We live in the age of technology and every aspect of our life is evolving. Technology is present everywhere and while this provides numerous advantages, it can also become a major weak spot. The best example is the upgrade of the voting process in the US. It made things easier for voters, but it soon became clear that the voting machines are vulnerable pieces of electronic equipment that require the attention of government officials.
Security experts gave out several warnings and earlier this year we have announced that the security of the voting system represents a priority for our country. In the words of Jeh Johnson, Secretary of Homeland Security, “Given the vital role elections play in this country, it is clear that certain systems and assets of election infrastructure meet the definition of critical infrastructure, in fact and in law.”
However, despite the government’s best intentions, the 25th annual DEF CON computer security conference was an eye-opener for national security. The convention, held in July, in Las Vegas, proved just how simple it is to interfere with the voting machines and it managed to expose all their exploitable parts.
The hacker conference
The hackers present at DEF CON conference were allowed to test the vulnerabilities of the voting machines. And the results were disastrous. Thirty voting machines were tested and they all had massive weaknesses. It only took about half an hour for hackers to hack some of these machines.
These results are truly alarming, especially after the last controversial US elections. The vulnerabilities of the voting machines can be exploited by rival states, or by presidential nominees, a terrifying prospect since many people already worry that the US cannot meet the standards for election integrity.
Hacking the machines was possible thanks to numerous weaknesses overlooked by vendors and government officials. First of all, many hackers pointed out that many machines had rudimental software that desperately needs upgrading. Some of them were relying on 20 years old technology.
Another exploitable spot was the Wi-Fi connectivity built-in to the system. In other cases, the machines had physical vulnerabilities. Malicious software was easily installed by using the USB ports.
Regardless of the things that allowed hackers to exploit the machines, what truly matters is the fact that none of the voting machines proved to be foolproof and this is something that should concern our nation’s infrastructure.
Now that we have an actual proof regarding the vulnerability of the election system, one question remains “What should we do?”. Given the fact that security experts have always predicted the inevitable hacking of these machines, it is probably best that we listen to what they have to say.
The first step may sound a bit irrational, but we must accept the flaws of technology and acknowledge that we will never have a perfect election machine. Realizing that is the first step towards improving our system.
There are many ways to enhance the performance of voting machines, besides improved security policies and protocols. Vendors should also take responsibility for their devices. Sequoia, Winvote, Diebold and many others are the leading vendors and refine their products and also impose the basic security steps: multi-factor authentication, patches, updating software.
The entire voting mechanism needs an upgrade, with advanced data protection that will secure the votes and the personal information of the voters. And besides that, we also need to be prepared for the inevitable hack. A special type of defense is needed so that no one will be able to interfere with US elections.