How Cybersecurity Fears Affect Confidence in Voting Systems

American democracy runs on trust, and that trust is cracking.

Nearly half of Americans, both Democrats and Republicans, question whether elections are conducted fairly. Some voters accept election results only when their side wins. The problem isn’t just political polarization—it’s a creeping erosion of trust in the machinery of democracy itself.

Commentators blame ideological tribalism, misinformation campaigns and partisan echo chambers for this crisis of trust. But these explanations miss a critical piece of the puzzle: a growing unease with the digital infrastructure that now underpins nearly every aspect of how Americans vote.

The digital transformation of American elections has been swift and sweeping. Just two decades ago, most people voted using mechanical levers or punch cards. Today, over 95% of ballots are counted electronically. Digital systems have replaced poll books, taken over voter identity verification processes and are integrated into registration, counting, auditing and voting systems.

This technological leap has made voting more accessible and efficient, and sometimes more secure. But these new systems are also more complex. And that complexity plays into the hands of those looking to undermine democracy.

In recent years, authoritarian regimes have refined a chillingly effective strategy to chip away at Americans’ faith in democracy by relentlessly sowing doubt about the tools U.S. states use to conduct elections. It’s a sustained campaign to fracture civic faith and make Americans believe that democracy is rigged, especially when their side loses.

This is not cyberwar in the traditional sense. There’s no evidence that anyone has managed to break into voting machines and alter votes. But cyberattacks on election systems don’t need to succeed to have an effect. Even a single failed intrusion, magnified by sensational headlines and political echo chambers, is enough to shake public trust. By feeding into existing anxiety about the complexity and opacity of digital systems, adversaries create fertile ground for disinformation and conspiracy theories.

Testing cyber fears

To test this dynamic, we launched a study to uncover precisely how cyberattacks corroded trust in the vote during the 2024 U.S. presidential race. We surveyed more than 3,000 voters before and after election day, testing them using a series of fictional but highly realistic breaking news reports depicting cyberattacks against critical infrastructure. We randomly assigned participants to watch different types of news reports: some depicting cyberattacks on election systems, others on unrelated infrastructure such as the power grid, and a third, neutral control group.

The results, which are under peer review, were both striking and sobering. Mere exposure to reports of cyberattacks undermined trust in the electoral process—regardless of partisanship. Voters who supported the losing candidate experienced the greatest drop in trust, with two-thirds of Democratic voters showing heightened skepticism toward the election results.

But winners too showed diminished confidence. Even though most Republican voters, buoyed by their victory, accepted the overall security of the election, the majority of those who viewed news reports about cyberattacks remained suspicious.

The attacks didn’t even have to be related to the election. Even cyberattacks against critical infrastructure such as utilities had spillover effects. Voters seemed to extrapolate: “If the power grid can be hacked, why should I believe that voting machines are secure?”

Strikingly, voters who used digital machines to cast their ballots were the most rattled. For this group of people, belief in the accuracy of the vote count fell by nearly twice as much as that of voters who cast their ballots by mail and who didn’t use any technology. Their firsthand experience with the sorts of systems being portrayed as vulnerable personalized the threat.

It’s not hard to see why. When you’ve just used a touchscreen to vote, and then you see a news report about a digital system being breached, the leap in logic isn’t far.

Our data suggests that in a digital society, perceptions of trust—and distrust—are fluid, contagious and easily activated. The cyber domain isn’t just about networks and code. It’s also about emotions: fear, vulnerability and uncertainty.

Firewall of trust

Does this mean we should scrap electronic voting machines? Not necessarily.

Every election system, digital or analog, has flaws. And in many respects, today’s high-tech systems have solved the problems of the past with voter-verifiable paper ballots. Modern voting machines reduce human error, increase accessibility and speed up the vote count. No one misses the hanging chads of 2000.

But technology, no matter how advanced, cannot instill legitimacy on its own. It must be paired with something harder to code: public trust. In an environment where foreign adversaries amplify every flaw, cyberattacks can trigger spirals of suspicion. It is no longer enough for elections to be secure – voters must also perceive them to be secure.

That’s why public education surrounding elections is now as vital to election security as firewalls and encrypted networks. It’s vital that voters understand how elections are run, how they’re protected and how failures are caught and corrected. Election officials, civil society groups and researchers can teach how audits work, host open-source verification demonstrations and ensure that high-tech electoral processes are comprehensible to voters.

