Recent attempts to hack voter registration systems, including a successful attack in Illinois this week, point to a glaring cybersecurity deficiency across the nation: State-readiness to defend against potential cyberattacks is inadequate, according to experts, and voter registration systems are among the most susceptible entry points for hackers to gain access to sensitive information of Americans — and possibly even manipulate elections.
"Both campaign and state voter registration databases are weak targets and the low-hanging fruit," said Francesca Spidalieri, senior fellow for cyber leadership at the Pell Center for International Relations and Public Policy. "A lot of the systems used to store health-care records, pension information and voter registrations are old, intermittently used and handled by staff with little to no training in cybersecurity," she said.
"To be blunt, a kid could have done this. That's how bad it is," said internet security expert Joseph Steinberg.
These findings are particularly alarming in light of reports that Russian hackers were behind two recent attempts to breach voter registration databases in Illinois and Arizona.
"They all hold valuable information, whether internal party policies that can shape the elections or the personal information of the electorate. The value of targeting those databases is not only to steal information (voters' names, birthdays, SSNs, etc.) but also to conduct an information operation and manipulate election results directly or indirectly by affecting turnout, disrupting election sites and ultimately sow doubt in the legitimacy of the election itself," Spidalieri said.