• News
  • Security
  • Products
  • About Seqrite
Seqrite Blog Blog
  • News
  • Security
  • Products
  • About Seqrite
Home  /  News  /  Can EVMs get hacked? We tell you the truth
04 February 2019

Can EVMs get hacked? We tell you the truth

Written by Sanjay Katkar
Sanjay Katkar
News
  • 420
    Shares
Estimated reading time: 3 minutes

It is the season of elections. The New Year of 2019 will see elections in countries from as varied as Nigeria to Israel to the European Union. But closer home, the Indian General Elections which will be held in the summer months will probably be the most significant. Elections in the world’s largest democracy have always captured world attention and this election promises to be no different.

Elections in India can get controversial and nothing exemplifies this more than the tool used for voting in the first place – the Electronic Voting Machines (EVMs). A simple electronic device for counting votes, an EVM consists of a control and balloting unit, joined by a cable. Powered by an alkaline battery, voters press labeled buttons of candidates to indicate their choice which is tabulated by the ballot unit. The process sounds simple, but since their implementation in 1999, it has been mired in controversy.

Suspicion and questions

Recently, there was a lot of controversy surrounding the tampering of EVMs in the 2014 general elections. Political parties, depending on the result of the election, are always quick to raise suspicion about EVMs’ security. On the macro level, this can have a discouraging effect on voting as a whole as aspiring voters can often be discouraged about this constructed lack of credibility and choose not to vote.

But is there any truth to these claims?

For what it is worth, the Election Commission of India has studiously rejected claims that EVMs can be tampered with. They have backed up their statement by pointing to various features of an EVM and measures used during polling which prevent tampering. Some of these include:

  • A vote is counted only once for a person on the press of a button. Multiple presses of a button cannot lead to multiple votes.
  • The operating program of an EVM is etched permanently in silicon after manufacturing and no one, not even the manufacturer, can change the program once the unit is manufactured.
  • Polling officers control the balloting unit and can press the “close” button, if they sense any trouble, ensuring that the system does not accept any more votes.
  • Votes are recorded in a randomized fashion in an EVM, hence making it impossible to program an EVM to receive votes to one particular candidate
  • Many other checks and balances are provided for EVM voting

Additional measures

Despite the number of ways in which EVMs are manufactured and designed to prevent tampering, questions continued to be raised about EVM tampering. The Election Commission of India decided to introduce another layer of security in the 2010s called the Voter-Verified Paper Audit Trail (VVPAT). The VVPAT allows each EVM to record each vote by generating a voter slip which is displayed to the voter. This serves two purposes: voters are immediately assured that their voting choice has been registered while these slips are collected and can be tabulated at the end of the voting process.

Of course, in a country with a breadth and width as large as India, lakhs of EVMs are pressed into operation during a General Election and invariably, there will be some that glitch and may not work properly. But that cannot be termed as proof of EVM tampering – it basically means the machines did not work properly and the ECI tries to replace these machines on the spot. Reports of EVM machines being hacked continue to be unfounded with no specific proof of these being hacked.

Since EVM design does not support usage of any wireless technology (like WiFi, Bluetooth etc.) it cannot be hacked remotely over wireless technology. Thus, we can rule out the possibility of a remote hacking of the EVM. It is difficult to hack the EVM, unless one obtains physical access to it and tampers its build and contents. Poor physical security can also be a possibility for tampering paper ballots. Thus, physical security of the voting centers and EVMs is of utmost importance. In conclusion while one cannot say with utmost certainty that EVMs cannot be hacked, it is true that EVMs are possibly the best voting system in existence currently. While they may have their flaws, their in-built checks-and-balances provide for a system which makes it extremely hard to tamper or hack them.

Seqrite is the enterprise security brand of Quick Heal Technologies Ltd., which offers
world-class enterprise cybersecurity solutions.

