Cal State Fullerton cybersecurity experts agree that voters shouldn’t worry about hackers undermining electronic voting systems in the Nov. 3 general election, but such foreign adversaries pose a threat to voters’ personal information and to the presidential campaigns.
Shawn X. Wang, professor of computer science and a faculty leader in CSUF’s Center for Cybersecurity, and Wenlin Han, assistant professor of computer science, share why voting machines are safe from hackers, what’s new in technology to combat cyberattacks, and tips to safeguard personal information.
Wang, whose research interests include cybersecurity policy design and enforcement, said: “To technical professionals, cybersecurity is an ethical issue; to an organization cybersecurity is a culture; and to the end-user, we are all victims unless we find solutions to secure our systems.”
Han’s research includes cybersecurity, applied cryptography and blockchain technology. She serves as a reviewer for journal article submissions, fosters women in computing careers and strives to find solutions to security and privacy issues, which she calls “big threats.” “Smart devices are interacting with our physical environment and collecting information from us,” she said.
Wang: It’s unlikely that foreign hackers will get into voting systems. The voter is given an access code to vote at the assigned voting machine, which is a stand-alone electronic device that is not connected to any network. For anyone to hack into the voting machine, the hacker must be at a machine and take it apart. I’m more concerned that a voting machine may malfunction. The maintenance and testing of every voting machine before the voting process is critical.
Han: New technologies can help thwart hackers in future elections. For example, blockchain is a novel computer science technology that records transactions in a public digital ledger, which is tamper-resistant. Any attempt to alter the ledger is visible to the public. Blockchain technologies have been widely studied and used in many fields, such as cryptocurrencies, video games, identity protection and medical records. Since blockchain is decentralized and voting data is not stored on servers, no one can gain control and alter a ballot record. To alter or erase the records, a hacker would have to alter or erase the records from all computers. At the same time, anyone can join a blockchain network at any time and verify the accuracy of voting. Any voter can easily check if his/her vote has been registered correctly and any attempt to alter his/her vote will automatically become visible. The U.S. Postal Service has already filed a patent application to use this technology, saying “a voting system can use the security of blockchain and the mail to provide a reliable voting system.”
Wang: Voters do need to be careful about scams that will steal personal information from computers or mobile devices. Also, voters need to be aware of foreign influencers who spread misinformation, or false information. Misinformation is a serious concern to our election and can cause distrust in our democracy. It can lead to disinformation, in which misinformation is intentional and spread as a way to mislead or confuse. At the heart of our democracy is the idea that every citizen has one vote in the election. The election system must ensure that every vote is counted so that citizens have fundamental trust of the election. Foreign influencers attempt to destroy that trust and induce social instability. Learning lessons from the 2016 presidential election and foreign influencers spreading misinformation, Facebook and Twitter have implemented new policies to detect and flag, or remove, misinformation, including misleading ads. The easiest way to defeat those foreign attackers is to go out and vote!
Han: There are many “dos and don’ts” to counter-hacking activities and to protect emails, mobile devices and computers, such as installing antivirus software, a firewall and keeping devices updated with the most current software. Make passwords strong and secure and change on a regular basis. Be careful of websites and downloads, and do not click any link contained in an email that was sent — unless you are totally confident about its authenticity.
Contact: Debra Cano Ramos, dcanoramos@fullerton.edu