The hackable election?

The hackable election?

With news of threats to the U.S. election system from foreign hackers, conversations about securing voting systems are taking on increasing importance.

Because the election system relies on disparate technologies run by states and municipalities that are potentially easy prey to a wide range of bad actors, additional protections are warranted, according to a new report from the Institute for Critical Infrastructure Technology.

Voting machines are nothing more than "stripped-down computers using outdated operating systems possessing every conceivable vulnerability that a device can have," the report states.

According to the authors, a hack would not have to affect a wide range of systems. Targeting only a few systems in a swing state could be enough to alter the outcome of a national election.

In addition, the candidates present a tempting electronic target via social media, websites and other online and electronic assets. A hacktivist or someone with a bad attitude and a little know-how could cause a major disruption during an election with a well-placed denial-of-service or man-in-the-middle attack, according to the report.

Phishing email messages could open the door to all of that, as could supply-chain insiders. An employee at election machine and technology manufacturers could illegally access the machines at storage sites.

Voting machines have been vulnerable for some time, according to the report. In 2007, California officials asked 42 researchers to do penetration testing of machines made by Diebold, Hart InterCivic and Sequoia Voting Systems. The researchers said they were struck by the banality of the many critical flaws and vulnerabilities they found, which showed a pervasive lack of consideration for even basic security measures.

Click here to read the full report.

This article was first posted to FCW, a sister site to GCN.

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at mrockwell@fcw.com or follow him on Twitter at @MRockwell4.


inside gcn

  • IoT security

    A 'seal of approval' for IoT security?

Reader Comments

Thu, Sep 1, 2016

It wasn't the voting process that was hacked. It was the registration process. Suppose large numbers of registrations are deleted, or altered to make them invalid? Now, which candidate's likely votes would the Russians like to suppress? http://www.vox.com/2016/7/27/12271042/donald-trump-russia-putin-hack-explained You figure it out.

Thu, Sep 1, 2016 Eric

This election will not be the first one to be hacked, rigged, or manipulated, and sadly, it will not be the last.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group