BOSTON — Massachusetts voters cast ballots on paper, but that doesn’t mean the system is immune to cyberattacks — voting technology is just one piece of a puzzle.
Over the last few years, countless news reports have discussed the security of the American voting systems.
A 2016 Wired article warned that direct-recording electronic voting machines are “scarily easy targets.” In April this year, Vox reported that Congress wants states to use paper ballots for security reasons.
On the flip side, WCVB-TV reported last year that officials believe the Massachusetts voting system is not vulnerable to hacks.
That may be in part because Massachusetts is already using a paper ballot system, not the reportedly insecure e-voting machines. But over 96 percent of the state’s precincts use optical scanning machines to tabulate the votes, based on data made available by Verified Voting.
Additionally, some voters cast ballots with the assistance of the AutoMARK Voter Assist Terminal, used to improve the accessibility of Massachusetts voting locations for people with visual impairments or other disabilities. Findings from last year’s DEFCON, one of the largest hacker conferences in the world, indicate that these machines may be vulnerable to cyberattacks too.
While Massachusetts’ ballot tabulating machines don’t necessarily have the same flaws as each of the models tested at the DEFCON Voting Village, the report produced from the hacking conference suggests that they are prone to some of the same types of vulnerabilities.
In particular, the report rebuked the arguments that a machine is not vulnerable if it lacks an internet connection and that hacking a voting machine takes a lot of expertise.
The report warns that some machines actually have the capability to connect to the internet, even if it is not used during the elections process. Additionally, a USB drive used to set up a machine for an election, for example, could be formatted to distribute malicious code to the elections machine.
One other area of concern in the report is the supply chain of election equipment — especially parts that are produced outside of the country.
“For example, foreign actors could design or plant a virus in software, memory, or even a small microchip that could affect an entire make/model of voting machine, theoretically allowing them to be compromised in one coordinated attack,” according to the report.
This type of attack doesn’t require an internet connection, and elections equipment manufacturers are known to have used foreign parts in the past.
“The supply chain thing strikes me as kind of far-fetched,” said Charles Stewart III, co-director of the Caltech/MIT Voting Technology Project and political science professor at MIT.
He said the parts used in the machines are mostly generic computer parts, meaning the manufacturer may not even know the purpose of the end product.
“There are just much easier ways to tamper with an election,” Stewart said.
Stewart noted that the confidence in the integrity of elections isn’t derived from the machines, but from the whole process — a process he says is pretty secure.
That security includes procedures before, during and after the election.
Prior to an election, a logic and accuracy test is performed on each machine. For vote-counting machines, the testing involves feeding in a set of test ballots and then comparing the expected results to the machine’s results.
After an election, Massachusetts performs a fixed-rate audit. After polls close, 3 percent of precincts are chosen to hand-count the paper ballots to verify the results. The audit will, in theory, uncover large-scale issues in the integrity of the vote count.
“Audits are one of the best things you can do to ensure that the results are accurate,” said Pam Wilmot, executive director of Common Cause Massachusetts. “We have put our toe in the water there, but we could do a better job at it.”
Stewart said that there are more effective auditing methods than the fixed-rate one used in Massachusetts. The risk-limiting method, for example, varies the number of ballots manually verified depending on risk-factors like how close the election is — the closer the election, the more ballots checked.
The Office of the Secretary of the Commonwealth’s Elections Division is in charge of elections oversight. The office declined a request for interview, but it makes regulations and audit reports available on its website. The 2016 audit found that 99.16 percent of reviewed votes were counted correctly on Election Day.
Still, physical security and inadvertent errors are the most likely problem areas, according to Stewart.
But, he said there is a lot that can be done to reduce risk.
Procedural security measures like guarding ballots and machines can prevent malicious actors from getting access. Stewart said that many of these kinds of measures are already in place.
Boston has backup machines and technicians ready to deal with issues — malicious or otherwise — during elections, according to Eneida D. Tavares, senior data analyst from the Boston Election Department. Replacing outdated machines could help to reduce the likelihood of malfunction though.
“We’re always looking to upgrade the machines,” Tavares said.
Ensuring access to the voter registry is another area of concern when it comes to ensuring election integrity. Wilmot said that the registry is accessed by phone line which is more secure than alternatives, albeit antiquated.
Despite inherent vulnerabilities in the elections system, experts showed confidence in the Massachusetts voting process.
“For statewide races, it would be very difficult (to tamper with elections),” Wilmot said.
“As far as the types of things that have been talked about in the last couple of decades, I would say that the general framework of how Massachusetts elections are handled is pretty secure,” he said.