Iowa Democrats have struggled to declare a clear winner in this week’s caucuses – the DNC chairman just called for a recanvassing – but a clearer picture is emerging of the largely untested app – reportedly just two months old – that led to the state party’s counting woes and the impact that technology is likely to have on election and election security in the future.
The quick delivery of the IowaReporterApp – developed by Shadow Inc., a company created by Democratic operatives who worked on the Clinton campaign – and its application to a complex caucus process made more complicated by expanding reporting to include three sets of results – almost certainly ensured chaos, inaccuracies and questions about cybersecurity.
"There are basic needs that must be met in a democratic election process," said John Dickson, principal and application security expert at Denim Group, "and those that are most important, accurate tabulation and timeliness, were not met."
There was “insufficient time to test the code functionality, let alone thoroughly evaluate its structural integrity before it was hit with live field conditions and loads,” said Bill Curtis, senior vice president and chief scientist at CAST Research Labs, who pointed out that the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) will vet election technology for free. “But they were not contacted and would not have had time to complete their evaluation before the app went live (or on life support).”
Transitioning from in-person voting to a technology-based voting is inherently risky from a security platform. “Mobile apps in particular have a larger threat surface than, say, a website that simply collects data,” said Ray Kelly, principal solutions architect and alliances at WhiteHat Security. “When it comes to personal information, mobile app data and even accounts can be stolen with rogue access points (‘Free WiFi Connection!’), and extra thought must be given to encrypting PII on the device itself.”
That gives malicious actors an in “to lure users to download fake voting apps for the simple purpose of stealing PII,” he said, pointing to breaches like the one at British Airways, in which 380,000 users’ credit card numbers, names, addresses and more were stolen through a skimmer script in the airline’s mobile app.
Electronic voting is more a less a given in the future – and will certainly attract hackers around the globe. Just this week, FBI Director Christopher Wray warned members of the House Judiciary Committee that Russia is actively mucking with the 2020 presidential election through information warfare. “They identify an issue that they know that the American people feel passionately about on both sides and then they take both sides and spin them up so they pit us against each other,” Wray said. “And then they combine that with an effort to weaken our confidence in our elections and our democratic institutions.”
Voter confidence, already tenuous, could take a hit after the IowaReporterApp debacle – and the ensuing chaos over the vote tallies that prevented Iowa Democrats from declaring decisive results. Conspiracy theories materialized quicker than officials were able to craft a statement in response to the incident.
“Unsurprisingly, the technical problems impacting the Iowa caucus have given widespread attention to an issue that goes to the heart of voter confidence and could directly impact voting turnout across the nation,” said Casey Ellis, Bugcrowd CTO and cofounder, who acknowledged technology’s impact on the modern democratic process.
“It also reminds us that building software is hard,” Ellis said.
App makers can do better. “Sloppy software development practices cannot be tolerated, whether in election technology, flight control systems, financial systems, or any business-critical software systems,” said Curtis.
The Shadow app and its back end clearly didn’t undergo adequate functional and stressing testing, says Jack Mannino, CEO at nVisium, explaining that multiple factors cause systems to perform differently during pre-production than in live settings. “This is why exhaustive and comprehensive testing must be done across the software development lifecycle from prototype development through integration to pre-production (or simulated environment), and especially before live deployment for such mission critical applications,” he said.
The teams creating solutions often are “not representative of the population using it, so unless there’s extensive user testing, groups such as older demographics may have issues navigating it,” says Bailey. “What makes it distinct in elections are the vast consequences when these solutions fail. Results get out late (or are incomplete), candidates are left wondering whether they should be on a victory or defeat march, and more.”
Much of the burden to get it right rests on voting officials.Steve Moore, chief security strategist at Exabeam suggests doing the following:
- Agree on a clear goal, and the tasks needed to achieve it: If a new app is being used, how many have been trained on it? The best applications are made from a user’s perspective, not engineers’ perspectives.
- Have a go, no-go: When things go wrong, everyone must march to the same cadence – at the right time. Need support or a bridge line? Do you have the number, and can the call load be supported?
- Set customer expectations ahead of time: The customer shouldn’t question the result, nor should they fret over a delay.
- Set internal expectations: Share before the event that if certain conditions aren’t met, that a substitute or parallel effort will commence – in this case, a manual review.
- Communicate: When things don’t go as planned, comfort and confidence go a long away. Have named resources to share the plan of action, status, and timeline.
As messy as the Iowa caucus tally was, there were some bright spots that should be considered going forward. First, the fallback mechanisms meant to ensure vote integrity worked. “While the results were delayed, the failsafe systems were available and activated, and Iowa voters have been reassured that their vote was counted,” said Ellis.
And while Bailey sees ramifications for technology in elections going forward, the Iowa caucus fiasco “arguably is a positive” long term. Better to find out now that U.S. elections are quite ready for online or mobile voting than after a widespread roll out. “While theoretically the technology exists, the technology industry has proven time and time again the inability to always fully understand the user’s experience, consistently test for different scenarios, scale properly, and develop a robust security architecture around the solution,” says Bailey. “All of this (and likely more) is necessary for proper voting over the internet. The Nevada State Democrats [who were set to use the same app but have since ditched that plan] have already stated they are evaluating best strategies for their caucus, but that they will have backups in place.”
That’s likely cold consolation for Iowa, which now may not serve as a bellwether for U.S. presidential elections in the future. “The inconsistencies in the caucus system reported today almost certainly will mean Iowa will lose its first-in the-nation status. This is the end of an era,” said Matthew Schmidt, associate professor of national security and political science at the University of New Haven. “Iowa built its system in response to the chaos of the ’68 election, it’s an artifact of the Boomer era and what happens next marks a sea change in American politics.”