Attacks/Breaches

10/17/2016
07:50 AM
Carson Sweet
Carson Sweet
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Hacking Voting Systems: A Reality Check

Can democracy be hacked? Yes, but not in the way you might think.

Can the national election really be hacked? Anything is possible, but the likelihood of votes being changed is far lower than other methods of thwarting a fair and complete vote. First, we need to clarify the word "hacked." If you’re hacking the vote, what are you trying to achieve?

An attacker might try to influence the outcome of the voting process by compromising voting machines — something that’s improbable but not impossible. It would also be an extremely costly, high-risk, and incredibly complicated endeavor that would have to be executed flawlessly without detection within a very short window.

However, we’re not out of the woods. Attackers have lower-risk, lower-cost ways to influence the outcome of an election than trying to rewire voting machines to change votes.

Let’s have a look at what it would take to hack the vote, and then consider the other possibilities.

Current US Voting Infrastructure
Most voting technology in use today is either fundamentally paper-based or uses a paper backup to direct recording electronic (DRE) systems. Doing a bit of research, one can learn that about 14% of electoral votes are in swing states where some percentage of voting machines are DRE without a paper backup — specifically Florida, Virginia, and Pennsylvania. But even in those cases, some paper ballots and DRE with paper backups are in use. Only one state, Louisiana (which has eight electoral votes), uses DRE with no paper backup at all. This means that irregularities in vote counts, either by compromising the voting machine or election management software (the "back end" to voting machines), would be recognized in spot checks or manual verification counts, which many states still perform.

Hacking into Voting Machines
Physical access to a voting machine is usually needed to compromise it. Replacing a chip in a voting machine with "seven minutes and a screwdriver" has been demonstrated, but from the practical perspective of an attacker, the number of machines and types of machines would be prohibitive to meaningful subversion.

As of this writing, there are over a dozen voting machine manufactures worldwide, each having multiple versions of multiple products. A broad compromise of the voting system would require a large number of different compromises being developed for each version of each vendor product in use, and then having a person with a screwdriver and seven minutes to get to a critical mass of them.

The devices themselves could be better (e.g., meeting FIPS standards for the physical security of critical cryptographic devices) but in the context of Election Day, the physical security of voting systems is very tight and the machines are protected with tamper-detecting seals. The cost, logistics, and risk of failure are very high. And then there's getting all your cronies to keep their mouths shut about it — and good luck there.

So the voting process is safe and sound, right? 

Not exactly.

Is Democratic Doomsday a Possibility?
If I were somehow swayed by a mind-control device to develop a strategy for hacking the vote, my approach would be to disrupt voting in the swing states and other key voting areas by compromising online voter databases well before the election. Federal law requiring voter records to be unified online actually make this easier for an attacker because there's only one place to go per state (for instance, California's VoteCal system).

Ponder what would happen if an attacker were able to separate physical signatures from the voter records. Or perhaps randomly scramble the last six digits of someone's Social Security number. Or mark a significant number of voters as deceased. Or some combination of the above tactics, along with others.

If done too broadly, this would cause pandemonium at a voting site. But with the right amount and consistency, blame could land on bad administration or voters who misregistered. By invalidating the ability for my opponent's voters to cast their ballots, I could significantly and broadly disrupt voting and their overall voting count. Let's face it...have you logged in to verify that all your voter registration data is correct?

So, is the esoteric scenario of foreign agents infiltrating voting sites nationwide in the first hours of Election Day a probability? No.

Is our voting system safe? Also no.

We're not on the brink of democracy's digital implosion, but we have a lot of work left to do. In any case, it's about much more than just the voting machines, so let's not get myopic and lose track of the bigger picture.

Related Content:

 

Carson Sweet is co-founder and chief technology officer for CloudPassage. As founding CEO, Carson led the team that created Halo, the patented security platform that changes the way enterprises achieve infrastructure protection and compliance. Carson's information security ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
ted90
50%
50%
ted90,
User Rank: Guru
10/21/2016 | 9:59:53 AM
192.168.1.1
was looking for this information, add your site to your favorites!
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
10/17/2016 | 4:07:57 PM
Just because it's hard...
Just because it may be hard doesn't mean it isn't/hasn't been happening.  There are numerous reports of machines that HAVE been so compromised and have behaved erratically in favor of or actively against various candidates.

That said, it is spot on to observe that the less techy/non-tech sides of our voting systems are so fraught with social-engineering vulnerabilities that really the whole thing is a mess.
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20161
PUBLISHED: 2018-12-15
A design flaw in the BlinkForHome (aka Blink For Home) Sync Module 2.10.4 and earlier allows attackers to disable cameras via Wi-Fi, because incident clips (triggered by the motion sensor) are not saved if the attacker's traffic (such as Dot11Deauth) successfully disconnects the Sync Module from the...
CVE-2018-20159
PUBLISHED: 2018-12-15
i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled. It has an upload feature that allows an authenticated user with the administrator role to upload arbitrary files to the main website directory. Exploitation involves uploading a ".php" file within a "...
CVE-2018-20157
PUBLISHED: 2018-12-15
The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files.
CVE-2018-20154
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses.
CVE-2018-20155
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings.