Will the 2020 Election Be Hacked?

We might not even know if it happens

Key Takeaways

  • The presidential election is once again vulnerable to foreign hackers, experts say.
  • Iran and Russia are said to be using hackers to manipulate the election. 
  • Close races are a juicy target for hackers, observers say.
Conceptual image of a Russian hacker.
Bill Hinton / Getty Images 

Next week’s presidential election is vulnerable to manipulation by foreign hackers and if ballots are altered by outside interference the American public might not know about it for weeks or months, experts say. 

The Russian and Iranian governments are separately using hackers to influence the results of the election. The effort comes after security officials have concluded that the 2016 election was manipulated by the Russian government in President Trump’s favor. The same thing could happen this year, observers say. 

"Cyberattacks towards counties where in-person voting will take place across hundreds of polling stations will certainly ramp up over the week," Marcus Fowler, a former CIA executive, and currently the Director of Strategic Threat at Darktrace, said in an email interview. "Counties tend to be underfunded, under-resourced, and understaffed, especially when it comes to cybersecurity. They are the low hanging fruit out of all the different organizations that nation-backed hackers and cybercriminals will target." 

Online attacks have been ramping up against municipal voting targets, especially in the last few weeks, Mike Puglia, Chief Strategy Officer, Kaseya, said in an email interview. The ransomware attack that impacted a database of voter verification credentials in Hall County, Georgia last week "is one facet of what could ultimately be a significant problem," he added. "In some states like Louisiana, officials have already dispatched the National Guard and other agencies to coordinate a response for potential cyberattacks, and that’s a smart move."

Conceptual image of USA voting and elections.
smartboy10 / Getty Images

Decentralization Has Its Pros and Cons

The United States uses a decentralized election process where state and local authorities use different mechanisms to collect, count, and report votes, pointed out Steve Grobman, Chief Technology Officer of the antivirus firm McAfee, in a video interview. "So for an adversary to do something at scale would be challenging," he added. "I think the flip side of it is because there are so many different systems, an adversary has the advantage of finding any one of those systems that has a weakness and focuses on exploitation there." 

The scattered nature of the US voting system offers some protection from hacks, some experts say. "The US election season is the summation of thousands of local elections, which use different types of voting technologies and procedures making it difficult to hack an election at scale," Scott Shackelford, the chair Indiana University’s Cybersecurity Program, said in an email interview. "Yet, in a close election, targeting certain core swing counties in certain core swing states could make an outsized difference, which is one reason we are seeing targeted disinformation campaigns seeking out specific voters in an effort to depress turnout. So far, the early voting figures do not lend credence to these efforts being successful."

Grobman was less sanguine in his assessment, however. "While it would be difficult to manipulate the vote at scale, for the popular vote, presidents aren’t elected through the popular vote, they're elected through the Electoral College," he said. "So, manipulation of votes in a state that has close races would be a much more practical approach." 

A graphic illustration of the US Presidential Election.
da-kuk / Getty Images

Local Races Are Catnip for Hackers

Local, public-facing election sites are particularly vulnerable to attack, Grobman said. Hackers could potentially change everything from information on the candidates to data on election logistics, such as where, when, and how to vote, he added. They could even make false versions of official websites as many lack "basic cyber hygiene" including site security, he said. 

In many cases, local election authorities don’t validate electronic votes with paper ballots, Grobman said. "Even if we're using technology to automate and accelerate the tallying of votes, you can't change what's circled in or, you know, a circle that's filled in with pencil from halfway around the world," he added. "If a vote is purely digital that opportunity exists."

Mcafee has not tested vulnerabilities in election systems because doing so without invitation is illegal, he noted. "What I would say is the fact that even though the public systems that we can assess are lacking some of the basic cyber hygiene elements doesn't provide as much confidence as I would hope, given that, you know, those systems are run in many cases by the same organizations running the voting systems themselves," he said.

