Russian hackers poked and prodded voting systems throughout the country during the election of 2016, failing to change votes or alter registration rolls but succeeding in pointing out where the United States is vulnerable.

In just a few months, they’ll almost certainly be back again, and if not the Russians, then any one of a number of nations or groups hoping to sow discord and cause chaos around the signature event of our democracy. If they’re successful, we’ll have no one to blame but ourselves.

The hackers mostly took aim at voter registration rolls, which because they are shared between computers and often undersecured are open to outside attack. By altering or deleting names on such lists, hackers could keep people from voting; on a wide scale, that would certainly cast a pall of distrust and anger over the system, and throw any results into question.

There is some disagreement on how many states were targeted in these attacks, but the hackers were successful in compromising voter information in at least Illinois, where voter registration rolls were downloaded before the intrusion was detected.

The hackers also reportedly tried to gain control of the computers of more than 100 local election officials through “phishing” emails. That could have given them access to voting machines themselves.

To hackers, the voting machines must look like a Christmas ham on a platter. Just like the voter registration systems, many are more than 10 years old, and their security patches cannot be upgraded anymore.

And in a number of states that use touchscreen voting machines, there is no paper backup – if the machine makes an error, or if someone alters its data, there is no way of knowing, or of reproducing a person’s vote.

There is little disagreement on how to patch these holes. Local election officials need the funding to upgrade their systems to the latest technology and security, and to put in place paper-ballot backups where they are lacking.

They need to secure voter registration lists, and regularly review them for problems. And they need to conduct post-election audits that look for differences between paper ballots and voting machines.

There have been bipartisan attempts to do much of that, though there has been little action so far. Maine independent Sen. Angus King suggested using $160 million in federal funds to replace old voting machines and conduct audits. The Secure Elections Act, co-sponsored by Sen. Susan Collins, R-Maine, would do much of the same, as would the PAPER Act, introduced by Rep. Mark Meadows, R-North Carolina.

Maine has already done much of this work. Paper ballots are used statewide, and the machines that scan and count the votes are never connected to the internet, with the information contained on thumb drives that are difficult to corrupt remotely.

But other states are not as far along, and officials with the most direct knowledge of Russian intentions are worried. In the last few weeks, President Trump’s director of national intelligence and secretary of state have issued warnings, as have the directors of both the CIA and NSA.

Trump, however, continues to call Russian meddling a hoax.

Congress can’t let his indifference lead to inaction. 2016 gave us a glimpse of the future. We can’t say we haven’t been warned.

filed under: