Cyber-Security for Elections

In light of recent media reports and voter questions about cyber attacks, our office considers cyber-security to be of upmost importance. We want to assure voters in our jurisdiction that their votes are safely cast with the highest level of confidentiality and that election results are accurately reported at the end of each election cycle. As a result, we have taken several steps to assure the security of our computer systems and various pieces of election equipment. To further understand what levels of security are in place, here are some of the steps that our office has taken.

Voting Equipment

There are two pieces of voting equipment that voters may see at their poll, the ExpressVote and the DS200 Tabulator. Neither piece of equipment is connected to an internet connection, and therefore cannot be accessed by hackers for the purpose of a cyber attack. Additionally, our office incorporates the use of a high-speed ballot scanner called the DS450. Like our other equipment, this scanner is never connected to an internet connection and cannot be a target of a cyber attack. All equipment is thoroughly tested before each election as per standards put forth by the State Board of Elections, and the programs associated with the voting equipment are never transmitted over the internet. We maintain the physical security of all voting equipment between election cycles by keeping them stored in a secure room with limited access.

                                                        ExpressVote
The ExpressVote machine is designed to mark a ballot by using a touchscreen. A voter inserts an ExpressVote ballot into the machine, touches the screen to make their candidate selections, and then touches the Print button to print their selections onto the ballot. The ExpressVote only PRINTS a voter’s ballot… it does not CAST the votes or transmit any vote totals. A person’s vote is only cast and counted when the ballot is inserted into the second piece of equipment, the DS200 Tabulator.

                                               DS200 Tabulator
The DS200 Tabulator is designed to tabulate the elections results. After a voter marks the ballot, the ballot is inserted into the DS200 for their votes to be counted. To ensure the highest level of cyber-security, the DS200 Tabulators located at each polling place are NOT connected to the internet, and the election results are NOT reported to the main counting office via online transmission.

DS450 Central Count Scanner

The DS450 is a high-speed ballot scanner that can tabulate ballots as fast as 70 per minute, all while having the same precision and error-less tabulation accuracy as our DS200 units. The DS450’s primary duty is to tabulate Vote by Mail ballots and have results available for reporting by the close of polls on election day. Like our other equipment, this reporting is done by media stick and is in no way connected to any kind of internet or intranet system.

Reporting of Election Results

Within our DS450 and each DS200 , there is a media-stick that contains the elections results.  While the polls are open on Election Day, tamper-evidence seals are employed on each DS200 to keep the media-stick secure, and the same seals are utilized to secure the ballots within each ballot box. Once the polls are closed on Election Day, the media-sticks and ballots from each polling place are transported to the main counting office by two election judges from opposing political parties, as this maintains the most secure chain of possession.

Once all the media-sticks and ballots from the entire jurisdiction are received at the main counting office, the election results are processed and compiled using an isolated computer system that is NOT connected to the internet. This is to ensure the highest level of cyber-security. Once the results are ready to publish, they are saved to another media-stick that is then inserted into a computer system that is designed to post the election results to a website.

Election Ballots

The ballots that voters see at their polls go through a lengthy process to be designed, tested and printed before they ever reach the individual polling places. All ballot processes are completed on secured, stand alone computer systems that are dedicated solely for the purpose of ballot programming and printing. The ballot computer systems are NOT connected to the internet, thus securing them from cyber attacks.

Computer Systems

Our office uses computers frequently to accomplish the day to day processes. The use of firewalls and anti-virus utilities are a vital part of our computer systems security. Additionally, the State Board of Elections voter database requires 2-factor authentication to log-in to ensure the security of voter personal information. While administering Elections, our office and polling locations utilize a sole private network called a “Zero-Tunnel”, complete with military-grade encryption algorithms and impossible-to-crack levels of protection built to sustain voter integrity and to prevent malicious activity from entering our network.

Professional Education

In efforts to keep up-to-date on the latest practices in cyber-security, our office has joined MS-ISAC and ES-ISAC, which are organizations dedicated to improve the overall cyber-security of the nation’s government entities. ES-ISAC is a subsection of the MS-ISAC that specializes in Election jurisdictions. Both organizations focus on cyber threat prevention, protection, response, and recovery. They work closely with federal partners at the Department of Homeland Security, Federal Bureau of Investigation, U.S. Secret Service and others to better share information on emerging threats. They also have strong relationships with major internet service providers, cyber-security firms, researchers, and software developers. Our membership with such prestigious organizations helps us to navigate the expanding world of cyber-security.