See How Likely It Is That Your Voting Booth Gets Hacked

7 minute read

In a world where we can program our refrigerators to order more milk or conjure images of distant galaxies with a few swipes on a smartphone, it’s significant that the best, most reliable technology available on Election Day 2016 is good, old-fashioned paper.

“It seems counterintuitive, but paper is a technology that just happens to work really well for elections,” says Pamela Smith, the president of Verified Voting, a nonpartisan organization that advocates for accurate and transparent elections. “You can’t hack a piece of paper. Voters can mark it and see their vote, and then the ballots can be collected and double-checked.”

The following map uses data compiled by Verified Voting on county-by-county voting technology to track which regions—and, therefore, which parties’ base supporters—are most vulnerable to election tampering, even if the odds are remote. Use the search feature or zoom in manually to see what technology your county uses.

The security of paper ballots is a powerful selling point in an election cycle rife with concerns about cybersecurity.

In the past six months, foreign agents—allegedly backed by two Russian intelligence agencies—have hacked the Democratic National Committee, Democratic presidential nominee Hillary Clinton’s campaign and other Democratic political organizations, as well as voter registration databases in Arizona and Illinois, according to researchers at the Federal Bureau of Investigation.

In August, the FBI’s Cyber Division issued a “flash” alert to election officials warning that states must take new steps to enhance the security of their computer systems, and in mid-September, the Election Assistance Commission’s Technical Guidelines Development Committee met to discuss future cybersecurity standards. Republican presidential nominee Donald Trump has warned that this election could be “rigged.”

“It’s a threat we take very, very seriously,” Tom Hicks, a commissioner at the EAC, told TIME. But, he added, from a cyber perspective, this election may actually be less vulnerable to cyber mischief than elections in 2008 and 2012. “The voting process is the most secure it’s ever been,” he said.

That’s partly because this election year, an estimated 90 million Americans—roughly 71 percent of all voters, based on TIME’s analysis of the Verified Voting data and using 2012 turnout figures—are expected to use paper ballots (the green-colored counties on the map), either at their polling stations or through vote-by-mail systems. And while paper ballots are not perfect by any means—recall the “hanging chad” debacle in 2000—they do make it much more difficult to remotely affect the results of an election. They also provide both voters and auditors with independent hard copies, which then can be checked and doubled-checked if questions arise.

The real problem, said Lawrence Norden, the deputy director of the Brennan Center for Justice Democracy Program, lies with the nearly 40 million Americans who won’t be voting on paper, again based on 2012 figures. Those voters will instead be saddled with electronic voting machines (the yellow and red-colored counties on the map), many of which are more than a decade old, lack basic cybersecurity protections, and utilize hardware no more sophisticated than a stripped down, Bush-era laptop. In 42 states, electronic voting machines are more than a decade old, according to Norden’s research. (Many states still use such machines for voters who require special assistance.)

While states no longer use voting machines that connect directly to the internet, and therefore can’t be hacked in the same way your laptop can, any sophisticated ne’er-do-well with physical access to an electronic voting machine could easily rewrite its software to change the way that votes are counted or tabulated, according to a recent report by the Institute for Critical Infrastructure Technology.

A hacker could also fairly easily manipulate other weak points in the system, such as the digital networks through which votes from different precincts are collected and transmitted, said Malcolm Harkins, the chief security and trust officer at the cybersecurity firm, Cylance. “When you look at a lot of these problems, its low probability, but high impact,” he said. “So if the question is, ‘Is it possible?’, the answer is yes, definitely.”

Some electronic voting machines produce a paper receipt (the yellow-colored counties on the map), which helps reduce some of the risk of cyber-meddling. Election officials can use the paper print-outs to compare print-receipts with a machine’s electronic tally. On November 8, about eight percent of expected voters will use electronic machines that provide paper receipts.

But many more—an estimated 22 percent of expected voters—will vote in precincts that leave no paper trail whatsoever (the red-colored counties on the map), leaving them in a precarious position. If one of those machine is hacked, or malfunctions, or if concerns arise about the legitimacy of a county or state’s election results, there is no independent means through which to audit individual votes in those particular precincts.

That specter looms particularly large Louisiana, Georgia, South Carolina, Delaware and New Jersey, which have been the slowest to update their election systems, and therefore have a majority of precincts with primarily electronic machines with no paper trail.

Of those 750 counties that use electronic voting machines without a paper receipt, the vast majority lean Republican. In 2012, for example, 53 percent of voters in those counties cast a ballot for Mitt Romney in 2012—6 percentage points higher than the Republican nominee’s national performance. Counties that have electronic voting machines with paper receipts also lean Republican. The 218 counties with electronic machines with a paper trail broke 51 percent for Romney in 2012.

Meanwhile, the 1,975-some counties that use paper ballots, which include optically scanned ballots, tend to vote Democratic. In 2012, 54 percent of counties with paper ballots broke for Obama, slightly above the President’s share of the popular vote. The 175 counties that vote by mail had a similar split.

The real problem with these electronic voting machines, says Merle King, the executive director for the Center for Elections Systems at Kennesaw State University, is one of perception. “The idea that anyone could hack in any meaningful way into the election system so as to skew the result on the national stage is far-fetched actually,” he said. “But there’s so much anxiety about this out there. If there was something that came up, even on a small scale, that compromised people’s perception of the legitimacy of this election, that would be the worst outcome—that could be really terrible.”

Methodology

All the data on voting machines was compiled by Verified Voting. The 2012 election results are licensed from the Atlas of U.S. Presidential Elections. In cases where multiple machines were used in the same county, we chose only to tally machines that are available to the majority of voters on Election Day, as opposed to early-voting mechanisms or those designed for special accessibility. As such, our map does not exactly match that on VerifiedVoting.org, though our results were carefully checked against their raw data for accuracy.

In a very small number of cases—26 out of over 3,100—a county uses multiple types of machines in different precincts on Election Day. Those counties are colored by stripes on the map and count toward both totals for the partisan breakdown of machines by 2012 election results.

Correction: The map in the original version of this story misstated the voting system used in Alexandria City, Va. The city uses optically scanned paper ballots.

More Must-Reads From TIME

Write to Haley Sweetland Edwards at haley.edwards@time.com and Chris Wilson at chris.wilson@time.com