Donate search
close

Share

  • Facebook
  • Twitter
  • send Email
  • print Print

Shocked? Hacking Voting Machines is ‘Easy’ According to Experts

I’m not shocked. The DEF CON cybersecurity conference brought in 30 voting machines for attendees to play with. How many were hacked?30.

By Steve Berman

“It took me only a few minutes to see how to hack it,” said security consultant Thomas Richards, glancing at a Premier Election Solutions machine currently in use in Georgia.

(Source: The Hill)

My response to this is: well, duh.

These security conferences held in Las Vegas typically feature a mix of “black hat” and “white hat” hackers, meeting semi-anonymously in a temporary truce in order to compare notes on the latest vulnerabilities in our electronically-enhanced world. This is one of those places where you’d be a fool to bring in a smartphone with WiFi enabled—it would be remotely hacked within minutes.

Electronic voting machines were designed with older technology, for a specific purpose. They display a ballot, record a vote, and tabulate. Slot machines are far more advanced than voting machines (and far more difficult to hack).

The machine that Richards learned how to hack used beneath-the-surface software, known as firmware, designed in 2007. But a number of well-known vulnerabilities in that firmware have developed over the past decade.

Any of these hackers would quickly be able to identify and exploit the vulnerabilities in individual voting machines. But the best protection these machines have is their lack of connectivity. Machines such as the ones Georgia uses print individual tapes and do not connect to a larger network.

That makes it harder for hackers to access the machines. But not impossible.

Taking care to properly “store machines, set them up, [and] always have someone keeping an eye on machines,” [CyberScout consultant Eric Hodge] said, can mitigate a wide array of security problems.

Merely following suggestions such as Hodge’s (he consults with Kentucky’s Board of Elections) might protect the machines for the short run, but in the long run a determined hacker (or state-sponsored effort) will eventually beat security (many election workers tend to be older, retired and not so technology-savvy).

Once a vulnerability is found and an exploit is crafted, it could be packaged into the memory cards given to voters, or introduced by specific “voters” to infect the machines. Hackers are very ingenious about these things. Even if only 5 or 10 percent of voting machines in key districts are infected, that can swing an entire election.

Imagine how easy it would be for hackers to defeat an Internet-based election system?

The answer is found in that old saw:  a good offense is the best defense. We can’t just dust off election machines a few times a year, use them and pack them away. We must be at least as vigilant as Las Vegas casinos are with their slot machines.

I’m not shocked in the least.

Share

  • Facebook
  • Twitter
  • send Email
  • print Print

Advertisement

More Top Stories

How Game of Thrones Ended with a Quiet Thunder

It all came full circle. The beauty of Game of Thrones is at its core the characters. When the show was at its best it gave us windows into the fabulous personas that made the show special by letting …

Outraged by the ending of Game of Thrones? We’re here for you.

If you are one of the millions of fans outraged at last nights (less than) epic finale of “Game of Thrones,” you know you are not alone. Especially if you’ve spent any time on social …

Abortion Clinics To Alabama: Drop Dead

Alabama’s three abortion clinics are betting on an injunction that prevents the law from taking effect.