We believe this is an essential investment in democratic resilience. But it needs to be proactive, not reactive. By the time the doubt takes hold, it’s already too late.

Just as crucially, we are convinced that it’s time to rethink the very nature of cyber threats. People often imagine them in military terms. But that framework misses the true power of these threats. The danger of cyberattacks is not only that they can destroy infrastructure or steal classified secrets, but that they chip away at societal cohesion, sow anxiety and fray citizens’ confidence in democratic institutions. These attacks erode the very idea of truth itself by making people doubt that anything can be trusted.

If trust is the target, then we believe that elected officials should start to treat trust as a national asset: something to be built, renewed and defended. Because in the end, elections aren’t just about votes being counted—they’re about people believing that those votes count.

And in that belief lies the true firewall of democracy.

This essay was written with Ryan Shandler and Anthony J. DeMattee, and originally appeared in The Conversation.

Tags: , , , ,

Posted on June 30, 2025 at 7:05 AM25 Comments

Comments

K.S. June 30, 2025 7:15 AM

The solution to widespread lack of trust is rather simple: pen and paper ballots, in-person voting unless for a clearly defined causes (e.g., military deployment), and ID checks at the polls. The fact that even such basic security measure as ID checks are resisted leads to inescapable conclusion that the goal is to undermine integrity of elections.

sf June 30, 2025 9:07 AM

As stated by K.S. : pen, paper and people.

Anyone who dares and says “Believe me, trust me, I’m honest” is necessarily a crook and a rascal. It’s in the same league as “Please trust me if I have the honor of saying you should believe the earth is flat”. One can’t even trust newer operating systems and devices when they say they won’t spy on user, and one should believe in computer honesty applied to voting ? Surely a joke, and a bad one indeed. Possibly WEF and e.u. humor.

Society does not need computers everywhere, nor high priests of digital art (not science : at best, art) repeating to the hoi polloi that the sheep are to believe in their masters’ honesty and integrity. The state is a mafia : who would expect the mafia to be trusted ?

Clive Robinson June 30, 2025 9:08 AM

@ K.S., ALL,

With regards,

“The solution to widespread lack of trust is rather simple: pen and paper ballots, in-person voting unless for a clearly defined causes (e.g., military deployment), and ID checks at the polls.”

Whilst a start, it is actually grossly insufficient.

It’s fairly well accepted that in the US you won’t be allowed to vote by all sorts of shifty tricks some done at the last possible minute so they can not be challenged.

This sort of nonsense along with “gerymandering” should make candidates permanently disbarred for standing for any kind of office with any kind of legal responsibility for the rest of their lives.

Because untill the US gets this non “one person one vote” under control and eliminated entirely there will never be “trust in the voting process” even though the casting might be argued as secure.

Because,

“Security in a partial process can never give trust in the whole process”.

It’s the principle of the “weakest link”.

And the outcome of lack of trust in the whole process will eventually be “civil breakdown” and all that involves…

John June 30, 2025 9:33 AM

Does this mean we should scrap electronic voting machines? Not necessarily.

I’d say: of course! How secure is voting with proprietary machines running proprietary, closed code?

Digital solutions are great, but for voting there’s nothing better than ID verification and paper ballots.

Jacob June 30, 2025 11:04 AM

Maybe showing voters their paper ballot before allowing it to be deposited in the box themselves would help.

I live in the UK and I’ve never come across a voting machine before. I’ve always been given a paper ballot that I have to mark before putting it in a box.
Maybe that’s why there are no controversies around election interference here?
Then again, I live in a quite rural area. Maybe in cities they have more advanced voting technology.

SocraticGadfly June 30, 2025 11:53 AM

This is, of course, not the same as questioning whether the electoral system behind US elections is run fairly.

Any “non-duopoly” voter knows it most certainly is not.

Steve June 30, 2025 11:56 AM

With all due respect, the mechanism for voting is nowhere as important as the access to voting in the first place.

Draconian ID laws that sometimes require people to travel long distances in order to even acquire the ID act as a deterrence for certain classes to vote at all.

In-person voting often makes for long lines in inclement weather that also discourage participation, especially in precincts that are engineered to specifically create those long lines.

