Campaign Action
About half of the county elections websites in Michigan (45%) and Wisconsin (55%) are "highly vulnerable to hacking," cybersecurity firm McAffee says in information provided to the Washington Post, lacking "a key and fairly standard security protection."
These counties don't use HTTPS to secure their sites, which means voter registration data is easily available to hackers, allowing Russia or anyone else to disrupt elections by accessing information. They could use contact information included in registration data to target voters with disinformation. Hackers could send voters to the wrong polling places, or steal their information, or hijack the site to infect visitors with malicious software.
"If I use this type of attack and send people driving halfway across town, you don't need to do that to a lot of people […] to make a difference," McAfee Chief Technology Officer Steve Grobman told the Post. "The barrier to be able to tamper with the election becomes quite low because almost anybody can do it," Grobman said. "I worry about this scenario actually more than the voting machines, because […] to do an attack like this where you're tampering with the election by suppressing the vote, that's very easy to conduct at scale." And could make all the difference in swing states. Like Michigan and Wisconsin. It's not just these states, either.
McAfee only provided information for Wisconsin, Michigan, and Florida. Most of Florida's counties do use HTTPS. "We're a good 25 years into the Internet and this is the most basic form of Web hygiene. The fact that we're not using HTTPS for the preponderance of these websites that are all about telling you where to vote, that's a big problem."
This is a relatively easy and inexpensive fix that a White House and a Congress concerned about election security and a free and fair election could make happen. That is if the White House and Mitch McConnell's Republican Senate weren't counting on cheating to get them across the finish line next November.