Home / Cyber / Hacking of Electronic Voting Machines: A Threat to Democracy and the Need for a Secure Voting System

Hacking of Electronic Voting Machines: A Threat to Democracy and the Need for a Secure Voting System

Introduction

In a world increasingly driven by technology, electronic voting machines (EVMs) have become a critical component of modern democratic processes. These machines offer the promise of convenience, efficiency, and accuracy in counting votes. However, they also present a significant challenge: the potential for hacking and tampering, which threatens the very essence of democracy. In this article, we will explore the risks associated with EVMs, the consequences of hacking, and the urgent need for a secure voting system.

 

The Promise of Electronic Voting

Electronic Voting Machines (EVMs) were introduced with the noble intention of streamlining the voting process and minimizing errors associated with manual counting. They offer several advantages:

  1. Speed and Efficiency: EVMs can tally votes much faster than manual methods, reducing the time required to announce election results.
  2. Accuracy: EVMs are designed to minimize errors in vote counting, ensuring that every vote is accurately recorded.
  3. Reduced Paper Usage: EVMs contribute to environmental conservation by reducing the need for vast amounts of paper ballots.
  4. Accessible Voting: EVMs can be adapted to accommodate individuals with disabilities, making the voting process more inclusive.

Electronic voting machines (EVMs) are used in many countries to record and count votes in elections. However, EVMs are vulnerable to hacking, which could undermine the integrity of elections and threaten democracy.

The Threat of Hacking

While EVMs offer numerous benefits, they are not immune to cybersecurity threats. Hacking of electronic voting machines has the potential to undermine the integrity of elections and erode public trust in the democratic process. Some key concerns include:

One way to hack EVMs is to physically access the machines and install malicious code. This could be done by poll workers who are malicious or who have been compromised, or by attackers who gain access to the polling place. Another way to hack EVMs is remotely, through the internet or other wireless networks. This could be done by attackers who exploit vulnerabilities in the EVM software or hardware.

  1. Unauthorized Access: Skilled hackers may gain unauthorized access to EVMs, potentially altering or deleting votes.
  2. Manipulation of Results: Cyberattacks could manipulate voting results, leading to incorrect outcomes that do not reflect the will of the people.
  3. Disruption of Elections: Hacking attempts could disrupt the voting process, causing chaos and confusion at polling stations.
  4. Voter Suppression: Hacked EVMs could target specific demographics or regions, suppressing the votes of particular groups.
  5. Long-Term Consequences: Successful hacking could have enduring consequences, casting doubt on the legitimacy of elected officials and weakening the foundations of democracy.

Hacking of EVMs could have a number of serious consequences. For example, hackers could change the votes that are cast, or they could delete votes altogether. Hackers could also prevent people from voting, or they could make it difficult to count the votes accurately.

Hacking Incidents and Concerns

2014 General Elections: After the 2014 general elections in India, a US-based technologist claimed that EVMs were hacked, questioning the legitimacy of the results that brought Narendra Modi’s BJP party to power. Indian election authorities dismissed these allegations.

Concerns in the US: In the United States, where voting machines have been in use for approximately 15 years, concerns have arisen. There are now about 35,000 voting machines in use, some of which lack a back-up paper trail. In a notable incident eight years ago, University of Michigan scientists demonstrated that they could change results by connecting a homemade device to a voting machine and sending text messages from a mobile phone.

ballot rigging occasionally surfacing. In this article, we delve into the significance of EVMs, recount hacking incidents, and emphasize the critical need for a secure voting system.

The Role of EVMs in India’s Elections

Electronic Voting Machines were introduced in India to combat electoral fraud and streamline the voting process. According to the research paper by Debnath, Kapoor, and Ravi, EVMs have brought about several positive changes:

  1. Reduced Electoral Fraud: EVMs significantly curtailed electoral fraud, preventing incidents like capturing polling stations and stuffing ballot boxes.
  2. Enhanced Voter Participation: These machines encouraged marginalized sections of society, including the poor and the weak, to participate in the electoral process actively.
  3. Increased Competition: EVMs made elections more competitive by ensuring that every vote counted, regardless of the candidate’s background or party affiliation.

Despite their many advantages, Electronic Voting Machines in India have not been without controversy. Allegations of hacking and ballot manipulation have emerged over the years.

UK’s Electoral Commission Falls Victim to Cyberattack”

In August 2023, the UK’s elections watchdog, the Electoral Commission, made a startling revelation—it had been targeted in a “complex cyber-attack” with far-reaching implications for millions of voters. The attack, discovered in October 2022, was perpetrated by unspecified “hostile actors” who managed to infiltrate the commission’s systems, gaining access to copies of electoral registers dating back to August 2021.

The compromised data held a wealth of information, including the names and addresses of UK residents who had registered to vote between 2014 and 2022. This vast dataset encompassed both individuals who had chosen to keep their details off the open register (not accessible to the public but available for purchase by entities like credit reference agencies) and overseas voters (although only their names were accessible, not their addresses). Remarkably, the data of individuals who registered anonymously for safety or security reasons remained untouched by the breach.

While the personal data exposed—names and addresses—was not inherently high-risk, it could potentially be combined with other publicly available information to identify and profile individuals. This raised concerns about privacy and the potential misuse of this information.

The Electoral Commission emphasized that the attack did not grant hackers the ability to alter or delete data within the electoral registers, which are maintained by registration officers across the UK. Additionally, information concerning donations and loans to political parties and registered campaigners remained unaffected.

One might wonder why the commission did not make the breach public earlier. The delay was attributed to the need to halt the hackers’ access, assess the full extent of the breach, and fortify security measures. The commission’s chair, John Pullinger, explained, “If you go public on a vulnerability before you have sealed it off, then you are risking more vulnerabilities.” The attack itself was described as “very sophisticated,” with hackers employing software to infiltrate and evade the commission’s systems.

Shaun McNally, the commission’s chief executive officer, expressed understanding for the public’s concerns and offered apologies to those affected. In response to the attack, the commission implemented various security enhancements, including updated login requirements, an improved alert system, and firewall policy adjustments.

The cyberattack on the UK’s Electoral Commission serves as a stark reminder of the critical need for robust cybersecurity measures in safeguarding the democratic process. As technology continues to play an ever-expanding role in elections worldwide, securing voter data and electoral infrastructure becomes paramount to preserving the integrity of the democratic system.

The Urgent Need for a Secure Voting System

These hacking incidents and concerns underscore the urgent need for a secure voting system. To ensure the integrity of the democratic process and maintain public trust, the following measures should be considered:

  1. Paper Trails: Implementing a voter-verified paper audit trail (VVPAT) ensures that there is a physical record of each vote. This allows for post-election audits and provides a fallback option in case of electronic tampering. Implementing VVPAT in conjunction with EVMs can provide a physical record of each vote, allowing for audits and verification.
  2. End-to-End Encryption: All data transmitted between EVMs and central systems should be encrypted to prevent interception and tampering.
  3. Regular Security Audits: EVMs should undergo regular security audits conducted by independent experts to identify vulnerabilities and address them proactively.
  4. Secure Supply Chain: Ensuring the security of EVMs’ supply chain, from manufacturing to deployment, is crucial in preventing tampering.
  5. Access Controls: Strict access controls, including multi-factor authentication, should be in place to prevent unauthorized physical access to EVMs.
  6. Cybersecurity Training: Election officials and poll workers should receive cybersecurity training to recognize and respond to threats effectively.
  7. Open Source Software: Using open-source software can enhance transparency and allow for public scrutiny of the voting system’s code.
  8. Vigilant Monitoring: Continuous monitoring of voting systems during elections can help detect and respond to any suspicious activities promptly.

In addition, it is important to have a backup system in place in case EVMs are hacked or fail. This backup system could involve using paper ballots or other forms of voting. It is also important to educate voters about the potential for EVM hacking and how to protect their votes. Voters should be encouraged to report any suspicious activity to election officials.

Conclusion

Electronic voting machines have the potential to revolutionize the electoral process, making it more efficient and accurate. However, the threat of hacking poses a severe risk to the democratic principles we hold dear. To ensure that every vote counts and that the voice of the people remains unaltered, we must prioritize the development and implementation of secure voting systems. By taking proactive measures to protect our electoral infrastructure, we can uphold the integrity of our democratic institutions and strengthen trust in the electoral process. By implementing measures like VVPAT, encryption, security audits, and rigorous access controls, we can ensure that the democratic principles upon which nations are built remain unscathed and that every vote truly counts.

 

References and Resources also include:

https://www.bbc.com/news/uk-politics-66441010

 

About Rajesh Uppal

Check Also

Nation-Backed Cyber Attacks: The Global Threat Posed by Russia, China, North Korea, and Iran

In today’s interconnected world, cyberspace has become the new battleground for global dominance. Nation-states are …

error: Content is protected !!