If the election is hacked, we might not even know it, Grobman says. Cyber attacks against companies often take months or weeks to detect. "There's no reason to believe that a successful cyberattack against the election system would have a shorter time to detect," he added. "In some ways, the election systems are simpler so there are more sensors and eyes on them. But at the same time, it's a legitimate concern that detection could occur well after the election has been executed and results have been reported. I don't know that there's anything we can do about it other than continue to improve our election infrastructure and provide additional auditing capabilities for the future."

"In some states like Louisiana, officials have already dispatched the National Guard and other agencies to coordinate a response for potential cyberattacks."

Who’s the Hacker?

The election threats this year are similar to 2016, former DHS Under Secretary Suzanne Spaulding, and current advisor to Nozomi Networks, says. Russia is still engaged in efforts to attack President Trump's opponent and de-legitimize the election if Trump loses, she said in an email interview.

The Russians are also still trying to depress voter turnout and, as in 2016, they are using social media, propaganda outlets like RT and Sputnik, and public statements by Russian officials, she said.  "But while the goals and the channels for spreading their messaging may be the same, the techniques have evolved," she added. "Russian trolls and bots today are far more likely to amplify domestic voices than to create original content. They have spent years creating an online infrastructure, including creating fake affinity groups and infiltrating existing groups, to help generate and amplify domestic content furthering their goals." 

While Iran and Russia have dominated headlines with previous hacking attempts, they aren’t the only ones who might try, experts say. The usual threats in cyber warfare, such as nation-states, private political actors and activists, and even generalist cybercriminals using ransomware for financial gain are all likely participants, Fowler said. "Cyber can be so asymmetric, that while we focus on the big nation-state threats, like China and Russia, other smaller adversaries could be conducting disguised sideline operations as well," he added. 

Foreign states or groups may not be siding with one political party over another but they have an interest in "undermining confidence" in the US electoral system, Michael Bahar, a partner in the law firm of Eversheds Sutherland LLP, and a former Deputy Legal Advisor to the National Security Council at the White House, said in a video interview. "America has been this shining beacon on a hill, for foreign adversaries the best thing they can do is dull that shine." 

Playing Defense 

Defending the election infrastructure will be a game of cat and mouse, experts say. Instead of hacking into voter registration databases, which are better protected now than they were in 2016, authorities should be prepared for cyberattacks that deny access to voter registration lists on election day, Spaulding said. Ransomware attacks, for example, that would lock up the data so poll workers could not access it. Or cyber activity could disrupt the tabulation or reporting of results, she added. "In addition, with a significant increase in mail-in voting expected, we should look for disinformation designed to undermine the public's trust in that process," she said. "We are seeing it already in the Russian propaganda outlets." 

But some analysts say that the US seems to have learned little from past hacking attacks. "Sadly the US response to the attacks on our 2016 elections has been woefully insufficient," Kent Blackwell, Threat & Vulnerability Assessment Manager of Schellman & Company a security and privacy compliance assessor said in an email interview.

101010 Data Lines Ripple With Soviet Flag
Matt Anderson Photography / Getty Images 

Local governments need a large infusion of money to help strengthen their systems both at a technical level as well as training those that maintain and secure the systems, he said. "While some advances have been made and the threat is better known, external attackers remain undeterred and continue their efforts to interfere this year and into the future," he added. 

Grobman sounded a grim note about the weak state of the country’s defenses against vote hacking. "I think there's a lot we can do from an election infrastructure perspective in the long run," he said. "We don't have the luxury to make those changes in the next six days and therefore, we have to be as vigilant as possible. If you're in a house that the National Weather Service told you to evacuate, and you decided to stay once the hurricane approaches you're going to have to ride out the storm and batten down the hatches to the best of your ability. We're at the point that the election systems for 2020 are what they are."

A clear picture of whether this year’s election was hacked may not emerge for months, if ever. In the meantime, the best advice experts can offer is 'be on guard.'