Purges of voter rolls, which have happened in states such as Florida, often disenfrancise people often weigh most heavily on those least able to challenge their disqualification.

And then we get to gerrymandered districts where minority populations are carved into small slivers which make voter participation by those groups to be an exercise in futility.

Let’s make sure that all qualified voters actually get a chance to vote and that their vote means something, and then we can talk about the mechanisms by which they vote.

Doug K June 30, 2025 12:50 PM

this problem is solved, but Republicans don’t allow the solution to be implemented.
There were Senate and House bills to fix this, with the remedies that are obvious:
– Replacing insecure paperless voting systems with new equipment that will generate a voter-verifiable paper ballot;
– Implementing post-election audits of paper ballots.

https://www.congress.gov/bill/115th-congress/senate-bill/2261
https://www.congress.gov/bill/115th-congress/house-bill/1907

Both of these died in committee.

Colorado voting is done this way. Oddly enough Colorado was one of two states that did not show a red shift in voting in 2024. I wonder why.

Uthor June 30, 2025 12:56 PM

@Jacob,
It’s a state by state thing. Potentially district by district. I lived/voted in a (mostly) rural district in a fairly large state and it all was done electronically, turning nobs and pressing buttons. I believe a print out was made once I was finished.

I’m now in a large city of a smaller state and voting is done on a paper ballot, filling in the circle next to the name you are voting for. This is taken to a scanner to “read” the votes, but the paper is stored.

@Steve,
Yes.

mark June 30, 2025 1:13 PM

Two things that are directly relevant: first, 45/47’s years-long campaign to call the elections fake. Even though in 20, he filed 61 lawsuits, and all but one were tossed out the door, and the one was trivial.

The other.. Election Truth Alliance is a small group, focused on statisticians. They started because they found it utterly improbably that of seven swing states, 88 counties, EVERY ONE went for 47, and NONE for Harris. What they’ve found appears to suggest that the tabulators, not the individual machines, were hacked, flipping votes after they had received 300 or more votes. There’s investigation in Nevada? I think, of gross mishandling of ballots. And Rockland Co, NY, there’s an ongoing court case that may result in a hand recount. The nonpartisan group that brought that had, among other things, notarized statements of people who had voted for an independent, and they had more documents than votes had been counted for the independent.

My take is that the Dems thought they couldn’t challange, so as to not sound like 47.

Gary Stoneburner June 30, 2025 2:14 PM

“Trust” is inherently subjective. And it is common for humans to ‘trust’ something that objectively lacks trustworthiness. And for humans to ‘overlook’ reasons to not trust; perhaps because they have become accustomed to ‘it’. Non-electronic voting is, I suggest, an example. And electronic voting might be objectively more trustworthy than the manual system it replaces. Might be. Yet the attack vectors between manual and electronic are not identical and as with cyberspace attack and defend in general – the implementation matters. And voting is a system where the system ‘owners’ are threat agents that system ‘users’ are concerned about. Again – different attack vectors for the ‘owner’ between manual and electronic. Bottom line: which is ‘safer’ – manual or electronic? Answer – it depends. 🙂

lurker June 30, 2025 2:51 PM

And in many respects, today’s high-tech systems have solved the problems of the past with voter-verifiable paper ballots.

Real paper ballots don’t have hanging chads. Instant gratification is another problem of the digital age. When election campaigns are effectively four years long, it shouldn’t really matter having to wait till the next day for the result.

If trust is the target, then we believe that elected officials should start to treat trust as a national asset: something to be built, renewed and defended. Because in the end, elections aren’t just about votes being counted—they’re about people believing that those votes count.

Sorry for the ad hominem, but this made me notice that one of the authors’ names contains an anagram of Ayn Rand.

Steve June 30, 2025 3:10 PM

@mark: I don’t think we need to resort to nefarious doings to explain the outcome.

A few weeks after the election, when the totals had stabilized, I spent several days aggregating election results and turnout data and I’m fairly convinced it was a simple matter of turnout.

Of the six states which flipped in 2024, i.e., Arizona, Georgia, Michigan, Nevada, Pennsylvania, and Wisconsin, all but Georgia showed considerable decrease in turnout. Georgia showed an increase of some 45,000 voters. As a side note, I consider both Georgia and Arizona to be anomalies in 2020.

