BSOD-640x398.jpg

The situation in Maryland yesterday concerning a voter registration system glitch (which turned out to be worse than initially thought) was, simply, a result of poor engineering of the State DMV and Board of Elections data integration. Nothing nefarious; we suspect just a vanilla technical stumble.

Fact: The OSET Institute has technical and domain expertise that could help remedy this.  It's based on years of analysis of voter registration systems, and development of our own VR system of the future that has support for national standards that would prevent this type of malfunction.  So, we can help, but that’s not the point we want to make here about Maryland’s voter registration snafu.  And we don’t want or need to cover all the tangential topics raised by this glitch (from same day registration to election protection hotlines).  Others can (and have dealt with that.)

However, let’s face it, the situation was ugly: some 80,000 Maryland voters may have had to cast provisional ballots.  The provisional voting process is more complex than in-person voting; it has a number of unfamiliar hurdles to jump over in order to successfully have a ballot cast and counted.  

These hurdles have a significant effect on an election for a large scale of voters.  If something—in this case a data exchange glitch—requires that large numbers of people must jump over additional hurdles to vote, then you can be sure some significant portion of those people won’t get over those hurdles; in fact, some will make mistakes that will result in their ballot not being counted, while others will see the extra effort as not something they have the time or ability to deal with.  It’s simply the law of large numbers.

Maryland's glitch in "motor voter" data exchange resulted in just one example of a large number of voters having to clear the provisional voting hurdles in order to cast a ballot, and some portion of them won’t succeed in doing so.  It's also an example of an accidental cause that results in a significant fraction of 80,000 voters ending up not having a ballot cast and counted.  

But it is also a cautionary tale for "election meddling."

The Larger Risk: Weaponizing Alleged Technical Errors

If a foreign adversary can use cyber-operations to maliciously create a similar situation at large scale, then they can be sure of preventing many voters from casting a ballot.  With that disruption, the adversary can fuel information operations to discredit the election because of the large number of voters obstructed, compared to the closeness of some of the contests in that election.  That’s an example of cyber-operations and info-operations fitting together to both disrupt and discredit an election—the principle objective now attributed to some of our nation-state adversaries attacks on elections here and abroad.

Here’s the point: the alleged system failure (hack, glitch, or whatever) doesn't even need to be true!  If this accidental glitch had occurred a couple days before the November election, and came on the heels of considerable conversation and media coverage about election hacking, rigging, or tampering then it would be an ideal opportunity for a claimed cyber-attack as the cause, with adversaries owning the disruptive affects and using information operations to the same effect as if it were an actual attack.

This is what really concerns us in the short-term.  Sure, we’re focused on engineering higher integrity more secure election technology to remove the threat of compromise.  But the threat need not actually materialize; that is, there need not be a true subversion attack to derail an election.  That's how vulnerable elections are to concerted attacks on their credibility. 

This matter of motor-voter records exchange in Maryland is just one of many points of weakness, creating a large and varied attack surface.

What to do?

In the long term, it's partly a technology effort to re-engineer election systems to be less fragile from errors and less vulnerable to attack.  One side point on this worth noting: part of the problem in Maryland (and elsewhere) concerns how to ensure the correctness and integrity of poll books.  And that depends on emerging open data standards and the question of certification of poll books, which Shannon Vavra points out in her recent article on this matter.  But back to our main point...

In the short term, the only remedy is to prepare, prepare, prepare. To paraphrase the excellent advice in the congressional testimony Noah Praetz, Director of Elections, Office of Cook County, IL:

Assume that you'll be attacked at every point, and for each point, plan how to recover.”

I would add, given the great importance of public credibility rightly noted by Praetz, that election officials must also plan for proactive public communication—its “Crisis Management PR 101.”  

In the heat of a possible or actual attack, immediate response—clearly (and simply) explaining the situation effectively—is nearly impossible without (lots) of preparation, contingency planning, and practice with public relations staff.  The alternative is struggling to quickly create and communicate effective messages, while the adversary's lies are already circling the digital globe before the official (and factual) words cross a keyboard.

For us, the "teachable snafu" of the Maryland glitch is not so much about failed integration of disparate data systems, but much more about unintentional catalyzing of opportunities to mount “credibility attacks” on elections and the need for a different kind of preparation: crisis PR management, and not simply more cybersecurity assessments, patching, and triage.

Comment