar 21, 2013 at 9:39 AM


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.