How Cyber Attacks such as Ransomware could affect Electronic Voting.
The use of information and telecommunication technology in electoral processes is essential in promoting efficiency. Its effectiveness is however, compromised by its susceptibility to cyber-attacks such as ransomware. Electronic voting otherwise known as e-voting encompasses a variety of online platforms to aid the conveying of data to and from the electoral commission. E-voting opponents argue that the results of such elections are unsatisfactory since an electoral system that depends on software is exposed to election fraud.
The mere dependence of various voting systems on ICT tools predisposes them to cyber threats. Vulnerabilities in an electoral system can help unethical hackers manipulate data hence undermine voters’ confidence. The prominence of cyber attacks on elections has been a cause of concern after allegations were made that the US 2016 elections were manipulated in support of the existing President Donald Trump. The 2020 US elections are also at a risk of being influenced by foreign interventions if the electoral body does not mitigate the risk.
Ransomware attacks can cripple the election process by withholding the victim’s data until a ransom is paid, usually in bitcoin or any other cryptocurrency. It infects a storage device, be it a server or database, through unsecured links or malicious email attachments.
Hackers may also influence the election process in the following ways;
- Prevent citizens from accessing polling stations
- Alter information on voting processes, location and time
- Spread inappropriate information to undermine voters’ trust in the voting system
In 2018, voters in Mexico received misleading information meant to invalidate votes. They were informed that they could vote on behalf of their deceased loved ones, that the security of the ballot had deteriorated and that the marking of the ballot papers had changed (Verificado 2018).
In a related incidence, domestic political actors in an attempt to suppress voter turnout sent automated text messages to voters in Canada informing them that the polling stations had changed (International IDEA 2019). It should therefore, be noted that the perpetrators of cyber attacks are not only foreigners but also individuals who have access to various election-information systems and servers. This implies that inside groups targeting a specific electoral process may manipulate the data for their personal needs.
How governments should mitigate cyber attacks during voting.
- Frequent staff training and cyber health: ensuring that no member of staff performs critical duties alone and incorporating efficient background checks on employees with administrative clearances.
- Securing open networks: encrypting classified information and air gapping/ minimizing the presence of extremely important technology on the internet.
- Thorough inspection and auditing of suppliers: government’s internet service providers should be audited regularly to prevent coordinated cyber threats.
- Monitoring social media platforms: governments should monitor online platforms including the dark web to notice information leaks and prevent organized attacks.
- Interagency collaboration: governments should form partnerships with civil societies, candidates , cyber security firms and organizations in the private sector which are competent in cyber security before the occurrence of a cyber threat.