Election Security 2024: Hacking Risks and How to Stop Them | EP 11

Show Notes

Securing the Vote: Addressing Election Vulnerabilities in 2024

In this episode of Cybersecurity Diaries, Nathan from StationX delves into the critical vulnerabilities and security measures essential for protecting election integrity. With the U.S. presidential election approaching, concerns about voting system security are peaking. The episode covers a range of topics, including the risks posed by electronic voting machines, supply chain security, mail-in voting, insider threats, social engineering, voter registration databases, and voter impersonation. Key security practices such as secure boot protocols, zero trust principles, supply chain audits, and voter ID requirements are discussed. The episode underscores the importance of election security for maintaining public trust and democracy, urging everyone from tech experts to voters to stay informed and engaged.

00:00 Introduction: Election Security Concerns
00:56 Electronic Voting Machines: Vulnerabilities and Solutions
02:34 Supply Chain Security: Protecting Voting Hardware
03:46 Mail-In Voting: Balancing Accessibility and Security
04:58 Insider Threats: Risks from Within
06:02 Social Engineering and Misinformation: Influencing Voter Perception
07:02 Voter Registration Database: Ensuring Accuracy and Security
07:57 Voter Impersonation and Multiple Voting: Mitigating Risks
09:06 Core Defenses: Recap and Global Practices
10:59 Conclusion: The Importance of Election Security

SHOW NOTES & RESOURCES
https://www.StationX.net/podcast/

STATIONX MEMBERSHIP
https://www.stationx.net/join ► Grow your Cyber Security Skills and Advance your Career

#CyberSecurity #AI #Privacy #EthicalHacking #PenTesting #CloudComputing #Programming #Coding #TechCareers #CyberSecurityTraining #DataPrivacy #Infosec #CloudSecurity #DevSecOps #Malware

Transcript

With the U.S. presidential election just around the corner, the question on everyone’s mind is: are voting systems truly secure? As Kamala Harris and Donald Trump prepare for a high-stakes showdown, concerns over the security of the election process itself are peaking. Today, we’re taking a hard look at the critical vulnerabilities in voting systems that could open the door to manipulation—and the consequences go far beyond the ballot.

Election tampering doesn’t just disrupt results; it destabilizes democracy. When foreign actors or even internal adversaries infiltrate voting systems, they undermine public trust, weaken governance, and cast doubt on the legitimacy of elected leaders.

I’m Nathan from StationX, and in this episode of Cyber Security Diaries, we’re breaking down the top risks to election integrity and the defenses that should be used to protect it.

For more insights into cyber security, hacking, and building a career in this field, be sure to like and subscribe.

Let’s start with electronic voting machines, a crucial but vulnerable piece of election tech. While these machines offer efficiency, they often lack essential integrity validation. Outdated software, limited encryption, and, in some cases, no paper audit trail mean that vote counts can be exposed to tampering. Without secure boot and cryptographic signing, we’re leaving the door open to potential code injection or manipulation of configurations.

Consider what happened in Antrim County, Michigan, during the 2020 election. A ballot configuration update was only partially applied, leading to a miscommunication between some tabulators and the election management system, which temporarily skewed the unofficial results. This wasn’t due to software failure but highlights the need for complete and consistent configuration management. It serves as a reminder that validating each component’s configuration, ideally with cryptographic hashing and digital signatures, can help ensure reliable tabulation and reporting.

To address potential vulnerabilities, systems must incorporate secure boot and measured boot protocols alongside Zero Trust principles. These measures ensure that only validated, tamper-free code is executed, and that a detailed audit trail captures every step of the boot process, making tampering easy to detect and respond to.

Supply chain security is a critical concern for voting machine hardware, which often relies on components sourced from multiple third-party suppliers. Hardware can be compromised before it reaches polling stations, creating potential entry points for unauthorized access. For example, reports in 2018 suggested that foreign-manufactured microchips might have been covertly embedded in servers used by U.S. companies to enable hardware-based backdoor access. Although specific claims from that report were disputed, the incident highlighted the possibility of vulnerabilities being introduced into sensitive hardware infrastructure through outsourced manufacturing.

To safeguard against such risks, it is essential to implement rigorous supply chain security practices. Measures such as a Software Bill of Materials (SBOM), hardware attestation, and secure boot protocols help verify each component’s integrity before use. Comprehensive supplier audits further ensure that every part meets security standards, reducing the chance of tampering across the supply chain.

Mail-in voting offers essential accessibility but also comes with unique security trade-offs. Physical ballots in transit are vulnerable to delays and, though rare, potential risks like interception or forgery. During the 2020 election, the USPS introduced ballot tracking to help voters monitor their ballots’ progress. However, logistical challenges and delivery delays raised concerns about relying solely on postal systems for secure and timely delivery.

