Hackers could have easily infiltrated US voting machines in 2016 and are likely to try again in light of vulnerabilities in electronic polling systems, a group of researchers said Tuesday.
report with detailed findings from a July hacker conference which
demonstrated how voting machines could be manipulated concluded that
numerous vulnerabilities exist, posing a national security threat.
researchers analyzed the results of the “voting village” hacking
contest at the DefCon gathering of hackers in Las Vegas this year, which
showed how ballot machines could be compromised within minutes.
machines were pretty easy to hack,” said Jeff Moss, the DefCon founder
who presented the report at the Atlantic Council in Washington. “The
problem is not going away. It’s only going to accelerate.”
report said the DefCon hack was just the tip of the iceberg — with
potential weaknesses in voter databases, tabulating software and other
parts of the system.
The researchers said most voting machines
examined included at least some foreign-manufactured parts, raising the
possibility that malware could be introduced even before the devices are
“This discovery means that a hacker’s point-of-entry
into an entire make or model of voting machine could happen well before
that voting machine rolls off the production line,” the report said.
an ability to infiltrate voting infrastructure at any point in the
supply chain process, then the ability to synchronize and inflict
large-scale damage becomes a real possibility.”
– No certainty on 2016 –
Hursti, a researcher with Nordic Innovation Labs and a co-author of the
report, said it’s impossible to say with certainty if votes were
tampered with in 2016 because many systems “don’t have the capacity” to
The report said five US states operate entirely on
paperless systems which have no paper trail to be reviewed and another
nine states are partially paperless.
“The only way to know is if the hacker tells you,” he said, adding that “it can be done without leaving tracks.”
Lute, former US ambassador to NATO who presented the report, said in a
forward to the report that the findings highlight “a serious national
security issue that strikes at the core of our democracy.”
some researchers in the past have shown individual machines could be
breached, this report suggests a range of vulnerabilities across a range
of hardware, software and databases.
“What the report shows is
that if relative rookies can hack a voting system so quickly, it is
difficult to deny that a nefarious actor — like Russia — with unlimited
time and resources, could not do much greater damage,” said University
of Chicago cybersecurity instructor Jake Braun, another co-author.
threat becomes all the more grave “when you consider they could hack an
entire line of voting machines, remotely and all at once via the supply
chain,” he added.
In presenting the findings, the researchers
said members of the DefCon hacker community would work with academics
and security researchers in a new coalition aimed at improving election
Πηγή : securityweek