Mitigating the Cybersecurity Threats Which e-Voting Faces
2020-07-10 Posted by Tony Rutkowski, e-Voting Cybersecurity Group Technical Lead, ETSI 5606 HitsOver the past few decades, many different kinds of electronic voting systems have emerged to assist elections workers and voters in making elections systems easier and faster. Trusted, paper-based voting system modules for keeping pollbooks, authenticating voters, receiving elections notices and ballots, and casting and counting them have been in many places around the world been augmented with computer-based systems. In a few places, some experiments with network-based balloting have also occurred.
The experiences with these electronic augmentations have also revealed their substantial vulnerabilities and attack vectors that place the integrity of voting systems at risk, and a newfound realization that paper-based systems have enduring value. The ETSI e-Voting cybersecurity work item is intended to develop a framework for understanding and assessing the use of these electronic augments, the associated treats and risks, and provide best-practice guidelines for reducing those risks. A common consensus at the outset is that significant, enduring risks and corruptibility of network based or connected e-Voting exist, and its use should not be encouraged for anything with legal significance.