No menu items!
EletiofeA Senate Bill Would Radically Improve Voting Machine Security

A Senate Bill Would Radically Improve Voting Machine Security

-

- Advertisment -

Congress is moving closer to putting US election technology under a stricter cybersecurity microscope.

Embedded inside this year’s Intelligence Authorization Act, which funds intelligence agencies like the CIA, is the Strengthening Election Cybersecurity to Uphold Respect for Elections through Independent Testing (SECURE IT) Act, which would require penetration testing of federally certified voting machines and ballot scanners, and create a pilot program exploring the feasibility of letting independent researchers probe all manner of election systems for flaws.

The SECURE IT Act—originally introduced by US senators Mark Warner, a Virginia Democrat, and Susan Collins, a Maine Republican—could significantly improve the security of key election technology in an era when foreign adversaries remain intent on undermining US democracy.

“This legislation will empower our researchers to think the way our adversaries do, and expose hidden vulnerabilities by attempting to penetrate our systems with the same tools and methods used by bad actors,” says Warner, who chairs the Senate Intelligence Committee.

The new push for these programs highlights the fact that even as election security concerns have shifted to more visceral dangers such as death threats against county clerks, polling-place violence, and AI-fueled disinformation, lawmakers remain worried about the possibility of hackers infiltrating voting systems, which are considered critical infrastructure but are lightly regulated compared to other vital industries.

Russia’s interference in the 2016 election shined a spotlight on threats to voting machines, and despite major improvements, even modern machines can be flawed. Experts have consistently pushed for tighter federal standards and more independent security audits. The new bill attempts to address those concerns in two ways.

The first provision would codify the US Election Assistance Commission’s recent addition of penetration testing to its certification process. (The EAC recently overhauled its certification standards, which cover voting machines and ballot scanners and which many states require their vendors to meet.)

While previous testing simply verified whether machines contained particular defensive measures—such as antivirus software and data encryption—penetration testing will simulate real-world attacks meant to find and exploit the machines’ weaknesses, potentially yielding new information about serious software flaws.

“People have been calling for mandatory [penetration] testing for years for election equipment,” says Edgardo Cortés, a former Virginia elections commissioner and an adviser to the election security team at New York University’s Brennan Center for Justice.

The bill’s second provision would require the EAC to experiment with a vulnerability disclosure program for election technology—including systems that are not subject to federal testing, such as voter registration databases and election results websites.

Vulnerability disclosure programs are essentially treasure hunts for civic-minded cyber experts. Vetted participants, operating under clear rules about which of the organizer’s computer systems are fair game, attempt to hack those systems by finding flaws in how they are designed or configured. They then report any flaws they discover to the organizer, sometimes for a reward.

By allowing a diverse group of experts to hunt for bugs in a wide range of election systems, the Warner–Collins bill could dramatically expand scrutiny of the machinery of US democracy.

Latest news

7 Best Handheld Gaming Consoles (2024): Switch, Steam Deck, and More

It feels like a distant memory by now, but right before the Nintendo Switch launched in 2017, it seemed...

The Boeing Starliner Astronauts Will Come Home on SpaceX’s Dragon Next Year

NASA has announced that astronauts Barry Wilmore and Sunita Williams will return to Earth next February aboard SpaceX’s Dragon...

How to Switch From iPhone to Android (2024)

Ignore the arguments about which is better, because iPhones and Android phones have far more in common than some...

12 Best Tablets (2024): iPads, Androids, and More Tested and Compared

Tablets often don't come with kickstands or enough ports, so it's a good idea to snag a few accessories...
- Advertisement -

Will the ‘Car-Free’ Los Angeles Olympics Work?

THIS ARTICLE IS republished from The Conversation under a Creative Commons license.With the Olympic torch extinguished in Paris, all...

Lionel Messi will return before MLS playoffs, says Inter Miami coach Tata Martino

Inter Miami head coach Tata Martino said on Friday that Lionel Messi will return to the team's lineup before...

Must read

7 Best Handheld Gaming Consoles (2024): Switch, Steam Deck, and More

It feels like a distant memory by now, but...

The Boeing Starliner Astronauts Will Come Home on SpaceX’s Dragon Next Year

NASA has announced that astronauts Barry Wilmore and Sunita...
- Advertisement -

You might also likeRELATED
Recommended to you