Michigan, Nevada, Pennsylvania, and Wisconsin had turnout (adjusted for increase in the number of registered voters) decreases measured in hundreds of thousands of voters, Nevada and Wisconsin showing double digit decreases.

In all cases except Arizona and Georgia, the downward swing was more than enough to swamp out the relatively small margins of victory. Michigan had a decreased turnout of nearly 600,000 voters while the margin of victory was only 80,000 votes, in round figures.

Why those voters decided to stay home and for whom they would have voted had they not is, of course, a matter of conjecture, but turnout seems most likely to have been the deciding factor.

TRX June 30, 2025 3:17 PM

> Draconian ID laws that sometimes require people to travel long distances in order to even acquire the ID act as a deterrence for certain classes to vote at all.

My state requires “state-issued photo ID” to vote. Though they recently started accepting certain Federal IDs, like military IDs or passports.

“State-issued photo ID” covers a lot of ground. Driver’s license, gun permit, school ID, “public assistance” ID, or the state “totally not a driver’s license” ID, which is a driver’s license with “NOT A DRIVER’S LICENSE” overstamped on it. It is rapaciously priced far beyond the means of “certain classes” at a wallet-cramping $5 for 7 years.

Tony June 30, 2025 5:14 PM

@TRX – $5 for seven years sounds good at first glance. But what are the physical steps needed to acquire it? If someone in a rural area needs to travels 50+ miles to get to a place that issues these IDs, that becomes a whole different blocking issue.

I think I remember news of Alabama closing DMV offices in black majority areas (as a “cost cutting” measure, with the clear side effect of disenfranchising more black voters than white).

Trustworthiness June 30, 2025 5:46 PM

It’s like a ladder: if democracy is built on trust, what is trust built upon? Trustworthiness!!! Not better lies!!!! That means that democracy itself is actually built upon trustworthiness, not more iron clad lies that people can’t detect as easily. This is a natural effect, one does not have to claim, “just trust me” to be trustworthy, in fact, insisting on better trust without bothering to reform to be more worthy of trust, is a clear signal to all with eyes in their heads, that the system is NOT TRUSTWORTHY! And therefore can’t be trusted. And trust goes down.

Focus on reform to be more trustworthy (that is, more truth, more honesty, more transparency, more real justice and justness, more faith, more goodness, more hope, more uprightness, more purity, more being right (righteousness), more honesty (not lies), and then, slowly, over time, trust will be built. Trust is earned, not claimed. So earn it.

But you put people in office who are the opposite of trustworthy, and you end up with sayings like “how do you know a politician is lying? his lips are moving” If you don’t deserve trust, stop bellyaching about lost trust. Change, so you are worthy of trust. Then you will get it (slowly, over time, as you prove you are worthy of it)

The only secure thing in a sea of liars to do is to not trust by default. Then if you find one different than all the rest, slowly, over time, you can build trust in that one thing.

Rontea June 30, 2025 8:04 PM

Defending trust is crucial in the context of American elections, especially as digital transformation introduces new complexities and vulnerabilities. Trust in the electoral process is essential for maintaining the integrity and legitimacy of democracy. Public education plays a vital role in building and defending this trust by helping voters understand the measures in place to protect their votes and the overall security of the voting systems.

Privacy July 1, 2025 9:16 AM

Some years ago while visiting my father he went to vote, I accompanied him. I was not voting and I was curious about a voting machine hack I’d read about. After dad exited the booth I gave it a try, it still had not been patched. I did not submit my vote, I cancelled it. That the vuln had not been patched, I think for some months, does not engender confidence in the electoral process.

Daniel Speyer July 1, 2025 1:54 PM

Are you suggesting that electronic voting systems have improved since https://xkcd.com/2030/ ? I’ve seen no sign of it. Nor have I seen election-operators showing any trace of a security mindset.

This whole essay plays into Diebold’s whole “perception is reality” style of security, which needs to die in a fire.

Trustworthiness July 1, 2025 9:04 PM

Why are people so ardent on “defending trust”???

Taken at face value, all that implies is “when we are doing the greatest evil, we need a better cover-up so nobody finds out, and trust is not broken by people finding out!!!”

NO! that is not the right way to do things!!!

