Politicians, and many voters, have been fretting over whether large scale voting by mail can be done in a trustworthy manner. With more, chief information security officer for Seattle, now with CI Security, Michael Hamilton joined Federal Drive with Tom Temin.
Tom Temin: Tell us about your experience in Seattle as CISO, and also as a voter by mail yourself. How did it work? And what were some of the experiences there?
Michael Hamilton: Interesting being the information security officer for a large cit. There was about 10,000 users in about 30 agencies and they did everything from taking credit cards for parking meters to handling health records and human services to handling law enforcement data to etc, etc, etc. On the crazy side, it’s water purification, waste treatment, traffic management. So you inherit a lot of very critical things that are really kind of underfunded in terms of how they’re secured in the public sector. So it’s an interesting job to have, and we’ve done nothing but vote by mail. It’s all I’ve ever known here. Apparently Washington State converted sometime in the 80s. so there’s a good system here, it’s mature and it works well. But I think that in order to get it to work elsewhere, there are some things that people need to think about.
Tom Temin: It’s not primarily a cyber security issue so much as a physical chain of custody of the balance type of issue?
Michael Hamilton: Well, it is. In order to convert to a vote by mail system, you have to print enough ballots, you have to match the ballots to registered voters and assign everybody a unique barcode or some kind of code. So you need barcode readers, you need a secure database of the matches, you need security from the ballot drop to the counting facility. There is the security of the counting facility, spot checks to make sure the counting is accurate. And so all of this goes into a vote by mail system. On the cyber side there are issues. There are barcode readers and signature matching technology and tablets used by precinct volunteers. Some of these are brand new technologies and elderly volunteers are trying to learn to use these really quickly. So that’s all part of the threat surface. And voting machines themselves would require physical access. But I’ll point out on this cyber side, it would take a lot of resources to really change a vote count, there would need to be a great deal of planning, logistical coordination, and a good deal of funding to go along with. So it’s not likely that a vote count could get changed that way. But to your point, just on who’s doing the counting, how did the ballot gets from A to B, those are all issues.
Tom Temin: And what about the Postal Service? Because that’s a big variable in all of this. And there’s been some recent elections, I think, in New Jersey, and in New York, one of the congressional elections where all of the mailing pieces somehow just didn’t get in, or they were found too late two bundles of them, say in a, in a postal truck or so forth. So how do you extend the kind of bubble of security and assurance to the Postal Service from say a Seattle standpoint?
Michael Hamilton: Well, there’s the Postal Service and you you can just drop your ballot in the mail and it’ll get there and you can do it well in time, and that’s been one of the great things about this system. You get your ballot weeks ahead of voting day, and you can send it in early. And in fact, during the primary, a lot of people that voted early found out later that they had voted for someone that by it was Election Day in Washington State, their candidate was no longer a candidate. So you know, there are issues around that. But there are also ballot drop boxes, you don’t have to use the mail. And so an adequate supply of drop boxes especially well in advance of an election could really mitigate any slowdowns in the Postal Service.
Tom Temin: And the way you describe the matching and the unique identifiers for each ballot almost strikes me as the way the Census Bureau did the online internet count this year, everyone got a number and you had a unique identifier that was only good for one use for your household and that was it.
Michael Hamilton: Yeah, the technology to do this is well known it’s commodity technology. Implementing it quickly in an emergency shift to to vote by mail is going to be fraught with some problems, right. People didn’t have a year to plan and bring in project management and make sure everything was done right. So the short term wireless networks that they may be setting up in a precinct so that precinct volunteers can use their tablets to reset voting machines that have gone crazy. These are issues. And I’ll say that I don’t think this is going to be free of problems. I think the perception of the problems is actually going to be greater than the magnitude of the problems themselves.
Tom Temin: And Seattle is a well funded municipality, and in the region I’ve understood there’s a couple of well known tech companies that might be located up there. What about a place like East Dogpatch where they don’t have the infrastructure that a Seattle would have to install this type of secure paper ballot by mail system.
Michael Hamilton: In rural areas, right essentially Because in local government right now, funding has just been crushed. Everybody’s budget is just getting chopped right now. So it’s really difficult without federal assistance to be able to pull all this off. But to your point in rural areas, this is where the mail becomes very important. Because if a dropbox is 100 miles away, you’re not going to drive over there to drop your ballot. So the mail is super important in the rural areas, the ability of counties, right, so it’s counties that do elections, the ability of these rural counties to put together something like this is probably pretty poor, and that’s likely going to be voting in person in places like that and not vote by mail.
Tom Temin: So what in your opinion is the gold standard for getting one vote from each person that wants to vote in no more?
Michael Hamilton: Well, is having a paper ballot and having an auditing system where ideally you can check the veracity of your vote. And the paper ballots that we use in Washington state, you were filling out a paper ballot You can have a receipt of your vote. What you can’t do is check and see was my vote registered in the way that my paper ballot says. So the audit process there, in my view could stand to be improved. Technically, I don’t know how they can do that, because that’s really not information that you want to make generally available. How did everyone vote? But how did I vote? I would like to check and see how that was registered. I would like to see improvements in the ability for me to do that, because now there’s a lot of questions.
Tom Temin: I recall as a young reporter, this would have been about 45 years ago, when I covered a small town in New England as part of my beat on election night. The town accountant is what they call them, young man did the physical counting, and with a telling machine, but there was a room full of witnesses 360 degrees around him watching him, including the press. The newspapers could sit in there and watch him count. So at least you know there was no to the extent we could tell no funny business going on. Is that still part of it? Do you have witnesses to the to the talling
Michael Hamilton: Yeah, actually if a ballot comes in, it’s got your signature on it. There’s technology that will do signature matching. And if the match doesn’t get authorized by the computer is okay, it gets set to the side. And human beings have to look at it, try to match it. So when they do that they’re always two parties there, both parties there. So witnesses from either side that agree this signature is good, or it is not. So yeah, those checks and balances are there. And in fact, in the counting rooms, there’s lots, there’s cameras, there’s witnesses, there’s all kinds of things going on. So every time there’s humans involved, you can count on humans to be good witnesses. When technology is involved, it could be anything going on under the hood that we don’t know.
Tom Temin: And just an unrelated question while we have you since you specialize in municipal state and local cybersecurity. We’ve heard that really, with the pandemic forcing small governments and large governments and cities out of their offices just like they have at the federal level, that the attack vectors have become much more active in terms of phishing, and so on. Is that what you’re seeing?
Michael Hamilton: This is absolutely what we’re seeing, there’s a giant uptick right now. And I will say that the quality of the bait has gone way up as well. Without specificity I’ll tell you that the business that we’re in, we’re a target. And the bait that comes my way that evades the defenses and gets through is high quality. And we have to keep our radar way up. But to your point the attack vector now is also dependent on my crappy home Wi Fi network and the password that is my dog’s name that is part of the attack surface of government and business right now. And my concern is, and we’ve seen this happen, we’ve actually responded to incidents where this has happened, this stuff called ransomware, right. It’s basically disruption for the purpose of extortion. This is coming in on remote employee workstations, right, laptops they’ve been sent home with and then when they bring it back in and they plug it back into a corporate network or a government network, the stuff wakes up and activates So we’ve seen this a few times. And I will say that going back to the election issue, counties, really rural counties, do not have the ability to fund security controls very well. And st another way. They’re super easy to knock over and a targeted ransomware attack against a critical county that is going to be key in a swing state is something that I’m actually interested to see whether or not it’s going to happen because I think it will.