Microsoft has begun showcasing its latest innovation in the democratic election process. The company claims its Microsoft ElectionGuard system is a comprehensive package that facilitates digitally conducted elections. The ElectionGuard system consists of a few well-rounded pieces of secured equipment that allows voters to cast their votes electronically. To mitigate the risk of digital fraud and the inherent risk of voting machine tampering, Microsoft has implemented several interesting techniques. The votes cast using Microsoft ElectionGuard system are supposed to be secure, and yet the votes can be authenticated and verified after the elections to ensure transparency and accuracy.
Microsoft demoed the ElectionGuard system as part of the company’s Defending Democracy Program. The company claims the demonstration shows how it’s also possible to make voting more accessible for people with disabilities and more affordable for local governments while increasing security. The company even offered to share data that indicates how the democracies across the world remain under threat of external influences. With recent allegations of foreign countries and state-sponsored agencies attempting to manipulate the outcome of the elections, Microsoft’s ElectionGuard system could soon be adopted by countries where governments are still democratically elected.
How Does Microsoft ElectionGuard System Work?
The Microsoft ElectionGuard system consists of multiple components, but the voting process for the voter remains as simple as the ballot paper. Voters can cast their votes directly on the screen of the Microsoft Surface or using the Xbox Adaptive Controller. Microsoft assures the controller was designed with organizations that work with differently-abled people. In other words, the hardware and software on the digital voting system are optimized. Moreover, Microsoft assures the voting hardware can be built securely and inexpensively into primary voting systems, and no longer requires separate voting machines to meet the needs of those with disabilities.
— Dezeen (@dezeen) July 18, 2019
Citizens casting their votes will receive a unique tracking code that they can use after the elections. The code can be used to ensure the votes cast were actually counted. The website designed for tracking will merely show statistics and not the actual votes. The ElectionGuard SDK has inbuilt homomorphic encryption. The security features allow essential mathematical procedures, like counting votes, while keeping the data of people’s actual votes fully encrypted. Incidentally, this is the first-ever system that grants the ability to voters to independently verify their votes were truly counted and not altered. Moreover, voting officials, the media, or any third party will also get a “verifier” application to ensure the voting process was conducted in a transparent manner
The Microsoft ElectionGuard system will also offer voters with a printed record of their votes. Voters should drop these into a physical ballot box. Combined with the unique code the electronic voting process should offer all-round authenticity. In the end, the election commission of the country conducting the elections can execute a thorough audit, thereby eliminating the doubt of election or vote tampering or voting machine hacking.
Microsoft Will Work With Election Technology Suppliers And Offer Supplementary Software As Well
Microsoft has confirmed that it won’t be offering, bidding or selling its ElectionGuard system directly. Instead, the company will work with the community of election technology suppliers that already serve state and local governments. Companies like Smartmatic, Clear Ballot, and Dominion Voting Systems, are already working with Microsoft to explore ways of including ElectionGuard in the voting process.
Microsoft could debut the ElectionGuard voting systems as early as in next year’s elections. To ensure its systems are part of the 2020 elections, the company is working with academicians and other experts in the field of elections, political science, computer science, statistics, and international and public affairs.
From @KenDilanianNBC at @AspenSecurity Microsoft is rolling out a free, open source software product called ElectionGuard that uses encryption to "enable a new era of secure, verifiable voting." https://t.co/p69V0o5GEi
— NBC Investigations (@NBCInvestigates) July 17, 2019
To ensure robust and comprehensive protection from malicious agencies and state-sponsored hacking groups, Microsoft’s Defending Democracy Program has also offered Microsoft 365 for Campaigns and AccountGuard. Moreover, Microsoft is also continually working with NewsGuard to protect the voters from fake news and propagation of disinformation. The company also applauded the efforts of Google, Twitter, and Facebook for fighting false or fake news. Several educational and research institutes are also working with Microsoft to develop voting hardware and mechanisms.
Microsoft Notified About 10,000 Users Of Its Products About Organized Attacks:
Microsoft claims it alerted nearly 10,000 customers they’ve been targeted or compromised by nation-state attacks. Interestingly, about 84 percent of these attacks were aimed at enterprise customers, while the rest targeted consumer personal email accounts. While the majority of the attacks weren’t related to the elections or democratic process, the collated and analyzed data indicate how large and focused state-sponsored hacking groups continue to engage in cyber espionage to gain intelligence. The same tactics could easily be deployed to influence the elections.
Incidentally, the information garnered from Microsoft’s AccountGuard also revealed several threats to political campaigns, parties, and democracy-focused nongovernmental organizations. Moreover, 95 percent of these attacks have targeted U.S.-based organizations. Needless to add, several institutions do not have big cyber-defense teams or even a decent budget to safeguard themselves from cyber-attacks.
Here's a bullet list rundown on how Microsoft's ElectionGuard will work.
— Catalin Cimpanu (@campuscodi) July 17, 2019
Microsoft also mentioned that the majority of nation-state activity in this period originated from actors in three countries – Iran, North Korea, and Russia. Groups like Holmium and Mercury are believed to be operating from Iran, Thallium operating from North Korea, and Yttrium and Strontium are believed to be from Russia. In the past, some prominent groups have pivoted to conduct cyber espionage. This indicates the popularity of the activity over cyber-terrorism and even stealing money. As the general US elections are approaching, Microsoft is rightly concerned about the exponential rise of attacks.
There have been persistent accusations claiming the last US general elections were heavily influenced and manipulated. Although evidence supporting the claims isn’t concrete, there have been several incidents wherein foreign nationals have been caught attempting to spread false or fake news. While these are supplementary activities, Microsoft appears to have a comprehensive approach to safeguard the democratic elections process. Its ElectionGuard system, combined with AccountGuard, and other platforms could offer a strong line of defense. Meanwhile, the social media giants and other digital platforms must ensure the generation and propagation of fake news is hindered.