Actually change to be worthy of trust!!! Then you need no “defense” just be what you are!!! And let people find out about it in a natural way, eventually, and then they’ll naturally start to trust you…

Here’s an example: you want people to be more trusting of computerized voting systems? Instead of inventing better marketing telling them how trustworthy it is… how about, redesigning those computers so they are actually more secure and trustworthy (and all the implications of this, such as accountability, openness, auditability, etc)??? I mean, it’s such a novel idea, I don’t know why people don’t think of this…

Do people think that’s just too hard? It’s too hard to be right, we just need to have a better cover-up? What the heck.

If it’s too hard for you or your computerized system to be trustworthy, you don’t deserve any trust. Stop bellyaching about a lack of it, maybe you deserve even less than what little you have!!! Ever thought of that? I mean, come on.

Tim van Beek July 5, 2025 2:56 AM

Great points, but here is a little observation: People who manipulate elections don’t manipulate the votes, they manipulate the count. Let all voters vote. It is great! Then take the urn, burn it, replace it with yours, count that one. Just look at places that actually have manipulated elections.
Trump – and everybody else in his wake – keeps talking about “voter fraud”, because it is not actually about “manipulated” elections for MAGA or Trump in the strict sense. It is about people voting and being elected that are not in their in group. That is the “fraud”. It doesn’t matter if everything is legal and correct on a technical level.
Keep doing what you are doing, Bruce, just keep in mind that no technological solution will ever stop these people from claiming “voter fraud”, because claims about that are just a facade.

Clive Robinson July 5, 2025 6:13 AM

@ Bruce, ALL,

A little something to think about with regards,

“The digital transformation of American elections has been swift and sweeping. Just two decades ago, most people voted using mechanical levers or punch cards.”

Do people remember,

“Why machines replaced machines?”

That is the “hanging chad” and simillar of supposedly “spoiled votes” because nobody had kept the old machines properly maintained and in a state fit to be used.

There is a process called entropy where

“things move from an organised to disorganised state”

This guarantees that all physical tangible objects will suffer from “wear, slop, defect and damage” with time.

So you can no more design and make a machine that does not wear out, than you can one for perpetual motion.

Obviously the use of machines no matter what their type or design means that they will have to be subject to,

“Storage, test, maintenance, repair, and disposal.”

All of which carry costs especially with the complexity of a device and the required skills.

Consider an old mechanical typewriter, back when I was young they were as ubiquitous in an office as staplers once were. Getting replacement parts or repairs carried out was relatively easy to do and fairly inexpensive and the one you used could be easily a half century old.

These days we have “personal computers” that get thrown away every three years, and all to often carry a copy of every piece of work carried out on them as well… But worse they are way way to easy to covertly change the way they function. To keep costs down they are made of consumer grade parts in low cost fragile plastic moulding boxes.

As far as I can tell all these modern “Voting Machines” are based on consumer grade PC parts inside expensive metal boxes.

Thus the real difference is,

“The cost of the box”.

For longevity and minimal cost over that long long period of time it’s almost impossible to beat the “tin ballot boxes” of the old pen and paper voting systems… They hardly wear out, are easy to repair and most people who can use hand tools can fabricate replacement parts that in turn will last for very long periods of time. They are also light, easy to store and keep in working order.

So ask the all important question,

“Who benifits from voting machines?”

Because it’s certainly not the voters…

However there is a great deal of money involved with them, and rapidly increasing costs. Especially when you consider they might only be used twice in the designed life of the consumer grade component parts.

The use of such machines makes no rational or economic sense, unless you make certain “assumptions” about “greasing wheels” and similar highly questionable activities.

Bobby Hart July 8, 2025 2:00 PM

@Tim van Beek: elections are a fraud because the Cathedral is a fraud. When nearly all information you have is a lie, what difference does your choice make?

Democracy is pointless, because the real constitution (i.e., the real mechanism of power, not the written Constitution) has figured out how to manipulate the electorate so that elections literally don’t matter. Or — it matters about as much as a football game, and provokes a similar response in that irrecoverable ape, the “voter.”

JTC July 20, 2025 9:04 PM

In addition to simple ink and paper, I would also propose an open count of ballots on a local community TV channel, showing each ballot as it is counted.

There is an additional bonus to using simpler “technology” in that it is harder to tamper with. The more complex the system, the easier it is to hide any cheating of the system.

Leave a comment

Blog moderation policy

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.