The Security Risks Behind Voting Machines & Mail-in Ballots jshop-prosu, cvv-shopru

In recent months, the security of absentee voting, widely used due to the threat of the COVID-19 pandemic, has been called into question. But are these processes any less secure than the electronic voting systems used on a “normal” election day?
Electronic voting systems come in a number of different forms. At the polls, a voter may experience a few different types of voting systems:
Electronic voting machines have a number of different security issues, many of them known for over a decade. The issues with electronic voting and the challenges of fixing them have been demonstrated by a number of different cases, including:
These issues point to the conclusion that a determined attacker could easily breach the US election infrastructure if they chose to do so. The fact that this has not occurred is attributed to the fact that no threat actor has chosen to do so. In fact, Russia is believed to have gained access to voter registration systems in several states in 2016 but chose not to take action on it.
However, this lack of discovered breaches may have resulted from a lack of looking for them. In 2018, Netragard performed an analysis of the Crosscheck system designed to detect voters casting multiple ballots in different jurisdictions. Based upon analysis of public information, several vulnerabilities were discovered, but they could not be followed up on because hacking election infrastructure is illegal.
After hearing of the assessment, a Kansas official claimed that our team “didn’t succeed in hacking it.” Later a different claim by another Kansas legislator claimed that a “complete scan” did not find any evidence of attackers exploiting the vulnerabilities to breach the system. This is despite the fact that no vulnerability scan could detect a breach and that no evidence exists of a digital forensics investigation occurring to identify a potential breach.
At the end of the day, the answer to the question of whether or not a hacker could breach US election infrastructure is “almost certainly”. However, no evidence exists of this occurring, potentially because no conclusive investigation has been performed.
In most states, voting via an absentee or mail-in ballot is a two step-process. The first step is submitting an absentee ballot request. If this request is validated, an absentee ballot is sent to the voter’s registered address to be completed and returned via mail or an election dropbox.
The validation steps for absentee ballot requests and ballots vary from state to state. Each state performs at least one (and often several) of the following checks:
The Heritage Foundation keeps a record of every case of alleged voter fraud that has been reported to date. This database includes a variety of different voting crimes, including fraudulent registrations, misuse of absentee voting, coercion of voters at the polls, and more. To date the Heritage Foundation has recorded 1,298 cases of alleged voter fraud between 1988 and 2020, though some of its claims are unsupported or incorrect .
Of these 1,298 cases, the Heritage Foundation claims that 207 individuals have been involved in 153 distinct cases of voter fraud that involved the use of absentee ballots. Of these cases, 39 (involving 66 individuals) have included a deliberate attempt to change the results of an election. Other cases involve people voting for a recently deceased spouse or relative, a single person voting twice in different jurisdictions, using a previous mailing address on a ballot, mailing in the ballot of a non-relative (which is illegal in many jurisdictions), and other small-scale errors or attempts at fraud.
In general, attempts to change the results of an election via mail-in voter fraud have focused on local elections with a small margin. One of the larger cases of fraud on record (Miguel Hernandez, 2017) involved an individual forging absentee ballot requests and collecting and mailing the ballots after the voters had completed them. This incident included only 700 mail-in votes, and the actual voting was performed by the authorized voters. Even if Hernandez forged the votes, the impact on a US Presidential election would be negligible.
For comparison, over 125 million votes were cast in the 2016 election. According to the Heritage Foundation, there were six attempts at absentee ballot fraud in the 2016 Presidential Election:
These cases are clear examples of voter fraud in the 2016 election. However, even if they were undetected and all voted the same way, ten votes are unlikely to have any impact on the election. In fact, an election commission looked into the claims of 3-5 million fraudulent votes being cast in the 2016 election. Claims were was disbanded with no findings .
At the end of the day, there is no evidence of election interference or voter fraud using electronic voting machines or mail-in ballots. While six counts of misuse of absentee ballots were detected in the 2016 Presidential election, they comprised a total of ten votes.
If anything, the threat of glitches in electronic voting machines should be considered a major threat to election security. In 2019, analysis of the paper record of a “glitchy” voting machine led to the discovery that in a local Pennsylvania election, a candidate who only had 15 recorded votes actually won the election by over 1,000 .
While mail-in ballots have their issues (like an overburdened postal system), electronic voting machines are much less secure and reliable. The fact that an unknown number of electronic voting systems are connected to the Internet , making them accessible to hackers and vulnerable to malware, creates a much greater exposure to election meddlers than absentee ballots, which must be physically collected and filled out to be used in fraud.
< Back to Listings < Back to Listings jshop-prosu cvv-shopru