Skip to content

Illustration by Security Management

Unhackable Voting Machines Found to Be Vulnerable to Hacking

Researchers at the Univerisity of Michigan published a study claiming that new voting machines that are slated for use in the 2020 elections could be hacked by U.S. adversaries.

The study, Can Voters Detect Malicious Manipulation of Ballot Marking Devices?, looked at ballot-marking devices (BMDs), which were offered to the country's districts as a secure alternative to paperless voting machines in light of Russian hackers' attempts to influence the 2016 presidential election. BMDs are planned to be used as the default voting machines this November for at least 18 percent of the country's districts, according to The Washington Post.

"The security of BMDs depends on how reliably voters notice and correct any adversarially induced errors on their printed ballots," according to the study, which produced the first large-scale review of the machines with a sample size of 241 BMDs. 

On these machines, voters select their candidates at a computer kiosk, which prints out a paper ballot that the voter can review prior to inserting it into a scanner that catalogs the results. The BMDs have been praised for offering a more user-friendly interface, normalizing the process for all voters, and offer support for complex situations, such as the need for multiple languages or multiple-choice answers. However, "without intervention, only 40 percent of participants reviewed their printed ballots at all, and only 6.6 percent told a poll worker something was wrong."

The study found that malware can be introduced into either the BMDs or the ballot scanners, altering the ballots. While malware in the scanner would not be determined through a post-election audit since the paper trail itself would be incorrect, spotting that something is off with the BMDs relies namely on the voters themselves. "Whether a misprinting attack would succeed without detection is highly sensitive to how well voters verify their printed ballot," the study said. 

The researchers found that specific interventions can improve the voter reviewing and reporting rates, "although the improvements may not be large enough to provide strong security in close elections, especially when BMDs are used by all voters." The study recommended several methods for improving ballot verification, including designing polling places' layouts and procedures with the aim of enhancing verification, verbally instructing voters to review the paper after their ballot has printed but before it is scanned, helping voters correct errors and tracking any issues, and making contingency plans if a BMD is found or suspected of "misbehaving." The authors also recommended additional study for the use of personalized slate voting, where voters prepare their own slates or list of candidates, which could be checked against each selection printed by a BMD.

But even with engineered interventions that encourage voters to scrutinize their ballots and take action when something seems amiss, the authors said more research is needed. "Until BMDs are shown to be effectively verifiable during real-world use, the safest course for security is to prefer hand-marked paper ballots," the review said.

Security professionals are also looking at shoring up other potential weak links in the voting process, such asthe systems used to collect voter registration information.