There is also a greater potential for sabotage via a cyberattack. To mitigate that exposure, many jurisdictions state that their DRE machines will never be hooked up to the Internet or a network, which would cut down on the risk of hacking from outsiders or the spread of malware and cyberattacks.
But that no-networking policy does not remove the threat of someone being able to physically alter the votes by breaking into the machines. The Vulnerability Assessment Team (VAT) at Argonne National Laboratory recently demonstrated that physical attacks can be just as effective as cyberattacks and harder to prevent, says Roger Johnston, VAT head, who worked on the example attacks.
What Johnston and a team of researchers did was devise an attack that required physical access to an electronic voting machine (in the most recent case, they attacked a Diebold system). Once physical access was attained, the attackers could manipulate the machine.
Johnston and his fellow researchers conducted what is known as a “man in the middle” attack, in which attackers broke into the machine and infiltrated it with a cheap and easily available microprocessor that could be remotely controlled. The attack required less than $30 in off-the-shelf parts and did not require high-level computer expertise.
“The point that we were trying to make was that, unfortunately, cyber is not the only issue. We have lots of other issues in particular involving physical intrusion or tampering and electronic intrusion or tampering, thus indicating particularly the need for good insider-threat mitigation,” says Johnston.
Johnston notes that machines are often left unattended, so there are plenty of opportunities for insiders or even outsiders to access the machines. What’s more, he says, the machines are vulnerable at a variety of times—throughout the delivery process and even while they are waiting to be used.
The voting machine companies have locks on the machines, but they “tend to use about the cheapest lock they can get,” Johnston says. In Johnston’s study, the researchers were not adept at picking locks, and they still had no trouble picking the machines’ locks in 30 seconds or less. It is clear that a skilled lock-picker could do it in two seconds, Johnston says.
He adds, “it’s often the case that a single key opens all of the voting machines, at least maybe in one polling station or sometimes in a whole election jurisdiction, because they don’t want to wrestle with the whole key-control issue,” such as having to keep track of several different keys per polling site.