Recently there have been several stories regarding potential vulnerabilities of US voting systems to cyberattacks. This issue is a matter of national security, however it is important to note that there is no indication from federal law enforcement (security agencies, U.S. Dept. of Justice) to state election officials that any credible threat currently exists when it comes to the issue of hacking elections. While the security of voting systems is a top priority for election professionals across the state of Florida, recent enhancement to Florida voting systems have dramatically reduced exposures to hacking elections.
At the core of the security of Florida voting systems is the fact that we are a paper ballot state. Florida law mandates that “all voting’ be by marksense ballot (with the temporary exception of voters with disabilities who may use DRE (Touch Screen) voting until 2020). Should any disruption or corruption in the transmission of vote totals occur, we can always refer to the original paper ballot.
Electronic voting systems are not Internet-based and do not connect to each other online (Closed Network). Prior to each election, a public Logic and Accuracy test is conducted of each voting tabulator and tabulation system to ensure that they are working and tabulating properly. The individual thumb drives that record the votes from the precincts, early voting sites and vote by mail central count tabulators are digitally signed and secured. They cannot be replaced by any commercial off the shelf (COTS) thumb drive to subvert the local process of counting ballots.
Precinct tabulated results are transmitted to our office in brief encrypted bursts. Outside attackers would need to overcome multiple layers of encryption, which, if successful, would result in corrupting, slowing or stopping the transmission of unofficial results to our office. In the unlikely event that were to happen, the encrypted memory sticks could simply be imported into the results accumulation system, making the final unofficial result slower but not compromised. The final accumulations that are transmitted to the State as our unofficial results are then written to yet another memory device that are finally uploaded and transmitted to the Division of Election on another completely separate system and network via a secure upload system which make the likelihood that an outside attacker could subvert this process even more remote.
The final step to securing the voting process is the fact that within a week of the election, a precinct by precinct review is performed where the precinct totals tape is compared to the unofficial results transmitted on election night to verify a match and any deviations are researched and noted. Once this is completed the official result is reported.
In summary, recognizing that Florida is a paper-based state, which utilizes the latest state of the art electronic voting systems that are not connected to the Internet, but rather operate in a closed network leaving the likelihood of a successful breech improbable.
Rest assured that Florida’s election professionals place a high priority on the security of election administration and will remain ever vigilant in identifying and reporting any future vulnerability to the elections process.
Chris H. Chambless
President, Florida State Association of Supervisors of Elections