Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios NW Arkansas

Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Lazaro Gamio/Axios

U.S. intelligence agencies concluded a long time ago (and the bipartisan Senate Intelligence Committee agreed) that Russia tried to meddle in the 2016 U.S. elections. But election-tampering can take many forms.

Reality check: The American election system is actually made up of 50 different state-run elections, and each state has several systems that are potentially vulnerable. Here’s what you need to know about exactly where our election systems are at risk.

The big picture: Per John Sebes, the CTO at the U.S. Open Source Election Technology Institute: “You really need to regard the attack surface as like Swiss cheese.”

Here are the systems at risk in the election process:

  • Voter registration systems
  • Voter registration databases (which the voter registration process produces)
  • Voter records at polling places (known as poll books, which exist in both printed and electronic versions)
  • Voting machines (which capture the votes)
  • Vote tabulation (when the votes are tallied)

This list doesn't include voter fraud, illegal efforts to influence votes, and problems with news, social media, and information surrounding elections.

The chief vulnerability: internet exposure

Many parts of election systems are at risk of being exposed to the internet — and thereby potentially being inappropriately accessed or meddled with — because of human error or bad security protocols.

Here are some of the main points of risk:

  • Registration interfaces: When people enter their voter registration information online, any vulnerability on users' devices could expose the information they enter to potential bad actors. (Only their individual data should be at risk.)
  • Voter registration databases: Security measures like firewalls and physical network separation can protect these data troves, but no firewall is foolproof.
  • Electronic poll books: E-poll books are the electronic version of the books of voter records that poll workers refer to on Election Day at voting locations. In some instances, e-poll books can send live updates back to the county or state offices using active network connections. If the security on those networks fails, the information could be exposed.
  • Printed poll books: Some counties print their poll books using third-party printers, according to Maurice Turner, the senior technologist at the Center for Democracy & Technology. That could expose this part of the process to the internet if the third party has bad security protocols or other vulnerabilities.
  • Voting machines: At DEFCON last year, hackers demonstrated that they could break in to any voting machine with wireless connectivity or a USB port.
    • In theory, it would be very difficult to exploit the vulnerabilities physically, because someone would likely notice this kind of tampering. (But it's not unusual for people to take their time in a voting booth, and election officials can't and shouldn't observe every single move that voters make.)
  • Electronic vote tabulation: This can require data from electronic ballots to be transferred to an Election Management System (EMS). Any of the methods used to do that — USB sticks, email, or other internet transfer — can expose the data to tampering if not properly secured.
  • Optical scan vote tabulation: Scanners often tabulate paper records of votes, like a standardized test. But in some cases, these scanners may be rented from third-party vendors, which means they might have been exposed to tampering or bad security there.
  • Election management systems: These systems, used in different locales to tabulate and store voting results, may be at risk of exposure to the internet as well, depending on the jurisdiction's security protocols.

Absence of paper trails: Most of these vulnerabilities are deepened by the lack of paper backups to electronic election systems. In five states there is no paper records of votes, and in nine others the paper record is spotty.

Risks from human error, confusion, and doubt

Any time a human being interacts with a device or a system, things can go wrong.

  • For example, if workers improperly mark that a voter appeared at a polling location, officials could end up with a discrepancy between the tally of total voters who showed up on Election Day and the tally of total number of votes cast.

Why it matters: Mistakes introduced through human error — as when people enter voter registration information incorrectly, or election officials input the wrong numbers by accident — aren't likely to affect an election outcome if they happen at a small scale. But they can add to the confusion in the context of other simultaneous efforts to undermine public trust in elections or to create chaos.

  • And if Russia or another adversary can still claim responsibility for any cascade of errors even if it had no part in them. This tactic — experts call it a "blended attack" — can cause just as much disruption to the elections and cast just as much doubt on their results as more direct interference could.
  • Remember: Most of what the Russians did with regard to election systems in 2016 was probe voter registration records — as far as we know, they didn't change registration records or vote tallies — and that still sparked a national debate.
Be smart

Any vulnerability can be exploited in ways that reduce public trust in elections, and if that's the goal of an adversary like, say, Russia, then the system's credibility could be weakened even if tampering hasn't promoted a particular winner or loser.

Go deeper

Editor's note: This story has been corrected to remove references, in the voting machines section, to breaking into the machines within 90 minutes and to accessing them over the internet.

Go deeper

1 hour ago - Technology

Facebook: Metaverse won't "move fast and break things"

Illustration: Aïda Amer/Axios

Facebook on Monday said it will invest $50 million over two years in global research and program partners to ensure its metaverse products "are developed responsibly."

Why it matters: "It's almost the opposite of that now long-abandoned slogan of 'move fast and break things,'" Facebook's VP of global affairs Nick Clegg told Axios in an interview at The Atlantic Festival Monday.

Ina Fried, author of Login
1 hour ago - Technology

Facebook presses "pause" on Instagram Kids

Illustration: Annelise Capossela/Axios

Facebook's announcement Monday that it was "pausing development" on Instagram Kids did little to slow a wave of criticism of the project ahead of a Senate hearing Thursday.

Yes, but: There's an argument to be made for building kids' versions of popular apps, even if their adult versions are causing real-world harms.

Ford's big plans to turbocharge the electric car industry in the U.S.

Illustration: Annelise Capossela/Axios

Ford Motor Company’s new $11 billion manufacturing plan, the biggest component of which will sit just outside Memphis, is part of a much bigger effort to put the U.S. at the center of the electric vehicle revolution, executive chairman Bill Ford says.

The big picture: Ford’s plans — for enormous facilities in both Tennessee and Kentucky, employing a combined 11,000 workers — are ambitious manufacturing efforts designed to minimize their environmental impact.