Tuesday, August 30, 2016

Could The Election Itself Be Hacked?


Given that Russian hackers have successfully attacked the DNC computers and purportedly those of the Clinton campaign as well, and that Putin loving Wikileaks has threatened to release hacked documents harmful to Hillary Clinton prior to election day, it may not be too far fetched to have worries about efforts to hack election results themselves.  Indeed, the FBI has warned two states to take action to protect their voting systems after apparent foreign efforts to hack the same.  Then, of course, there is the growing desire on the part of the GOP to win election costs through voter disenfranchisement, gerrymandered districts and other means.  Hacking would in some ways be the next logical progression for the GOP and its shrinking base of angry, often uneducated, white voters.  A column in Talking Points Memo looks at the fears of a hacked election.  Here are excerpts:
A few weeks back, when I was writing about possible Russian efforts to influence the US election, a number of security experts pointed me to concerns about hacking or tampering with the actual US voting apparatus. Now the FBI has reached out to local election officials after hacks were detected in two states. Whether something has Russian fingerprints on it is obviously hugely inflammatory and polarization. I think the emphasis here is something that someone may be trying to do this - at least on first blush, precisely who it is is less important to taking precautions to prevent problems.
For years, I've generally poo-poo'd claims about how elections had been or could be hacked. Mainly this is simply an evidence based criticism. Back in the aughts "Diebold" became the Dems equivalent of GOP "vote fraud" claims, an amorphous and generally evidenceless explanation for why your party is losing elections you wanted to win.
People get confused sometimes and believe that arguments that something can happen is proof that something has happened. Logic is hard.
There is one huge and incredibly important difference: none of the black box voting folks ever proposed solutions targeted at making it harder for one class or race of people to vote, which is what the GOP's 'vote fraud' nonsense is entirely about. So I'm not equating the two. The proposed remedies for combatting electronic or cyber-attack based election tampering may not be as necessary as some claim. But they don't do any harm. We should make these things as secure as possible.
If a political party or people working on its behalf want to hack an election that is not only an inherently difficult thing to do. More importantly, it's hard to do without leaving evidence. It also involves a lot of little explored complexities: to know what's going to be a 'reasonable' shift in the totals, you need some real time idea of what the actual results are. It's a complicated proposition that would likely involve a number of people working in concert and thus difficult to keep secret.
But here's the thing. If foreign hackers of any source or domestic hackers for that matter want to disrupt an election, that's much simpler. Perhaps you've hacked into the servers in advance and then you simply erase the data late in the day? Or shift it to all Clinton or all Trump. If it's being done from somewhere in Senegal or Bangkok you're never going to track down and apprehend the culprits. And the changes to the numbers don't need to be credible to severely disrupt the election. Complete hypothetical: what if 10 critical precinct tallies in Florida and Ohio are simply erased or tampered with so that the numbers bear no confidence? What do you do then? We're not in a high trust climate in our politics where something like that could be easily resolved. Precisely because we are already in such a low trust political era, even a tiny number of demonstrated cases of cyber-tampering would cast a penumbra of doubt over the whole process, especially for the losing party.
The point is that disruption doesn't really require hiding your tracks. It's enough to disrupt, delete, alter. It can also be done by people who don't have any particular concern with the actual election outcome, have no need to make the results credible and have none of the legal or reputational vulnerabilities that might deter people within the political system itself from trying to tamper with election results.
The country has enough things to freak out about as a country. I'm not saying we should start wigging out about this. But it's definitely worth being concerned about and hopefully one that federal law enforcement authorities are focusing on and proactively working with local authorities to prevent. And it's something qualitatively easier to pull off for bad actors whose aim is disruption rather than winning.

No comments: