OSET Institute

View Original

Shifting the Conversation from “Shoring-up” to “Re-engineering”

This afternoon a bipartisan group of authorities on election administration and cybersecurity presented a Congressional Briefing on current election security challenges facing federal and state policymakers. 

Senator James Lankford (R OK) opened the panel conversation, which came a day ahead of a Senate Rules Committee hearing on the issue, and 119 days before the midterm elections.  We’ll have more to say about that in a separate post.

Two professional colleagues and friends of the OSET Institute were on hand to facilitate the conversation, Dr. Alex Halderman, Professor of Computer Science at the University of Michigan, and Harri Hursti, a computer scientist and an organizer of the Voting Village at DEFCON, the world’s largest hacker convention. Liz Howard of the Brennan Center for Justice was also on-hand to facilitate.  The briefing, of course, was on what’s required to lock down voting systems to the extent they can be, as they remain vulnerable to cyber-attacks.

The backdrop to this gathering was two-fold:

  1. A recent Senate Intelligence Committee report that disclosed foreign agents targeted election systems in 18 States, conducted malicious access attempts on voting-related websites in at least six states, and additionally gained access to voter registration databases in a small number of States. 
  2. Several states including Arizona, Florida, Illinois, Maryland, North Carolina and Pennsylvania have recently announced new programs and spending to secure election web sites and voter registration databases.

However, as our good friends and colleagues at the Brennan Center noted in their recent update on States, far less than hoped has been done since 2016 to ensure ballots are counted as cast by replacing paperless voting machines and mandating post-election audits.

Brennan also nicely covered the news of Congress recently setting aside $380 million for States to spend on these types of improvements.  Our CTO John Sebes opined on this in a recent AXIOS Op-Ed. At the end of the day, this approach amounts to a triage effort that will not be resolved with patches and stop-gap measures.  Thus, “shoring up” electronic voting systems in this sense means:

  1. Hedging with non-technical measures to detect attacks (the foremost initiative being risk limiting audits) and
  2. Controlling the scope for attacks (e.g., physical and personnel security, cyber-security awareness training, security assessment of IT systems, etc.).

So, today’s Briefing was undoubtedly a worthy discussion, but surely did not address the strategic issue of how a trajectory can be mapped from the near term to a future of voting systems designed and built from the ground-up for cyber-security (rather than bolting on security measures as an after-thought).

The required result is a system much more robust against threats from nation state adversaries.

While we totally respect the many election and cyber-security experts focused on the near term (shoring up), we do not believe it’s enough to continue relying on easily compromised systems for which there is only capability to detect and correct attacks after the fact.  A path to solving a re-design problem must also be mapped, because these systems were never designed, nor engineered for cyber-security in the current threat environment.  

As a policy matter, there is a bit of “either/or” occurring here, because the U.S. can spend time, effort, and money on "shoring up" electronic voting systems indefinitely—such activities will absorb any amount of resources allocated, and never be finished.  On the other hand, at some point, funding that could be devoted to “shoring-up” will instead need to be oriented to a trajectory of new election technology engineered for security.

We continue to press for an objective of “fault tolerant trustworthy election technology.” We also have a goal or perhaps better termed an “aspiration” (that can only ever be asymptotically achieved) of “hack intolerant” election technology.  Committing to this imperative journey means shifting the conversation from tactical to strategic—from shoring-up, to re-design.

Now, that’s a briefing really worth having. It’s simply a question of when. 

To harp just a bit more on the problem of inherently vulnerable election technology requiring a major "redesign," this problem is larger than the U.S.. There are important global initiatives who are woke to the imperative this is becoming.  And to be sure, the geek joke that is the image in this posting actually understates, if not flat out misstates, the gravity of this problem.  For my technocratic friends, we all understand that "refactoring" is about "Re-engineering software to improve performance or achieve some other objective without disrupting the operational characteristics of the App or service." Yet, the problem is the very operational nature of the current technology is flawed in failing to be neither user-centered in design, nor security-centric in engineering.  It is past time for this conversation.

OSET Institute strategic board advisor William P. Crowell summed it up nicely in his Foreword to our CDI Briefing last year: “The earlier you make the decision to bank on the future at some present cost, the better off you are.