1. An attack on DREs that depends on physical access in the weeks leading up to the election.
This attack would involve hackers actually infiltrating election teams or depending on poor physical security surrounding voting machines. In the years of the DRE rush following the 2000 election, many voting security experts showed a host of vulnerabilities that depended largely on physical access to the machines.
This is a potential attack vector that would likely involve a fairly large number of sneaky conspirators who don’t get caught.
Given all those potential problems, this attack is probably unlikely. It’s an "unsophisticated version" of an election hack, said Free and Fair's Kiniry.
2. An attack on DREs during software updates. This is a more likely scenario than No. 1. While DREs aren’t supposed to be connected to the internet during an election, many DRE models get software updates through network connections.
A lack of an internet connection on Election Day does not make DREs "immune to internet hacking," because of their election management systems [EMSes], Jones said. A "clever hacker" could inject malware into DREs during the process used to load ballots and other election configuration information, he said.
The basic pre-election checks in many states might not find the malware, he added. "Malware can be made that triggers only on the first Tuesday after the first Monday of November in an even-numbered year," he said. "Malware can be made to trigger only if the polls are open for longer than six hours. Malware can be made to trigger only if the machine is used by more than 25 voters."
Unplugging DREs from the internet is a "red herring," Kiniry added. "The threat vectors on DREs and similar equipment -- as shown many times by security researchers -- are manifold," he said. "Installing malware in an EMS over the 'Net and then having that EMS infect a ballot definition file written on a USB stick or DVD is totally a thing."
3. Finally, the goal of some hackers may be to raise doubts about the election results, instead of swinging the election for one candidate. This is is the scariest potential attack because the hackers would need to compromise just one election system in one jurisdiction, and it wouldn't need to be in a swing state or affect the outcome of the election.
With recent attacks on the Democratic National Committee, some U.S. law enforcement authorities have accused Russian hackers of trying to influence the election. Republican Trump has suggested that if he loses in November, the election will be "rigged."
A close election is needed for hackers "only if you are looking to actually change the outcome," Kiniry said. "If all you want to do is cast doubt on the outcome, it doesn't matter if it is a landslide for Clinton or a squeaker for Trump, you just do a hack or two and reveal it to the media after-the-fact."
Sign up for CIO Asia eNewsletters.