Online Voting and Cybersecurity
The COVID-19 pandemic is a significant obstacle to participation in U.S. elections, especially the upcoming general election. Online voting could potentially minimize the spread of the coronavirus and allow citizens who are disabled, sick, or suffer from immunity deficiencies to participate in the election from home. Timothy B. Lee of Ars Technica notes that Delaware, West Virginia, and New Jersey plan to let citizens cast their ballots online, but the general consensus among researchers is that it is currently impossible to guarantee the security of an online voting system. Furthermore, large scale election interference would be far easier to accomplish with online voting systems.
The use of blockchain technology has been proposed as a solution that would guarantee the security of online voting systems. However, this would not be the case. Earlier blog posts discussed the applications and implementations of blockchain technology, which is the backbone of cryptocurrencies such as Bitcoin. Blockchain technology is believed to guarantee the security of an online voting system, but blockchains can be hacked, and money can be stolen from cryptocurrency “wallets.” This week, Patrick Howell O’Neill of the MIT Technology Review reported about North Korean hackers who stole $250 million in cryptocurrency. The hackers covered their tracks by converting the stolen money into different cryptocurrencies, but they were caught when they finally converted everything into Bitcoin in order to trade it for cash. Bitcoin makes use of a public ledger so that transactions can be audited by different parties, and the security of blockchain technology in general relies on the premise that everything can be audited. However, this is incompatible with elections in the U.S.
If blockchains were used for electronic voting, election integrity would be at odds with the confidentiality of votes. As discussed in a previous blog post, blockchain security requires transparency. Cryptocurrency transactions can be audited by others if there is suspicion of fraud or theft. However, votes are not intended to be private the way transactions are private. In-person voting is done within a booth for a reason: If an individual’s vote could be seen by others, they could be intimidated or bribed into voting for a particular candidate, which would undermine democracy. If votes were kept completely private, individuals could lie about voting for a particular candidate, so anyone offering bribes or making threats faces the risk of being fooled. Thus, the confidentiality of each vote is as important as its integrity.
Regardless of whether or not blockchain technology is used, online voting is still significantly riskier than voting by mail. A recent report by the Cybersecurity and Infrastructure Security Agency (CISA) notes that “[r]isks to electronic ballot return are similar to mail-in ballots, but with the potential to impact a higher number of ballots. For example, a man-in-the-middle attack on a physical mail-in ballot requires physical access, and attack scale is limited through proper chain of custody procedures. In contrast, a malicious cyber actor can conduct a man-in-the-middle attack on electronic ballots at a higher scale from a wide range of global locations.” Gaining access to an online voting system would be much easier for an attacker than gaining access to physical ballots. There are a variety of ways that the confidentiality, integrity, and availability of an online voting system could be compromised. If an online voting system suffered a data breach, information that ties ballots to individual voters could be revealed, and this would undermine the aforementioned privacy necessary for elections. A Distributed Denial-of-Service (DDoS) attack could be used for voter suppression. A DDoS attack is the use of multiple computers to send so many fake requests to a server that the server is too overwhelmed to handle real clients. Casting ballots through an online voting system would be impossible if the infrastructure is unavailable. Finally, imagine if an application used to submit ballots contained a vulnerability that allows votes to be changed, and bad actors release malware that exploits this vulnerability. There is bound to be cybersecurity and physical security for the systems that tally the votes, but the same cannot be said of the devices owned by voters. If votes could be secretly manipulated the moment ballots are cast, both voters and election officials would be unaware of the election interference.
Online voting may be acceptable for those who are active duty, living overseas, or both, but it should not be used by voters who can use other options. Voting in-person remains the safest option in terms of security because voters have full control over their ballots. However, for those who are disabled, sick, or are particularly susceptible to COVID-19, mailed ballots or absentee ballots are safer than online ballots.