ASU cybersecurity expert says hacked database controls who is allowed to vote
Arizona officials confirmed Monday that a voter registration database in the state has suffered a hack, although they believe no personal information has been compromised. Illinois' voter registration database suffered a similar breach.
Jamie Winterton (left), director of Strategic Research Initiatives at Arizona State University's Global Security Initiative, said the biggest risk is to the trust voters place in the electoral system, and whether or not everyone actually registered to vote will be allowed to when they show up to the polls.
Question: What’s the risk of voter registration systems being hacked?
Answer: When we think of “hacked elections,” we usually think of people breaking into electronic voting systems. That is a real concern – and it’s been done before. A team from University of Michigan and Princeton was able to install Pac-Man on voting machines from 2008 without breaking any of the tamper-evident seals – and if you can install Pac-Man, you can easily affect the vote tallying software! But this recent breach is different. It wasn’t on the voting machine software itself, but on the registration databases in Arizona and Illinois. Most of the information in the database is publicly available, so it’s not terribly concerning from an identity-theft perspective. What is worrisome, however, is that the voter database guides who is — and who is not — allowed to vote. With the possibility that Arizona will be a swing state this year, removing even a small percentage of voters from the database could swing the result.
Q: Could this have an impact on particular voter groups?
A: The database is also how the state communicates with voters. It’s used to send early ballots and tell voters where their polling places are located. What if 10 percent of people in lower socio-economic areas were misled as to their polling location? What if Spanish-language ballots or election materials were not sent? The validity of our electoral system depends on consistent communication. That communication can easily be polluted if the voter database is tampered with.
Q: What kind of attack was used on the voter registration system? Was it Russia again?
A: It’s not clear how the attackers got into the Arizona system. We know about the attack because the FBI found voter database credentials (like a login and password) on the dark web. The secretary of state’s office took the systems offline for over a week and changed all the credentials. We do know that in Illinois — a voter registration database attack that happened around the same time — the attackers used something called SQL injection. SQL stands for Structured Query Language; it’s how many databases are managed. When you type information into a box on a website — a username and password, for example — that website is probably using SQL to facilitate the conversation between you and the database, to make sure you have an account and the right credentials to access it. During a SQL injection attack, though, a hacker will type code into the box instead of a username, in an attempt to control the database. If the website doesn’t check to make sure that the inputs are valid, the code gets passed through to the database and can do things like dump information or allow modifications of the database. However, it’s also easy to protect against: Creating rules against nonsensical inputs — no one’s name has a "=" in it, for example — goes a long way towards protecting against SQL injection attacks.
Q: What will be the effect of this attack?
A: It’s hard to say what will come of this attack. Hopefully backup versions of the voter registration databases can be compared with the current version, to see where changes might have been made. Hopefully the systems will be patched and tested, and hardened against these kinds of attacks.
There’s a building problem with trust and election systems, however. The U.S. has a fairly disenchanted electorate as it is. How will they respond to our election systems being violated? Even if the database checks out with a prior version, will people feel that their vote is still meaningful? Or will they feel that the election is rigged and not bother showing up to vote? When the results are in, will voters trust and abide them? Machines can be hacked, but so can people. We need to figure out how to patch them both.
Top photo courtsey Secretlondon, via Wikimedia Commons