At the DEF CON conference in Las Vegas this past weekend, conference attendees demonstrated just how terrifyingly easy it is to hack into the United States' voting systems, something that particularly resonates in light of potential Russian interference in last year's presidential elections.
At DEF CON, a worldwide hacking convention, a "Voter Hacking Village" was set up for conference attendees to see if they could hack U.S. voting machines electronically. All of the 30 machines featured in this simulation had been used during previous U.S. elections — most were purchased on eBay.
Unfortunately, for the sake of election security, attendees were seemingly able to hack the voting machines relatively easily and quickly. According to Forbes, co-organizer Matt Blaze characterized the machines as "horribly insecure." Indeed, in just a number of hours, many of the machines were indeed hacked, some physically and some wirelessly. While both forms of hacking are certainly disquieting, the latter wireless scenario is particularly disconcerting, as it means that someone could potentially access and alter election results without ever even having physical access to a voting machine.
As Newsweek reported, there were myriad means by which hackers at the conference were able to access the machines, as "some devices had remote ports, which could be used to insert devices with malicious software, others insecure WiFi connections, or outdated software such as Windows XP, rendering them exposed to hacking attacks." The Register, a British tech publication, noted that it only took hackers about 90 minutes to access some of the systems.
For hackers at Defcon hacking US voting machines was a piece of cake https://t.co/lw7SHhQDEa— Edoardo Tenani (@edoardotenani) July 31, 2017
According to CNET, many of the hackers present at the Voter Hacking Village said they wished to use the event to highlight the vulnerabilities in U.S. election machinery and hoped that their endeavors would lead to changes to election technology ahead of the 2020 presidential election.
Noted one attendee, Anne-Marie Hwang:
Blaze, one of the aforementioned co-organizers, added via Forbes:
As many news outlets pointed out, the vulnerabilities discovered by hackers at DEF CON are particularly worrisome in light of reports earlier this year that Russia may have tried to interfere in the 2016 presidential election — and following warnings from former FBI Director James Comey that foreign hackers "will be back" for future elections. As Forbes noted, hopefully the issues discovered by the DEF CON attendees will cause regulators of U.S. voting machinery to "take note" and shift to a system that is more secure.
Indeed, some voting security advocates, including Barbara Simmons of Verified Voting, believe that a return to marked paper ballots, coupled with post-election audits, constitutes the ideal way to addressing these issues and making sure votes are secure and untouchable by outside forces.
Hopefully the learnings from DEF CON will serve as an eye-opener to inspire regulators to take veritable action when it comes to increasing voting security, especially as the much-anticipated 2018 mid-term elections are rapidly approaching.