This is the third article in the #SeqriteonElectionSecurity series. Watch this space to get more updates on the protection of elections, citizens, and voting infrastructure from cyber attacks or cyber threats.

 Previous PostThis is how hackers can invade your system without installing mal...
Next Post  Artificial Intelligence – its use and misuse
Sanjay Katkar
About Sanjay Katkar

Sanjay Katkar is the Joint Managing Director and Chief Technology Officer of Quick Heal Technologies Limited. He holds a Masters in Computer Science from University...

Articles by Sanjay Katkar »

Related Posts

  • Cybersecurity roundup – Jan to April ‘19

    May 22, 2019
  • Cybersecurity Predictions for 2019

    February 22, 2019
  • social media

    How are social networking accounts used for malicious purposes?

    February 18, 2019

No Comments

Leave a Reply.Your email address will not be published.

Cancel reply

CAPTCHA Image
Refresh Image

Popular Posts

  • RAT used by Chinese cyberspies infiltrating Indian businesses RAT used by Chinese cyberspies infiltrating Indian businesses December 18, 2020
  • Are we prepared against risks generating from the IoT revolution? Are we prepared against risks generating from the IoT revolution? January 15, 2021
  • How can EdTech companies deal with rising security challenges? How can EdTech companies deal with rising security challenges? December 24, 2020

Featured Authors

  • Seqrite
    Seqrite

    Follow us for the latest updates and insights related to security for...

    Read more..
  • Viraj Talikotkar
    Viraj Talikotkar

    Viraj is a Lead Technical Writer at Quick Heal Technologies. He is always on...

    Read more..
  • Sanjay Katkar
    Sanjay Katkar

    Sanjay Katkar is the Joint Managing Director and Chief Technology Officer of...

    Read more..

Latest Posts

  • BEC and Ransomware attacks increase during the pandemic

    BEC and Ransomware attacks increase during the pandemic

    January 22, 2021
  • Are we prepared against risks generating from the IoT revolution?

    Are we prepared against risks generating from the IoT revolution?

    January 15, 2021
  • Proactiveness is the key to resolving hybrid cloud’s security challenges

    Proactiveness is the key to resolving hybrid cloud’s security challenges

    January 6, 2021

Stay Updated!

Topics

Antivirus For Linux (10) Antivirus For Server (9) BYOD (9) Cyber-attack (31) cyber-attacks (56) cyberattacks (12) Cybersecurity (275) cyber security (25) Cyber threat (29) cyber threats (44) Data (10) data breach (50) data breaches (27) data loss (28) data loss prevention (33) data protection (21) data security (13) DLP (49) Encryption (16) endpoint security (102) Enterprise security (14) EPS (9) Exploit (12) firewall (11) hackers (9) incident response plan (9) IoT (10) malware (58) malware attack (22) malware attacks (12) MDM (25) mobile device management (9) Network security (18) Patch Management (12) phishing (16) Ransomware (55) ransomware attack (29) ransomware attacks (30) ransomware protection (12) Seqrite (24) Seqrite Encryption (27) Seqrite EPS (33) Seqrite Services (16) UTM (34) Vulnerability (10)

Products

  • Endpoint Security (EPS)
  • Seqrite Encryption Manager
  • Seqrite Endpoint Security Cloud
  • Cloud Security
  • Seqrite mSuite
  • Seqrite MobiSMART
  • Unified Threat Management
  • Seqrite Secure Web Gateway
  • Antivirus for Server
  • Antivirus for Linux

Resources

  • White Papers
  • Datasheets
  • Threat Reports
  • Manuals
  • Case Studies

About Us

  • Company Overview
  • Leadership
  • Why choose SEQRITE?
  • Awards & Certifications
  • Newsroom

Archives

  • By Date
  • By Category

© 2020 Quick Heal Technologies Ltd. (Formerly Known as Quick Heal Technologies Pvt. Ltd.) Cookie Policies Privacy Policies

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website.
By browsing this website, you agree to our cookie policy.