Strengthening election cybersecurity is essential for safeguarding democracy. For over 15 years, I and other computer scientists have been warning about the vulnerable state of election security, but attacks against recent elections in the U.S. and Europe demonstrate that sophisticated attackers are becoming more aggressive, even as campaigning and voting become increasingly reliant on computers.
Since 2016, I’ve been working with election officials and members of congress to strengthen election cybersecurity. In this talk, I’ll give a progress report about what’s happened since then and what still needs to happen to secure future elections. While many U.S. states have made progress at securing some aspects of their election infrastructure, and Congress provided $380M in new funding to the strengthen elections, significant vulnerabilities remain that put the integrity of future elections at risk. To demonstrate the ongoing threat, I’ll hold a mock election on stage with a real U.S. voting machine still used in 18 states, and show how remote attacks could potentially affect the outcome of a close national contest.
Finally, I’ll explain how defenses developed by researchers over the past decade could provide practical and cost-effective safeguards. Unfortunately, they have yet to be widely deployed due to a lack of resources and political leadership. I’ll describe legislative efforts in the U.S. and other countries that could, if successful, go a long way to making elections secure. I’ll also explain what technologists and other concerned humans can do to help secure elections at all levels.