In 2020, Millions Will Cast Ballots Using Insecure Machines, Experts Say America's elections infrastructure is more secure than it was four years ago, but many lingering weaknesses won't be resolved in time for Election Day next year.
NPR logo

Cyber Experts Warn Of Vulnerabilities Facing 2020 Election Machines

  • Download
  • <iframe src="https://www.npr.org/player/embed/755066523/757626279" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript
Cyber Experts Warn Of Vulnerabilities Facing 2020 Election Machines

Cyber Experts Warn Of Vulnerabilities Facing 2020 Election Machines

  • Download
  • <iframe src="https://www.npr.org/player/embed/755066523/757626279" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript

ARI SHAPIRO, HOST:

Remember the hanging chads that caused so much confusion in the 2000 Bush vs. Gore election? Well, since then, the federal government has spent billions of dollars to modernize voting systems. But how secure are today's systems? NPR's Miles Parks has been keeping track of this as we get ready for next year's presidential election, and he is here in the studio.

Hey, Miles.

MILES PARKS, BYLINE: Hi, there.

SHAPIRO: Let's start with defining what makes voting equipment safe. How do you draw the distinction between the good and the bad?

PARKS: So the key, according to cyber experts, is something called software independence. But this is basically just a paper trail. Basically, you want something where voters can look at their ballot before they cast it, something that if there's a malfunction or if there's a hack - a lot of these machines are more than 10 years old, and some of them do malfunction - but you want something where you're not reliant on the technology to be able to spot a problem.

And this is sort of the future of election security - not only protecting the vote, but protecting our ability to then go back and double-check the results so if there is a problem, we can fix it.

SHAPIRO: To kind of do an audit. But some voting systems today don't have that ability. They don't have a paper trail. Why not?

PARKS: Right. So this goes back to that 2000 election, where America just decided we're going to overhaul this whole thing and spend a bunch of money, buy a bunch of new electronic voting machines. But people at this time weren't thinking about security at the - kind of the front of their minds. I talked to Matt Blaze, who's a cybersecurity and voting expert at Georgetown University about this.

MATT BLAZE: Even if you asked us back then what exactly should we do to build secure voting machines, we wouldn't have really been able to tell you precisely what you needed to do. Today, we can.

PARKS: That answer comes down to paper. So there's been this push really over the last decade to get these outdated paperless machines completely out of the American voting system.

SHAPIRO: And how's that push going? How many of those machines will be around in 2020?

PARKS: So it kind of depends on who you ask, really. The Brennan Center for Justice released a report this summer that said the amount of voters who are going to be voting on these sorts of machines in 2020 has basically been cut in half since the 2016 election. And a lot of that comes from Georgia, who is overhauling their entire statewide voting system before that election.

But the number is still pretty high. It was 20% in 2016. In 2020, the Brennan Center seems to think it's going to be about 12%. That's about 16 million voters. And security advocates say this is the most low-hanging fruit in the voting world, something we've been talking about for much of this decade. A foreign adversary attacked the 2016 election, and we couldn't get this thing fixed. There's frustration there.

SHAPIRO: Right, so we know that Russia tried to hack into U.S. election systems - totally separate from the misinformation campaign. Are experts expecting more of the same or even more than we saw in 2016 in 2020?

PARKS: Well, when we look at 2016, it is important to note that there is no evidence that any vote tallies were actually changed in that attack. Attackers were able to break into registration systems and were able to steal some voter data. But the Senate Intelligence Committee did release in their report this summer and they said basically there is a possibility that what Russia was doing them in breaking into those systems wasn't attacking us. Potentially, they were intelligence gathering for a future attack.

I talked to Bruce Schneier, who's a fellow at Harvard's Berkman Center for Internet and Society, about whether he thinks 2016 was kind of the worst of the worst when it comes to cyberattacks on our elections.

BRUCE SCHNEIER: So the odds that we've seen the worst in cyberattacks in any space seems small to me. I mean, this is as bad as it could possibly get for the rest of the future of humanity? That just seems implausible, right? I mean, as soon as I say it, that seems dumb.

PARKS: So it's kind of off when you hear politicians pointing at the 2018 midterms, which went really smoothly, and saying OK, the problem is behind us; everything's fixed. According to people I've talked to, cyber experts, there's still a lot of problems still there and the 2020 election and beyond.

SHAPIRO: Miles, that sounds really ominous.

PARKS: I don't know what to tell you.

SHAPIRO: (Laughter).

PARKS: I mean, you know, we're working on it.

SHAPIRO: That's NPR's Miles Parks on election security ahead of 2020.

Thank you, Miles.

PARKS: Thank you.

(SOUNDBITE OF THE BOOKS AND JOSE GONZALEZ'S "CELLO SONG")

Copyright © 2019 NPR. All rights reserved. Visit our website terms of use and permissions pages at www.npr.org for further information.

NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.