Cybersecurity Experts Caution Against Calls to Expand Online Voting

A mobile phone displays a voting app
Voting online or through a mobile app is currently available to a very limited number of U.S. voters, including some military members serving overseas. CarmenMurillo/Getty

Calls for an expansion of online voting are being met with concern from cybersecurity experts who caution that votes could be easily manipulated if the practice is widely adopted.

West Virginia Secretary of State Mac Warner has recently called for states to expand online voting for overseas military members and people with disabilities that prevent them from voting in person without assistance.

West Virginia is one of several states that allow online and mobile voting for overseas military and this year expanded the practice to include disabled people, with 180 voting in a pilot program during the June primary, including 25 disabled people. In 2018, the state was the first to offer voting using a mobile app for service members, with 144 using the technology to vote in that year's general election, according to a report from the Military Times.

In Georgia's DeKalb County, lawmakers last month called for online voting to become available for all voters throughout the state, according to The Champion. Similar calls have been made by officials and advocates in other states, along with prominent figures like former presidential candidate Andrew Yang, who tweeted about the issue last week.

However, cybersecurity experts caution that online voting could present major threats to the integrity of elections since ballots transmitted online are especially vulnerable to attacks from hackers. Limited online voting has been experimented with for years in the U.S., and used on a larger scale in a handful of other countries, but experts say that vulnerabilities are inevitably found in systems when they are examined closely.

"We have no example of an internet voting system that has gone through independent review and come out with flying colors," Dan Wallach, a computer science professor at Rice University and election security expert, told Politico.

Even if an entirely secure online voting software system existed, experts say that other problems could result in votes being corrupted, including potential identity theft, malware on home computers or mobile devices and attacks on servers involved in the process.

A report issued to states in May, and co-authored by U.S. government agencies that include the FBI, the Election Assistance Commission and the Cybersecurity and Infrastructure Security Agency reportedly warned against expanding online voting, deems it a "high" risk, while recommending mail-in ballots as a more secure option.

"We recommend paper ballot return as electronic ballot return technologies are high-risk even with controls in place," the report stated, according to a copy obtained by The Wall Street Journal. "Recognizing that some election officials are mandated by state law to employ this high-risk process, its use should be limited to voters who have no other means to return their ballot and have it counted."

Advocates for online and mobile voting have compared the practice favorably to the relatively common current practice of allowing thousands of absentee ballots from overseas service members to be transmitted by email or fax, which is likely to be even less secure than systems or apps designed for online voting.

Even traditional voting machines, which are not meant to connect to the internet and continue to be widely used, could be targeted by online hackers. Researchers discovered that dozens of systems in 10 states, including swing states, were in fact connected to the internet and vulnerable to attack despite assurances from manufacturers and officials, according to a 2019 report from Vice.

Regardless of potential security concerns, a recent poll from identity management company OneLogin found that 59 percent of Americans expect online voting to be commonplace within five years.

Newsweek reached out the Election Assistance Commission for comment.