What's the Worst Hackers Could Do to the US Election?

Hacking the US election
Jason Hoffman/Thrillist
Jason Hoffman/Thrillist

You've undoubtedly heard the rumors that Russia or, ahem, some unknown state actor, is meddling in our presidential election, and plotting a massive hack on our electronic voting machines to tip the scales in favor of Trump. Hate to be the one to burst the conspiracy bubble, but they couldn't do that even if they wanted to.

However, what could potentially affect voter turnout -- and by extension, the potential outcome of the election -- is a massive internet cyber attack like the one that brought down tons of sites worldwide on October 21st. What would happen if someone decided to pull off an even more crippling DDoS attack in the States on Election Day?

Like the October attack, hackers could strategically take down websites and services that are important to voters

The widespread attack a couple weeks ago didn't bring down the internet, per se, but rather broke it in what is known as a distributed denial of service (DDoS) attack. It targeted a preeminent domain name service (DNS) company, which maintains a directory of the names of websites and then translates those names into the IP address needed to access them. Without that translation, you can't get to the site, which is why you couldn't access Twitter, Spotify, Netflix, Reddit, and a whole slew of other sites for several hours that day.

On Election Day, these hypothetical hackers could take down more than one DNS company, thereby striking an even more catastrophic blow. Chris Ciabarra, the co-founder and CTO of Revel Systems with a background in software security and anti-hacking, unpacked what an Election Day DNS attack could mean. "It could certainly affect the election. They could possibly bring down campaign websites, so they can target what information is and isn't available to the public. If there are sites urging individuals to vote, or helping them register/find polling places, they could plan targeted attacks. [The hackers] can also target sites that are frequented by one party or another, which can slant voter turnout."

They could also target the media to create chaos during the vote tally

Taking down campaign sites is one thing, but messing with the broadcasting of the vote tallying could also cause massive delays and disorder on election night. Sean Sullivan, security advisor to the European cyber-security firm F-Secure, says that a targeted attack on the Associated Press would be particularly problematic. "AP's system could be a critical point of failure on election night. A [hacker] couldn't actually change the vote, but the results could definitely be undermined. A DDoS attack on the AP's election night system could result in a delayed tally. And in the current political environment, delayed results will spread suspicions of voter fraud. If the system is vulnerable to hacking, illegitimate input might be possible, confusing the reporting, with the same potential results."

It's very, very unlikely that attackers could rig the election results...

It's true that much of the technology we rely on to expedite the voting process at the polls is shockingly outdated. Still, the vast majority of voting machines aren't networked together, and aren't directly connected to the internet at all, which means the likelihood of a massive, widespread hack that could tip the results is less than minimal. You could, theoretically, mess with them individually if you had physical access to them, but that would require a sophisticated and collaborative effort involving many people in many polling sites across several states and, well, I'll let you put on your tinfoil hat to ponder that, but it ain't gonna happen. 

... But they could cast doubt on the legitimacy of the election

Knocking specific sites offline in hopes of giving advantage to a particular candidate is bad, but it's what this does to the psyche of the voting public that has the most profound effect. As Amir Sharif, co-founder of the stealthy security startup Aporeto, explains, it could lead to calls for an election do-over, and fan the flames of the outrageous rigging claims that have dominated the conversation leading up to Election Day. "A DDoS that would make news and information sources unavailable, and potentially knock certain voting precincts offline, could cast doubt over the legitimacy of the election. This psychological aspect is, by far, the more serious threat facing the US democratic system on November 8th."

... Or just manipulate financial markets

Another potential motive for a cyber attack on Election Day might not be political at all, according to Sullivan, but financial. "If the system is vulnerable, perhaps an attacker would prefer insider access for the sake of market arbitrage. Or to create market chaos. It wouldn't be the first time that a hacker caused markets to move. I wish these concerns were far-fetched. But given the targeted hacks and DDoS attacks seen during 2016, I don't think they are."

Sign up here for our daily Thrillist email, and get your fix of the best in food/drink/fun.

Joe McGauley is a senior writer for Thrillist who'd like to purge this nightmare of an election from his memory.