President Trump has repeatedly said that mail-in ballots invite voter fraud and would benefit Democrats. It is a baseless claim: Mail-in voting has resulted in little fraud in the five states that have used it for years, and a recent study at Stanford University found that voting by mail did not advantage either party and might increase voter turnout for both parties.
But there are different worries. The rush to accommodate remote voting is leading a small number of states to experiment with or expand online voting, an approach the Department of Homeland Security deemed “high risk” in a report last month. It has also put renewed focus on the assortment of online state voter registration systems, which were among the chief targets of Russian hackers in 2016. Their security is central to ensuring that, come November, voters actually receive their mail-in ballots or can gain access to online voting.
While Russian hackers stopped short of manipulating voter data in 2016, American officials determined the effort was likely a dry run for future interference. To head off that threat, last summer the Department of Homeland Security hired the RAND Corporation to re-evaluate the nation’s election vulnerabilities, from poll booths to the voter registration systems. RAND’s findings only heightened the longstanding fears of government officials: State and local registration databases could be locked by hackers demanding ransomware or manipulated by outside actors….
Mr. Krebs’s agency is also concerned about vulnerabilities surrounding internet voting that Delaware, West Virginia and other states are using. In May, it issued a confidential report to voting vendors and election officials in all 50 states opposing online voting, warning that ballots “could be manipulated at scale,” meaning hackers could change large volumes of votes undetected.
Separately, researchers at the University of Michigan and M.I.T. released a study on Sunday concluding that one platform already facilitating internet and remote voting could, in certain cases, be manipulated to alter votes — without being detected by the voter, election officials or the company that owns it….