News

Heinz project highlights Allegheny County election security issues

Credit: Jacob Paul/ Credit: Jacob Paul/

Much has been said in the news landscape on the topic of election security and integrity, especially after it became clear that Russian trolls used hacking and fake social media accounts to influence the 2016 election. Besides foreign influence on election discourse, there have also been concerns about the security of our voting system infrastructure and its vulnerability to hacking by malicious actors.

Recently, a team of Carnegie Mellon graduates from the Heinz College focused on election security in Allegheny County for their capstone project. According to a university press release, the students analyzed our local election processes and election data from the past eighteen years to determine the types of possible attacks, their consequences for the elections, and concrete steps to secure these elections. One of these graduates, Will Cunha, a masters student who graduated in 2018, gave an interview to The Tartan where he reflected on the importance and challenges of the project and discussed concrete steps that could be taken to secure our elections and learn more about this issue.

The importance and relevance of election security was the idea that gave birth to this capstone project. “[T]he timeliness of this topic and the sheer importance of it for the American people and democracy was something that, personally, drove me to the project,” Cunha said. A fellow student on the team, Salvador Ayala, noted in the press release that “in four of the five presidential elections since 2000, the outcome was decided by less than 10 percent of total votes”, making the issue of securing the election process — especially in a swing state like Pennsylvania — even more critical.

With a team of four students and three months to complete the project, the primary challenge was narrowing down the scope. The initial research question was studying the election system in the entire country, which was too broad for their constraints, and was eventually narrowed down to Allegheny County.

The Allegheny County election data, however, was not always up to the task, as it was not always up-to-date. Another major limitation with this research is that other counties have significantly different election systems, making their data model difficult to generalize beyond Allegheny County. “Unfortunately, we were unable to obtain enough information about other counties in the time frame allotted to test our model outside of Allegheny County,” Cunha said. “It took a lot of time to piece together the county-level processes from different sources, which is [a] reason why our final product focused only on Allegheny County.”

The team found that a swing state like Pennsylvania could be an attractive target to someone who wants to manipulate election results. Because of the narrow margins of many election results in the state, “[b]y merely affecting 2 percent of votes cast, 9 percent of statewide elections in Pennsylvania since 2000 could have been compromised in favor of the second-place candidate. And if an attack could affect 10 percent of the vote, that jumps to 68 percent of elections compromised,” noted the university press release.

The students said in the press release that a potential way a malicious actor could compromise the election would be to legally buy voter registration data and merge it with personal data from the dark web, allowing him or her to change voter registrations and impersonate registered voters. Even just the appearance of election attacks could sow mistrust in the election results among the voting population, allowing a malicious actor to achieve his or her goals.

Based on their research, the team suggests five short-term remedies that government officials should take to secure our votes before the next election, which Cunha outlined in an interview with The Tartan. First, more money should be allocated towards mitigating the higher-risk election vulnerabilities and preventing high-risk attacks. Second, the authentication process for making changes to voter registration should be strengthened, which they identified as one of the primary risks to election security in Allegheny County. Third, using paper printouts from personal electronic ballots (PEBs) during election audits would help with the certification process until we upgrade to new machines that leave paper records. Fourth, poll workers should be trained on the vulnerabilities of and how to handle sensitive items like PEBs. Fifth, there should be thorough background checks conducted on individuals who handle sensitive data.

Beyond the next election, Cunha and his teammates have more suggestions. Cunha says that legislation should be in place to speed up the security patch process for maintaining system security, without unnecessary bureaucratic oversight slowing it down. “While the State must currently re-certify software before system patches can be applied, changing this constricting legislation to allow thoroughly vetted patches without an additional, bureaucratic certification process would eliminate many technical vulnerabilities more expeditiously,” Cunha stated. Cunha also stated the importance of paper auditing to the security process, as well as the principle of least privilege — i.e., giving insider roles the minimum access needed to perform the role, which can alleviate insider threats.

In the future, Cunha and his teammates hope to see a partnership between the Allegheny County Division of Elections and Heinz College. “Heinz College has an enormous amount of expertise and resources available to it and leveraging those resources, especially including the larger Carnegie Mellon University ecosystem, could bring a great deal of knowledge to leadership to help improve the election processes at the county and state level.”