Are wireless voting machines vulnerable? Florida, other states say they’re safe enough

Voters cast their ballots at Farrington High School on Nov. 8, 2016, in Honolulu.
Voters cast their ballots at Farrington High School on Nov. 8, 2016, in Honolulu. AP

Barely a month before midterm elections, voting integrity advocates and electronic voting experts want the federal government to issue an official warning to states that use voting machines with integrated cellular modems that the machines are vulnerable to hacks, potentially interfering with the ballot counting.

Once seen as a useful tool to provide quick election results, voting machines with cellular modems are now subject to fierce debate over how easy it would be to break into them and change the results.

Such machines are certified for use in Florida, Illinois, Michigan and Wisconsin.

A spokeswoman for the Florida Department of State, Sarah Revell, defended the certification of such machines.

“Voting machines are not connected to the internet,” Revell said in an email to McClatchy, adding that “it is important to note that when transmitting election data everything is encrypted and authenticated.”

But a number of voting machine researchers take issue with such assertions, saying that cellular networks increasingly overlap with the internet and open avenues for hackers to interfere with unofficial early results even when there are paper ballots that can be tallied for a slower official count. They say interfering with unofficial early results, even when corrected later, could increase mistrust among voters and add uncertainty immediately after elections conclude.

“The voting machine vendors like to say, well, the voting machine modem is only used for transmitting the unofficial results when you close the polls back through the internet to county central where the clerk can post them,” said Andrew W. Appel, a computer scientist at Princeton University.

“The problem is, that modem talking through the cell phone network really is more connected to the internet than they like to think.”

Appel said hackers could intercept signals using a portable cell phone tower, commonly called a Stingray, and even introduce malicious code through internet-linked cellular networks.

“If you can talk to that modem, and if there are any security flaws in the voting machine software that talk through that modem, then the voting machine could be confused into installing new software that changes the vote,” Appel said.

Support our journalism

If you want to see more coverage of election security and all things midterms, please consider supporting our bureau by signing up for a subscription.

Appel was among 30 researchers, activists and scientists who signed a letter this week urging the federal government to caution states from the use of such voting machines, citing their “grave concerns” that manipulation through cellular networks could “wreak havoc on an election.”

“The convenience of transmitting vote totals online does not outweigh the need of the American people to be assured their votes will be accurately transmitted and counted,” said the letter, which was also endorsed by five citizen and digital rights groups, including Common Cause and the Electronic Frontier Foundation.

How many cellular-enabled voting machines will be in use for Nov. 6 midterm elections is not known. There is no national registry for the 10,000 or so election jurisdictions in the United States, so an exact number could not be determined readily.

An official with the Election Assistance Commission, an independent federal agency that is a clearinghouse for election information, said there are “probably” more than 1,000 of the cellular-enabled machines deployed in different parts of the country.

“They are out there,” said Brian Hancock, director of testing and certification for the Election Assistance Commission. “As you know, it’s up to the states to decide which systems they use.”

In the wake of Russian interference in the 2016 U.S. elections and warnings that such meddling may be recurring this year, voting officials say they are seeking a balance between security, accuracy, and convenience for voters – as well as speed in disseminating vote results.

A spokesman for the Wisconsin Elections Commission, Reid Magney, said his agency does not believe cellular-enabled machines are vulnerable.

“It is not a large concern at this point,” Magney said. “The results are encrypted and use security keys, so the receiving computer knows that the data is authentic. … I know people have theorized about man-in-the-middle attacks. I’ve never seen people intercept (cellular signals), change them, re-encrypt them and send them on.”

An Illinois board of elections spokesman, Matt Dietrich, said cellular-enabled voting machines are used in his state “but they are only allowed to transmit unofficial results.”

Revell, the Florida spokeswoman, said all Florida voting is on paper ballots “so we can always refer to the original record” in case of confusion. While some counties may have the cellular-enabled machines, she said, “that does not mean counties utilize it.”

Voting security advocates say election officials underestimate the determination and sophistication of foreign adversaries that want to interfere in U.S. elections.

“We have a big bullseye painted on our election systems. We have to prioritize security over the demand to have elections results right now,” said Susan Greenhalgh, policy director at the National Election Defense Coalition, a New York-based election integrity network.

In most wireless voting machines, the results transmitted to central computers at the end of election day are unofficial. Verified balloting totals are delivered through other means, including by hand delivering removable memory cards or flash drives to tabulators.

“The press is the main reason why those (wireless) systems are there. The media wants to know the results immediately,” said Hancock of the Election Assistance Commission.

One of the top three vendors of voting machines in the United States, Hart Intercivic, an Austin, Texas, based company, offers one voting machine model that is wirelessly enabled. The company’s vice president of operations, Peter Lichtenheld, said elections officials in various states demand such an option.

“People say they want secure and fast, but in reality people want fast,” Lichtenheld said. “It’s a state and local choice … There’s a market for it. There are customers who want it.”

Some states have only recently moved away from wirelessly enabled machines. North Carolina enacted a law in June barring the 100 counties in that state from using any wireless communication.

Even if the machines have wireless capability, “they cannot be connected,” said Patrick Gannon, a spokesman for the state board of elections.

“We have never allowed any wireless machines,” said Kansas Deputy Secretary of State Bryan Caskey.

A spokesman for South Carolina’s Election Commission, Chris Whitmire, said, “No voting machines in (South Carolina) have any wireless capability.”

But a computer scientist at the University of South Carolina, Duncan Buell, said logs from the June 12 primary in the state show 23 voting machines communicating data electronically.

“There certainly seems to have been some modem connections, yes,” Buell said.

Tim Johnson, 202 383-6028, @timjohnson4
Related stories from Myrtle Beach Sun News