Voters wait in line outside a polling place in Cincinnati (AP/John Minchillo)

Hacker conference demonstrates how easily voting machines can be compromised

Voting machine manufacturers swear their products are secure but DEF CON attendees showed otherwise


Matthew Sheffield
July 31, 2017 9:57PM (UTC)

Thus far, it does not appear that there have been any successful attempts to hack into America's many different voting systems but the attendees at last week's DEF CON security conference demonstrated that hacking a voting machine is definitely a real possibility.

“One thing that’s been very unfortunate in the way a lot of election officials have talked about the breaches is saying the phrase we have no evidence that X, Y, or Z happened,” Jake Braun, a discussion panel moderator at the conference told Politico. In truth, Braun says, "the real answer is they have no idea what happened, or of knowing."

Advertisement:

His point was perfectly proven during the conference which featured a collection of over 30 voting machines set up for hackers to play with. Before the conference had ended, every single one of them had been compromised. Some of them are older computers but others are still in active use, according to DEF CON founder Jeff Moss.

Some of the machines required some specialized equipment to break into but others required standard accessories like USB memory cards or storage devices. One of them, the Advanced Voting Solutions WINVote, just needed to have a keyboard connected, according to Gizmodo. Luckily, the WINVote was not used in the 2016 elections.

While there is no publicly available evidence that hackers, foreign or domestic, have ever compromised American voting machines, in June a Department of Homeland Security official revealed that attackers had gone after election-related computer systems in 21 states during the lead-up to the 2016 election. Secretaries of state in Arizona and Illinois have publicly disclosed that their systems had been compromised. In Illinois, hackers, believed to be affiliated with the government of Russia, managed to steal information on more than 90,000 voters. Some of those data records included drivers license numbers and the last four digits of citizens’ Social Security numbers.

The Intercept also reported in June that Russian military intelligence hackers had targeted a Florida-based election vendor called VR Systems with phished emails pretending to be from Google, according to a top-secret report that the publication had obtained. The company has officially denied that it was compromised by the attack.


Matthew Sheffield

A writer, web developer, and former tv producer, Matthew Sheffield covers politics, media, and technology for Salon. You can email him via m.sheffield@salon.com or follow him on Twitter.

MORE FROM Matthew Sheffield

Related Topics ------------------------------------------

Def Con Election Integrity Elections Hackers Hacking Technology Voting Machines Vr Systems

BROWSE SALON.COM
COMPLETELY AD FREE,
FOR THE NEXT HOUR

Read Now, Pay Later - no upfront
registration for 1-Hour Access

Click Here
7-Day Access and Monthly
Subscriptions also available
No tracking or personal data collection
beyond name and email address

•••


Fearless journalism
in your inbox every day

Sign up for our free newsletter

• • •