Managing security issues of electronic voting to protect the resiliency of the electoral process

Avery M. Blank, JD

doi:10.5055/jem.2012.0117

Authors

Avery M. Blank, JD

DOI:

https://doi.org/10.5055/jem.2012.0117

Keywords:

critical infrastructure, cyberattack, cybersecurity, electoral fraud, electoral process, electronic voting, emergency management, e-voting, Hurricane Sandy, i-voting, principles of emergency management, Sandy

Abstract

The purpose of this article is to heighten the awareness among homeland security and emergency management professionals to the significant role they can play in protecting electronic voting from the very real potential of cyberattacks. It is important for these professionals to understand electronic voting and its advantages and disadvantages at this point in time because the number of cybersecurity attacks is increasing, electronic voting usage is increasing, and the media have overlooked this aspect of the voting system. Homeland security professionals and, in particular, emergency management professionals need to be involved because electronic voting is intimately connected with the nation’s critical infrastructure, voting is a local activity, and the principles of emergency management professionals suggest that they have the relevant skills to help solve the security issues related to electronic voting.

Author Biography

Avery M. Blank, JD

Law & Policy Analyst, Center for Health & Homeland Security, University of Maryland, Baltimore, Maryland.

References

Buchsbaum TM: E-voting international developments and lessons learnt. In Prosser A, Krimmer R (eds.): Electronic Voting in Europe: Technology, Law, Politics and Society. Lake of Constance, Austria: Workshop of the ESF TED Programme, 2004: 31-42. Available at http://www.e-voting.cc/wp-content/uploads/Proceedings%202004/20120123_Proceedings_2004_gesamt.pdf#page=30. Accessed October 10, 2012.

Jones DW: A Brief Illustrated History of Voting. University of Iowa. Available at http://homepage.cs.uiowa.edu/~jones/voting/ pictures/. Accessed October 10, 2012.

42 USC §1973ff et.seq. (2012).

Federal Voting Assistance Program: The Uniformed and Overseas Citizens Absentee Voting Act Overview. Available at http://www.fvap.gov/reference/laws/uocava.html. Accessed October 10, 2012.

42 USC §15301 et.seq. (2012).

42 USC §1973ff (2012).

National Aeronautics and Space Administration: Democracy in Orbit: Chiao to Vote in Space. October 21, 2004. Available at http://www.nasa.gov/vision/space/livinginspace/chiao_votes.html. Accessed October 11, 2012.

Superior Electoral Court: Security in the Electronic Voting System. Available at http://www.tse.gov.br/internet/ingles/voto_eletronico/conhecendo_ue.htm. Accessed October 11, 2012.

Government of India: Electronic Voting Machine. Available at http://www.india.gov.in/allimpfrms/alldocs/11946.pdf. Accessed October 11, 2012.

Swissinfo.ch: E-voting Brings New Potential to Swiss Elections. January 20, 2003. Available at http://www.swissinfo.ch/eng/Home/ Archive/E-voting_brings_znew_potential_to_Swiss_elections.html?cid=1025060. Accessed October 11, 2012.

Politsei- ja Piirivalveamet: Identity Documents. Available at http://www.politsei.ee/en/teenused/isikut-toendavad-dokumendid/. Accessed October 11, 2012.

Elections and E-Voting. Available at http://www.valimised.ee/teema_eng.html. Accessed October 11, 2012.

Barnes JE, Gorman S: U.S. readies cyberdefense. The Wall Street Journal. October 12, 2012. Available at http://online.wsj.com/article/SB10000872396390444657804578051071681887566.html?mod=googlenews_wsj. Accessed October 12, 2012.

US Industrial Control Systems Cyber Emergency Response Team: ICS-CERT Incident Response Summary Report. June 28, 2012. Available at http://www.us-cert.gov/control_systems/pdf/ICSCERT_Incident_Response_Summary_Report_09_11.pdf. Accessed October 12, 2012.

McAfee Research Labs: Revealed: Operation Shady RAT: An Investigation of Targeted Intrusions into 70+ Global Companies, Governments, and Non-Profit Organizations During the Last 5 Years. August 2, 2011. Available at http://www.mcafee.com/us/resources/white-papers/wp-operation-shady-rat.pdf. Accessed October 12, 2012.

Center for Strategic and International Studies: Significant Cyber Incidents Since 2006. January 19, 2012. Available at http://csis.org/files/publication/120927_Significant_Cyber_Incidents_Since_2006_0.pdf. Accessed October 12, 2012.

Zajac A: E-mail Votes Seen Raising Election Security Risk: BGOV Barometer. Bloomberg. October 5, 2012. Available at http://www.bloomberg.com/news/2012-10-05/e-mail-votes-seen-raisingelection-security-risk-bgov-barometer.html. Accessed October 8, 2012.

Engleman E: Security of N.J. E-Mail Voting After Storm Is Questioned. Bloomberg. November 6, 2012.Available at http://www.bloomberg.com/news/2012-11-06/security-of-n-j-e-mail-voting-afterstorm-is-questioned.html. Accessed November 6, 2012.

Hatfield B: The Recount – E-Voting 101. October 11, 2012. Available at http://www.novanewsnow.com/section/2012-10-11/article-3096916/The-recount——e-voting-101/1. Accessed October 15, 2012.

MacDonald D: Electronic Voting to be Used for Advance Polls in 2014 Municipal Election. September 26, 2012. Available at http://www.northernlife.ca/news/localNews/2012/09/26-electronicvoting.aspx. Accessed October 15, 2012.

Sagan A: B.C. Looks to E-voting to Increase Turnout. August 9, 2012. Available at http://www.theglobeandmail.com/news/britishcolumbia/bc-looks-to-e-voting-to-increase-turnout/article4472692/. Accessed October 15, 2012.

Editorial: Electronic Voting is Still Too Wild. USA Today. September 25, 2012. Available at http://www.usatoday.com/story/opinion/2012/09/25/electronic-voting-fraud-security/1581857/. Accessed October 15, 2012.

Liptak A: Error and Fraud at Issue as Absentee Voting Rises. New York Times. October 6, 2012. Available at http://www. nytimes.com/2012/10/07/us/politics/as-more-vote-by-mail-faultyballots-could-impact-elections.html?pagewanted=all&_r=0. Accessed October 15, 2012.

Khan N, Carson C: Comprehensive Database of U.S. Voter Fraud Uncovers No Evidence that Photo ID is Needed. August 12, 2012. Available at http://votingrights.news21.com/article/electionfraud/. Accessed October 15, 2012.

USLegal: Electoral Fraud Law & Legal Definition. Available at http://definitions.uslegal.com/e/electoral-fraud/. Accessed October 15, 2012.

Grossman WM:Why Machines are Bad at Counting Votes. April 29, 2009. Available at http://www.guardian.co.uk/technology/2009/apr/30/e-voting-electronic-polling-systems. Accessed October 16, 2012.

Schwartz J: Computer Voting is Open to Easy Fraud, Experts Say. New York Times. July 24, 2003. Available at http://www.nytimes.com/2003/07/24/us/computer-voting-is-open-to-easy-fraudexperts- say.html?pagewanted=2&src=pm. Accessed October 16, 2012.

Maryland State Board of Elections: Voting System FAQ. Available at http://www.elections.state.md.us/voting_system/faq.html. Accessed October 16, 2012.

Fenberg S: Does the 47 Percent Vote? A Note on Perfect Voter Turnout. Huffington Post. September 25, 2012. Available at http://www.huffingtonpost.com/steve-fenberg/national-voter-registrationday_b_1910115.html. Accessed October 16, 2012.

Hite RC: Electronic Voting Offers Opportunities and Presents Challenges. Available at http://www.gao.gov/new.items/d04766t.pdf. Accessed October 16, 2012.

Unger SH: E-Voting: Big Risks for Small Gains. February 5, 2007. Available at http://www1.cs.columbia.edu/~unger/articles/e-voting1-11-07.html. Accessed October 16, 2012.

Associated Press: Iran Denies Role in Cyberattacks on Oil and Gas Companies in Gulf,Welcomes Probe.Washington Post. October 14, 2012. Available at http://www.washingtonpost.com/world/middle_east/iran-denies-role-in-cyberattacks-and-gas-companiesin-gulf-welcomes-probe/2012/10/14/c29d45d0-15f4-11e2-a346-f24efc680b8d_story.html. Accessed October 17, 2012.

NDP Cyber Attack: Party Determined to Find Electronic Voting System Hacker. Huffington Post. March 25, 2012. Available at h t t p : / /www.huffingtonpost.ca/2012/03/25/ndp-cyberattack_n_1378478.html. Accessed October 17, 2012.

The White House Office of Homeland Security: National Strategy for Homeland Security. July 2002. Available at http://www.ncs.gov/library/policy_docs/nat_strat_hls.pdf. Accessed October 17, 2012.

Haddow G, Bullock A: Introduction to Emergency Management. Amsterdam: Butterworth-Heinemann, 2003.

Walker JJ: Cyber Security Concerns for Emergency Management. In Eksioglu B (ed.): Emergency Management. Rijeka, Croatia: InTech, 2012. Available at http://cdn.intechopen.com/pdfs/26817/InTech-Cyber_security_concerns_for_emergency_management.pdf. Accessed October 9, 2012.

Federal Emergency Management Agency: Unit 3: Disaster Sequence of Events. Available at http://training.fema.gov/emiweb/is/IS208A/04_SDM_Unit_03_508.pdf. Accessed October 18, 2012.

Griggs A: New Jersey Lets Sandy Victims Vote Via E-Mail. CNN. November 5, 2012. Available at http://www.cnn.com/2012/11/05/tech/web/new-jersey-voting-email/index.html. Accessed November 6, 2012.

Principles of Emergency Management Supplement. September 11, 2007. Available at http://www.iaem.com/publications/documents/PrinciplesofEmergencyManagement.pdf. Accessed October 18, 2012.

Federal Emergency Management Agency: What is Mitigation? Available at http://www.fema.gov/mitigation. Accessed October 22, 2012.

Federal Insurance and Mitigation Administration (FIMA): Available at http://www.fema.gov/what-mitigation/federal-insuranceand-mitigation-administration-fima. Accessed October 22, 2012.

Love NP: FEMA’s Hazard Mitigation Grant Program: Overview and Issues. Congressional Research Service, March 25, 2009. Available at http://www.policyarchive.org/handle/10207/bitstreams/18827.pdf. Accessed October 22, 2012.

H.R. 5036 (110th): Emergency Assistance for Secure Elections Act of 2008. Available at http://www.govtrack.us/congress/bills/110/hr5036/text. Accessed October 22, 2012.