Are Election Systems Vulnerable to Upcoming Hacks?

One presidential candidate with the initials DT has claimed generally that “the system is rigged” and he has speculated in advance as to whether the election also might be rigged against him. At the first presidential debate, he did say that he would abide by the election result if the candidate with the initials HRC won the election.

But what does it mean to “win”? If the election result is a close one, and if she apparently tallies sufficient popular and electoral college votes to put her over the top, would he concede her victory if there are suggestions of hacking of voting systems? This question is posed because a recent Associated Press article asserts that hackers recently have targeted registration systems in greater than 20 states and cites a Homeland Security Department official for support for this assertion.

While at first blush this might fan the advance flames of controversy, federal officials and cyber security experts are reported in the article to have said that it would be “nearly impossible” for such hackers to actually change the outcome of the presidential election, primarily because election systems are “very decentralized and not connected to the internet.”

Interestingly, the FBI just last month warned state officials to improve election security subsequent to hackers targeting systems in Illinois and Arizona. And the Director of the FBI said to lawmakers only last week that the FBI is looking “very, very hard” at Russian hackers who might consider trying to disrupt the election, according to the AP article. And while DT has voiced concern about the propriety of the upcoming election, the allegations from HRC have been that DT has been too cozy in his admiration for Putin of Russia.

The Department of Homeland Security has increased its efforts to educate states and localities about election handling, and up to now twenty-one states have shown interest in “cyber hygiene.” DHS also is offering more in-depth on-site risk and vulnerability checks, but only four states so far have stepped up for such an assessment.

Earlier this month, according to the AP article, Rep. Henry Johnson, D-Ga, introduced two bills that would mandate that voting systems be designated as critical infrastructure, but this is unlikely to be passed before the presidential election. Such a designation would prioritize this sector as one for protection of its physical and cyber threats, like for other sectors in the areas of energy, financial services, healthcare, transportation, communications, and food and agriculture.

We are one month away. If the election is not close, any potential irregularities surrounding voting systems would not loom as large in subsequent discussions. If the election is close … Well, remember the Florida hanging chads from the year 2000? Fasten your seat belts, this may (or may not) be a bumpy ride.

Eric Sinrod (@EricSinrod on Twitter) is a partner in the San Francisco office of Duane Morris LLP, where he focuses on litigation matters of various types, including information technology and intellectual property disputes. You can read his professional biography here. To receive a weekly email link to Mr. Sinrod’s columns, please email him at with Subscribe in the Subject line. This column is prepared and published for informational purposes only and should not be construed as legal advice. The views expressed in this column are those of the author and do not necessarily reflect the views of the author’s law firm or its individual partners.

© 2009- Duane Morris LLP. Duane Morris is a registered service mark of Duane Morris LLP.

The opinions expressed on this blog are those of the author and are not to be construed as legal advice.

Proudly powered by WordPress