Fri. Feb 22nd, 2019

Election Security

Cybersecurity leaders in India are preparing for the upcoming general election by preventing foreign cyber threats and protect electronic voting machines (EVMs) against hacking by using appropriate security measures, including regular patching and addressing OS vulnerabilities.

According to cyber expert  Syed Shuja, he believes that the Indian 2014 Lok Sabha general elections were rigged through EVMs. He states that the EVMs were hacked in 2014 to receive military-grade frequency signals.

Though, a number of security experts debunked his claims; like Pune-based Ajit Hatti, a white hat hacker and adviser to the Indian armed forces on cryptology who says Shuja’s assertions have no credibility.

Its been said that Shuja’s claims about the rigging of the 2014 elections and hacking of EVMs are absurd, and that EVMs have no wireless interfaces. Therefore, no one can do anything without physically accessing the EVM. There is no known approach to tamper data using any kind of transponder whatsoever in the absence of wireless interfaces or through interference.

The only way to attack EVMs is by an established telecom … then to intercept those attacks, you need access to similar telecom-like infrastructure.

Potential Vulnerabilities

Many security experts in India contend it’s impossible to prove the 2014 election was rigged by hacking EVMs.

Due EVMs being  in storage between election cycles, they miss out on critical patches and updates, creating a backlog of time-consuming fixes once the next election comes, some security specialists point out.

An cyber law and risk management expert at Naavi Consultants, suggests that the Election Commission should declare EVMs are protected systems under Section 70 of Information Technology Act 2000.

According to CERT-In empaneled auditor Dr. Rakesh Goyal, in order to help further ensure the security of EVMs is to continuously patch the software.

Improving Security

The Election Commission refuted Shuja’s claims that EMVs were hacked in 2014 and raised questions about his employment history and security qualifications.

In a statement from Sunil Arora, the, chief election commissioner he states that all vehicles carrying EVMs and voter verified paper trail systems in Lok Sabha elections will be tracked so that the four to five incidents that occurred this time can be avoided in 2019.”

According to A.T. Kalghatgi, the director of research and development at Bharat Electronics Limited, new EVMs that will be deployed for this year’s elections. The new model of EVMs is expected to have  more add-on features that will secure them further.

An Election Commission spokesperson says India’s EVMs “use some of the most sophisticated technological features, like one time programmable microcontrollers, dynamic coding of key codes, date and time stamping of each and every key press, advanced encryption technology and EVM-tracking software to handle EVM logistics, to make the machine 100 percent tamper-proof.”

In addition, new model M3 EVMs will have tamper detection and self-diagnostics as added features; therefore, if anyone makes an attempt to access, the machine will become inoperative, the spokesperson says.