The hackable election?
- By Mark Rockwell
- Aug 31, 2016
With news of threats to the U.S. election system from foreign hackers, conversations about securing voting systems are taking on increasing importance.
Because the election system relies on disparate technologies run by states and municipalities that are potentially easy prey to a wide range of bad actors, additional protections are warranted, according to a new report from the Institute for Critical Infrastructure Technology.
Voting machines are nothing more than "stripped-down computers using outdated operating systems possessing every conceivable vulnerability that a device can have," the report states.
According to the authors, a hack would not have to affect a wide range of systems. Targeting only a few systems in a swing state could be enough to alter the outcome of a national election.
In addition, the candidates present a tempting electronic target via social media, websites and other online and electronic assets. A hacktivist or someone with a bad attitude and a little know-how could cause a major disruption during an election with a well-placed denial-of-service or man-in-the-middle attack, according to the report.
Phishing email messages could open the door to all of that, as could supply-chain insiders. An employee at election machine and technology manufacturers could illegally access the machines at storage sites.
Voting machines have been vulnerable for some time, according to the report. In 2007, California officials asked 42 researchers to do penetration testing of machines made by Diebold, Hart InterCivic and Sequoia Voting Systems. The researchers said they were struck by the banality of the many critical flaws and vulnerabilities they found, which showed a pervasive lack of consideration for even basic security measures.
Click here to read the full report.
This article was first posted to FCW, a sister site to GCN.
Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.
Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.
Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.
Click here for previous articles by Rockwell.
Contact him at [email protected] or follow him on Twitter at @MRockwell4.