Mitigating the Cybersecurity Threats Which e-Voting Faces
Over the past few decades, many different kinds of electronic voting systems have emerged to assist elections workers and voters in making elections systems easier and faster. Trusted, paper-based voting system modules for keeping pollbooks, authenticating voters, receiving elections notices and ballots, and casting and counting them have been in many places around the world been augmented with computer-based systems. In a few places, some experiments with network-based balloting have also occurred.
The experiences with these electronic augmentations have also revealed their substantial vulnerabilities and attack vectors that place the integrity of voting systems at risk, and a newfound realization that paper-based systems have enduring value. The ETSI e-Voting cybersecurity work item is intended to develop a framework for understanding and assessing the use of these electronic augments, the associated treats and risks, and provide best-practice guidelines for reducing those risks. A common consensus at the outset is that significant, enduring risks and corruptibility of network based or connected e-Voting exist, and its use should not be encouraged for anything with legal significance.
All voting systems consist of the same architecture and three process modules:
- voter identity, registration, and database integrity;
- notice; and
- balloting systems – vote capture, tabulation, and reporting. Tamper proof auditing is essential for all processes. There are risks associated with each of these processes, and when they are enhanced by electronic systems the risks usually increase due to the complexities and vulnerabilities of all electronic systems. Connecting any of the modules to a network at any point, dramatically increases the risks.
The ETSI work is designed to understand all these risks and develop sets of best practices and controls to minimize them. Those best practices include both technical ones such as the use of blockchain technology, as well as non-technical ones such as the use of only authorized, certified software, auditing and monitoring, and undertaking risk assessments.