To strengthen mail-in voting security, measures such as secure tracking, barcodes, tamper-evident packaging, and designated drop-off points are vital for maintaining ballot integrity throughout transit. These safeguards not only help confirm authenticity but also improve transparency and reduce the risk of interference. A more extreme approach to minimizing risks could involve restricting mail-in voting to key personnel, such as soldiers stationed abroad, to limit the volume of ballots requiring transit security and reduce logistical strain.

Insider threats pose a significant risk to election security, as individuals with authorized access to sensitive voting infrastructure can exploit this access for unauthorized actions. A prominent example occurred in Colorado, where former Mesa County Clerk Tina Peters was convicted for unauthorized access to voting machines following the 2020 election. Peters was found to have facilitated the copying and sharing of sensitive data, allegedly allowing unauthorized individuals to gain access to election systems. This case highlighted the importance of monitoring trusted personnel and enforcing strict access controls to prevent misuse.

To mitigate risks like these, Zero Trust principles, role-based access controls, activity logging, and continuous auditing are essential to limit insider access, ensuring no single individual has unchecked access to election infrastructure. These security protocols help detect and deter unauthorized access, even from trusted insiders.

Social engineering and misinformation campaigns target voters directly, aiming to influence perceptions rather than hacking into voting machines. For example, during the 2016 U.S. presidential election, foreign operatives widely spread disinformation via social media, with some messages falsely claiming that voters could “text” their votes to participate. These campaigns exploited public trust, creating confusion about voting processes and potentially affecting voter turnout and decision-making.

To counter these risks, public awareness initiatives and partnerships with social media platforms have become essential. Real-time monitoring of misinformation by agencies like CISA and organizations such as the Knight Foundation help ensure voters receive accurate information, reducing the potential impact of deceptive campaigns.

The voter registration database is foundational to voter authentication, and any compromises in its accuracy can lead to issues like disenfranchisement, duplicate entries, or errors in eligibility, all of which can create confusion on Election Day. In 2018, California encountered issues within its “Motor Voter” program, where errors in the DMV system led to duplicate voter records, incorrect addresses, and mistaken party affiliations. These errors highlighted the importance of real-time monitoring, regular audits, and database security to ensure accuracy.

Protecting voter databases with multi-factor authentication (MFA), encryption, and continuous monitoring through SIEM (Security Information and Event Management) systems helps prevent unauthorized changes, thereby securing the foundation of voter eligibility.

Voter impersonation and multiple voting are key concerns in election security, where individuals might attempt to vote under another’s identity or cast multiple ballots. While evidence for widespread voter impersonation or double voting is limited, the absence of evidence doesn’t equate to evidence of absence. It remains a potential risk, especially in close elections.

Around 98% of European countries, as well as nations like Canada, Mexico, and India, require voter ID as standard security practice. Voter ID serves as both authentication and authorization, verifying each voter’s identity and limiting one vote per person. This practice bolsters public trust, addressing impersonation risks and ensuring each ballot’s legitimacy. In the United States, where voter ID laws vary by state, political factors often influence the implementation of such requirements. Proponents argue that voter ID aligns with global best practices, enhancing security without large-scale infrastructure changes.

Let’s recap the core defenses that help secure election systems, starting with Secure Boot and Measured Boot, which ensure only validated software can run on voting machines. These are effective but require up-to-date hardware, which can be a challenge in many areas.

Next, Supply Chain Security with SBOM helps verify hardware and software sources to keep rogue components out. While vital, it’s tough to fully enforce across global supply chains.

For Mail-In Ballots, Barcode Tracking and Tamper-Evident Packaging keep ballots secure in transit. This works well but depends heavily on the reliability of local postal systems.

Then, Zero Trust and Role-Based Access Control limit insider access, logging every action to prevent tampering from within. These are effective but require ongoing monitoring and skilled personnel—resources that many local election boards lack.

And finally, Real-Time Monitoring for Misinformation combats false claims that might confuse voters. But, misinformation is often subjective and rapidly evolving, making it one of the hardest areas to manage effectively.

Voter ID helps mitigate risks of voter impersonation and multiple voting by verifying each voter’s identity. Nearly all European nations and countries like Canada use voter ID as a security standard. However, implementing this in the U.S. is politically complex.

Together, these measures create a strong foundation, but challenges in funding, personnel, and enforcement mean uniform security remains a goal rather than a guarantee.

Election security isn’t just a technical issue; it’s foundational to democracy itself. When we think about potential vulnerabilities, it’s about more than just systems—it’s about public trust, leadership legitimacy, and the stability of government. Securing these systems is everyone’s responsibility, from tech experts to voters staying informed.

What do you think? Is enough being done to protect election integrity, or is there more work ahead? Let me know your thoughts in the comments below. And if you’re interested in more content on cyber security, hacking, and careers in this field, make sure to like and subscribe for updates. Thanks for tuning in, and I’ll see you in the next episode of cyber security diaries!