Swiss election evaluation software with clear security problems

In Switzerland, more than half of the cantons use outdated and vulnerable software to determine election results. This was revealed at the end of last week by research by the Swiss online magazine Republik in collaboration with IT security experts. They emphasize that some of these software systems do not meet international security standards.

A number of weak points include a lack of security precautions, weak encryption or various misconfigurations of servers. According to the Republic, the programs of two software companies and the in-house developments of three cantons are particularly affected.

The cantons use a wide range of different software and specialized systems for voting and elections. Programs called “result determination software” calculate seat gains and losses in real time and show them graphically.

As Republic writes, two research teams from the ETH and the University of Zurich analyzed the Swiss electoral processes after the debates about “e-voting”, which was finally put on hold due to security concerns, but based on the traditional postal vote. In this context, they came across opaque, outdated and inadequate software systems that were used for counting votes on paper.

In a study by ETH Zurich, for example, it was said that many cantons use software to determine results that has not been subjected to a public safety check. In his study “Cyber ​​Risks in Paper Voting“The ETH research team also dealt with the situation in Germany, where serious security deficiencies were also discovered in 2017 in the election evaluation software PC-Wahl from the provider Vote IT.

The second team of researchers from the University of Zurich, together with Republic author Adrienne Fichter, dealt in depth with the individual software systems of the cantons, insofar as they could be analyzed at all due to the lack of publicly available interfaces and information.

The computer science doctoral student Christian Killer and the Zurich IT security consultant and penetration tester Melchior Limacher found vulnerable programs in at least 14 cantons. According to the republic, the various problems and security gaps include possible “man in the middle” attacks, potential insider attacks and weak standard passwords. In a system, anyone who has the password can manipulate all data records directly in the database without restriction, according to the online magazine. “Failures by the software providers but also the consequences of a lack of IT security awareness in the cantonal administrations,” is the view of the Republic as the root cause of the security problems.

However, the research also shows a clear regulatory gap. Because according to the republic “to date there are no federal security requirements for the purchase and operation of such systems”. Penetration Tester Limacher told Swiss TV (SRF) that it assumed that the systems were never checked for security and that there were no corresponding requirements to date.

Nevertheless, according to the republic, “no evidence has been received or found that the weak points mentioned have been exploited in the past”.

In addition, according to Killer and Limacher, some of the voting software solutions suffer from their lack of transparency. “We have found that closed systems are often in use. This means that you can not verify whether a system is really doing what it is supposed to do,” they told the SRF. In addition to national regulation, there are also other options, the two agreed, according to the SRF: “Making software public and verifiable is now seen as the silver bullet in IT security”.

The report of the online magazine generated a lot of echo and discussions. Some cantons now see a need for action and one of the software companies has also announced that it wants to close security gaps.

Hernani Marques from the Swiss Chaos Computer Club demands “that the same criteria as for highly regulated e-voting must apply to the digital determination of results”. It calls on the Confederation to exercise its supervisory duties, to insist on minimum standards in the cantons and communes and to declare independent reviews of the systems to be mandatory.

The Federal Chancellery, in turn, now wants to make the cantons responsible for ensuring that their software is secure. Any weaknesses or problems should be analyzed by the responsible authorities and, if necessary, rectified, according to the federal government. However, the first political voices have a different point of view: “The federal government cannot simply look the other way. The scope is too important,” says Green Liberal National Councilor Judith Bellaïche.


To home page