The Iowa caucus is here, meaning it’s officially become election season, so you may be thinking: if I can buy a car online, watch all my favorite TV shows online, and go online to hire a dog walker, why can’t I vote online? Well, depending where you are, that may actually be possible. If you live in King County, Washington, for instance, you can vote online in this year’s district elections. So while the concept is starting to take shape for some smaller ballot votes, let’s take a look at how the model designed to guide policies for information security within an organization, the fabled CIA triad (confidentiality, integrity, availability), would affect online voting.
Distributed Denial of Service (DDoS) Attack
In a DDoS attack, a threat actor attempts to overload a website with traffic, with the intent to disrupt the availability of the website and prevent access to valid users. As these types of attacks typically require minimal effort and cost to perform for a sophisticated threat actor – to the point where NetScout reported that there were approximately 3.8 million DDoS attacks in first half of 2019 alone – a single threat actor could attempt to bring down the availability of a website during critical voting times to prevent constituents from casting their ballots. This could significantly impact the results of the election since it would also discourage voting in general, as people are less likely to continue to attempt to submit votes.
Malware on the Voter’s Device
Depending on which device the voter would use, whether phone, home computer or work computer, there’s a chance it could already be compromised by a threat actor. With voters having such a variety of technologies at their disposal and with varying voter technical sophistication, there’s likelihood that many devices may not be properly secured to ensure that malware is not already present. If that’s the case, a threat actor could perform malicious activity using the voter’s device without the voter’s knowledge. It would also be exceedingly difficult from an oversight perspective to verify the security of each user’s device prior to them casting a ballot.
Man in the Middle Attacks
A Man in the Middle attack occurs when a threat actor secretly relays – and possibly alters –communications between two parties who believe they’re directly communicating with each other. Assuming you have no malware on your device when you go to vote, there’s still a possibility that a threat actor may intercept or redirect your vote as it’s transmitted over an open internet. While complicated, it is possible that an attacker could compromise a relay point in the transmission process and stop or manipulate your vote, which could then be submitted by the attacker without the voter even being aware that his or her vote was intercepted.
Then there’s the issue of understanding how the voter authenticates to the system in order to vote. Is it through a combination of personal information such as their address, birthday or Social Security number? Or would each voter be provided a unique sign-in authenticator in order to access the voting system? The issue here becomes validating the integrity of the voter or, in short, validating that they are who they say they are.
Using personal information of the voter always presents a chance that the information is known by a threat actor or is for sale on the dark web. By providing a unique authenticator to each individual, say via the mail, there’s always a chance, though, that the identifier is intercepted or compromised en route. In addition, the election board may need to verify the integrity of the voter when validating his or her vote by reviewing personal information, thus removing some of the confidentiality voters expect.
Web Application/Server Security
Even assuming the above four risks are addressed in some form, placing a system externally on the internet leaves it prone to be attacked by threat actors, who from anywhere in the world could target a voting system for both Web application coding misconfigurations and vulnerabilities along with the servers themselves. Any oversight board would need to ensure the application is written with security in mind and servers are properly patched and hardened to ensure the confidentiality of information, integrity of the votes and availability of the voting platform.
While the above are just some of the risks involved with the implementation of online voting, it’s not to say these risks couldn’t be addressed. There are surely a number of benefits to online voting, including the potential for increased voter turnout due to the process being more efficient, accessible and convenient, so it’s entirely possible that in the future voting online may be the primary way an election is held.
You’ve heard our thoughts… We’d like to hear yours
The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].
Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.