With all the inconsistencies in the mail-in ballot system this election cycle, some are wondering: Wouldn’t this be easier if we could vote electronically? 

But for all its faults—late ballots, defective ballots, missing ballots—the mail-in voting system is far more secure than any electronic ballot system could be, says Engin Kirda, professor of computer science at Northeastern and executive director of the Cybersecurity and Privacy Institute. 

Using pen and paper—whether for in-person or mail-in voting—is the most secure way to cast a ballot, he says. That’s true even if there’s the potential for paper ballots to be destroyed, which happened in Boston last week when a man set fire to a ballot box.  

“Any physical attack like this on the voting system, it’s hard to scale up,” Kirda says. “It’s immediately detectable.” There were 120 ballots in the box at the time, and the fire department was notified soon after the fire started. 

“With a cyberattack, it’s sometimes impossible to know who is responsible,” Kirda continues. “We can trace an IP address, but attackers are smart enough to know not to use their own IP address.” 

Many people, including President Donald Trump, have expressed concern about potential voter fraud in the upcoming election because of an increase in mail-in ballots, which some people fear are easy to fake. 

But Kirda says it’s unlikely that individual voters would perpetrate large-scale fraud through the mail-in system. 

“It’s like fraudulent checks. I can write a fake check, I can cash it, and I can make some money. But the stakes are so high if I get caught. It’s not worth it,” he says. “We probably won’t see large-scale voter fraud for the same reason we don’t really see large-scale check fraud.” 

Another reason Kirda favors pen-and-paper voting is because the information in electronic voting systems could be vulnerable to foreign attacks, much like the database of voter registration information obtained by Russian and Iranian attackers earlier this month. 

Democratic voters in Alaska, Florida, and Arizona received threatening emails from the attackers telling them to vote for President Trump. Iran also distributed a video claiming that people could cast fraudulent votes in this election. 

While neither of these are examples of outright fraud, sowing doubt among voters about the credibility of the election results could be almost as destructive to the system, Kirda says. 

“I’m more concerned about voters targeted with misinformation,” he says. “It’s relatively easy to do since the system is connected to the internet. Anything that’s connected to the internet is vulnerable, and you can launch an attack from anywhere.”

For example, on Election Day, if the results aren’t overwhelming for one candidate, a misinformation attack could convince the public that one candidate lied or cheated, Kirda explains.  

“The country becomes divided,” he says. “These misinformation campaigns create trouble. They could weaken the country at a time of uncertainty.” 

For media inquiries, please contact Jessica Hair at j.hair@northeastern.edu or 617-373-5718.