At the 26th Annual DEFCON Conference in Vegas last week, attendees were reminded of US election infrastructure being susceptible to ulterior motives, by an alarming video posted on Twitter.
https://twitter.com/RachelTobac/status/1029449569266884608
Rachel Tobac, CEO of SocialProof Security demonstrated on her Twitter status about the voting machines hacked in under two minutes. SocialProof Security provides assessments for social engineering based security. Social engineering involves tricking people into giving up information that lets hackers bypass physical and computer security systems. It’s most commonly done with a simple phone call, talking to a tech support agent into resetting a password or getting information about a company’s network by asking an unwary staffer few leading questions.
Tobac explained that accessing the voting machine’s admin function is synonymous toopening the hood of a car with a release button, unplugging the card reader, picking a lock and turning on a machine with a ballpoint pen.
The model of voting machine used was the Premier AccuVote TS or TSX which is used in more than 18 states for elections.
Jack Braun, organizer of the Voting Village commented to the Wall Street Journal, “This is not the cyber mature industry.”
While the National Association of Secretaries of State, one of the biggest providers of election supplies in the US, issued a statement discrediting the hackers: “Our main concern with the approach taken by DEFCON is that it uses a pseudo environment which in no way replicates state election systems, networks, or physical security,” it said.
“Providing conference attendees with unlimited physical access to voting machines,” NASS said, “does not replicate accurate physical and cyber protections established by state and local governments before and on Election Day.”
This is the second year in a row where DEFCON have hacked election systems with the Voting Village. Other experiments included an 11 year girl old hacking a replica of Florida secretary of state website and changing the results in 10 minutes.
There were suggestions to use blockchain based voting systems to maintain the integrity of elections. Regardless of its implementation this is an area of concern and should be addressed to alleviate tampering of future elections.
7 Black Hat USA 2018 conference cybersecurity training highlights: Hardware attacks, IO campaigns, Threat Hunting, Fuzzing, and more
DCLeaks and Guccifer 2.0: How hackers used social engineering to manipulate the 2016 U.S. elections
Twitter allegedly deleted 70 million fake accounts in an attempt to curb fake news
Unlock access to the largest independent learning library in Tech for FREE!
Get unlimited access to 7500+ expert-authored eBooks and video courses covering every tech area you can think of.
Renews at $19.99/month. Cancel anytime
United States
United Kingdom
India
Germany
France
Canada
Russia
Spain
Brazil
Australia
Argentina
Austria
Belgium
Bulgaria
Chile
Colombia
Cyprus
Czechia
Denmark
Ecuador
Egypt
Estonia
Finland
Greece
Hungary
Indonesia
Ireland
Italy
Japan
Latvia
Lithuania
Luxembourg
Malaysia
Malta
Mexico
Netherlands
New Zealand
Norway
Philippines
Poland
Portugal
Romania
Singapore
Slovakia
Slovenia
South Africa
South Korea
Sweden
Switzerland
Taiwan
Thailand
Turkey
Ukraine
