After a presidential election campaign dominated by hacks and leaks, eyes are now turned firmly to the threat of cyber interference aimed at disrupting how votes are cast and counted at polling stations.
Hackers have already made serious attempts at breaching voter registration systems in at least 20 states, so while this campaign has been full of hyperbole, the probing of digital defences has been real, and has certainly gotten the attention of authorities.
Here are five hacks people will be watching out for as voting nears an end this evening:
1. Hacking of voting machines
There is no single, central national election system in the U.S. Instead, states and counties are responsible for running their own elections, including choosing and operating voting machines and tabulating votes.
Their vulnerability to attack varies widely. Voting machines are not directly connected to the Internet, but in some cases they might be linked to election-administration computers that are. Malicious programs can also be installed in voting machines physically or through infected ballot cartridges.
Further complicating the situation, about 10 states primarily use Direct Recording Electronic (DRE) machines, which use touch-screen computers or similar technology to record votes without tracking them on paper. If hackers broke into these machines to change or delete votes, there would be no way to verify it against a physical voting record.
2. Meddling with voter lists
We know that in at least two states – Arizona and Illinois – hackers compromised voter registration databases over the summer. Breaches like these raise concerns about registered voters being deleted from the system, making it more difficult for them to cast a ballot.
Meddling with records has the potential to cause delays on election day, contributing to long lineups at polling stations that frustrate voters – or in some cases, disenfranchise them if they can’t afford to miss work or other obligations while they wait for hours to vote.
Hacks of voter registration databases can also yield information that can be used to misdirect voters on election day – for instance, by sending them to vote at the wrong place or time. But it’s possible to misdirect voters even without this information. In recent weeks, a number of hoax advertisements and posts on social media have invited Clinton voters to “skip the lineup” and text their vote from home. An appealing idea for harried voters, perhaps. But one problem: unlike American Idol, you can’t actually vote by text for the president of the United States. The ads are clearly aimed at tricking Clinton supporters into staying home on polling day.
4. Messing with get-out-the-vote operations
For political campaigns that spend hundreds of millions in the run-up to voting day, it all depends in the end on getting their voters to the polls. To accomplish this, each campaign has elaborate get-out-the-vote (GOTV) operations.
GOTV plans for election day typically include simple steps like schedules for driving voters to their local polling stations, as well as more sophisticated databases. These databases usually assign a ranking to each voter to indicate their assessed likelihood to support a candidate, based on face-to-face interactions and complex predictive models. The databases also assign “turf” – such as a few city blocks – to teams of volunteers assigned to knock on doors and pull the vote. Election Day teams usually have dedicated budgets as well as staff who have spent months or years preparing for this day.
The reliance of modern campaigns on these databases creates a vulnerability, meaning hackers could meddle with central campaign servers and local campaign office data, mixing up schedules for driving voters to the polls or sending GOTV volunteers to the wrong parts of a district.
5. Dirty tricks targeting a swing state
The highly fragmented nature of the U.S. election system serves as its own kind of defence against a coordinated attack that would sway the results of a national election – like we saw in 2014, when a pro-Russian group hacked into Ukraine’s central election computers, deleting files and altering vote counts.
The chairman of the U.S. Electoral Assistance Commission, Thomas Hicks, told a Washington Post panel it would take “an army” of people to pull off that kind of operation in the U.S.
However, in a tight race, the outcome in one state – or even one district – could tip the balance of a presidential election. So authorities will be looking for signs that hostile actors are targeting a particular swing state or pivotal district.
So, who is keeping watch?
The Department of Homeland Security (DHS) is offering states remote support or emergency on-the-ground assistance teams to help deal with Election Day security concerns. The Justice Department is also deploying 500 staffers to monitor polls in 28 states. “As always, our personnel will perform these duties impartially, with one goal in mind: to see to it that every eligible voter can participate in our elections to the full extent that federal law provides,” Attorney General Loretta Lynch said.
Meanwhile, after months of speculation about digital interference with voting, as well as fractious legal contests over access to the ballot for voters based on requirements like photo identification, media organizations have taken the unprecedented step of setting up a shared virtual newsrooms for Election Day.
One virtual newsroom will be staffed by more than 700 journalists from outlets such as The New York Times and USA Today, and partners like Google News Lab, to track disruptions at polling stations through eyewitness reports and social media activity. It’s part of a project called Electionland initiated by ProPublica, a non-profit news organization, that will be gathering and publishing tips throughout the day.