How hackers could destroy Election Day

Thirty-one states and the District of Columbia allow military personnel and overseas voters to return their ballots electronically, according to Verified Voting, a nonprofit group that advocates transparency and security in U.S. elections. “The election official on the receiving end has no way to know if the voted ballot she received matches the one the voter originally sent,” the group warns.

Some ballots are sent through online portals, which exposes the voting system to the internet. And that’s one of the most dangerous things elections officials can do, because it provides a remote point of access for hackers into the election system…

Some ballots are returned via digital fax or email. And some—bafflingly—are sent via email.

“Without encryption, emailed ballots can be easily modified or manipulated en masse while in transit from the voter to the local election officials,” David Jefferson, a voting security expert and computer scientist at Lawrence Livermore National Laboratory, warned in a blog post in 2011.

The threat is still real. Jefferson called it “trivial” for someone with a modicum of technical skills to filter out ballots from a particular county or state and “to automate a process to either discard ballots that contain votes she does not like, or replace them with forged ballots that she likes better, all the while keeping the voter’s signed waiver and envelope attachments intact. Such malicious activity would only result in a transmission delay on the order of one second or so.”