Election watchdogs on high alert for hacks

Fears of interference with the election results haven't played out, but the country's guard is up.

Laura Hautala Former Senior Writer
Laura wrote about e-commerce and Amazon, and she occasionally covered cool science topics. Previously, she broke down cybersecurity and privacy issues for CNET readers. Laura is based in Tacoma, Washington, and was into sourdough before the pandemic.
Expertise E-commerce, Amazon, earned wage access, online marketplaces, direct to consumer, unions, labor and employment, supply chain, cybersecurity, privacy, stalkerware, hacking. Credentials
  • 2022 Eddie Award for a single article in consumer technology
Laura Hautala
3 min read

So far, so good.

Forecasts that the election will be hacked have so far not come true. With polls open since 6 a.m. Tuesday in some East Coast states, the only problems troubling voters have been long lines and broken voting machines.

But with fears at an all time high, a cadre of government organizations, computer experts and watchdog groups are at the ready. They're responding to reports from US intelligence agencies that Russian-sponsored hackers have been trying to interfere with the election with leaked emails from US political figures, as well as fears that state and local election systems for registering voters and tallying votes could be targeted by hackers.

In response, the US Department of Homeland Security has said it's been in touch with election officials in all 50 states, offering help to secure voting machines, tallying systems and other important infrastructure. It's currently assisting with security efforts throughout the country. US intelligence agencies also have dedicated staff to monitor election infrastructure and the electrical grid, officials told NBC.

In a briefing with reporters Friday, Homeland Security department officials said they are most concerned about the confusion an election day cybersecurity incident might cause. They don't think hackers will be able to alter votes.

In all, voting in the US is run by about 9,000 different state and local jurisdictions, each with different elections officials and technology. What's more, aside from about 2.3 million Americans who are eligible to vote electronically from abroad, most will be using technology that is never connected to the internet to cast their ballots. Researchers say it would be improbable, if not impossible, for hackers to affect the final result of Tuesday's election.

Broken voting and vote-tallying machines in New York, New Jersey, Tennessee, Alabama and Connecticut have frustrated voters and added to long lines.

"Some machines always break," said David Becker, executive director of the Center for Election Innovation and Research, in an email. "There are hundreds of thousands of machines being used on Election Day, and to get reports of dozens of them not working is not particularly troubling, in general, and consistent with other elections."

No reports of machine-hacking, have surfaced, though. USA today reports that a group of election security experts, including Princeton computer security professor Andrew Appel, are at the ready to advise states if there are concerns about irregularities with voting machines.

Cybersecurity experts have warned that a variety of attacks could sow doubt and confusion. Hackers might target secretary of state websites, keeping people from looking up their polling places. Or they might try to cause another massive internet outage like the one that knocked popular websites like Twitter, Reddit and Netflix offline in late October.

"The most realistic worst-case scenarios we envision for cyber-hijinks this election day are website denial-of-service attacks, which can impact how people get information about the election," wrote experts from cybersecurity firm Rapid7 in a report published Tuesday.

Claims that votes were altered by hackers or cast by fraudulent voters could cause the electorate to doubt the outcome, even if those claims aren't backed up with any evidence.

This possibility was highlighted Friday when a post on the online account for "Guccifer 2.0," the hacker who claimed responsibility for hacking the Democratic National Committee earlier this year, said he'd hacked into the Federal Elections Commission. There, he learned the agency was going to "rig the elections" to favor the Democratic Party.

The blog post has since been taken down. The FEC has no involvement in the tally of votes, so it would be hard-pressed to alter the outcome.