Hackers at Def Con break into voting machines to identify security flaws

Hackers will continue to probe the systems over the weekend in a bid to discover new vulnerabilities.

Def Con, one of the world’s largest security conventions, served as a laboratory for breaking into voting machines on 10 August, extending its efforts to identify potential security flaws in technology that may be used in the November US elections.

Hackers will continue to probe the systems over the weekend in a bid to discover new vulnerabilities, which could be turned over to voting machine makers to fix.

The three-day Las Vegas-based “Voting Village” also aimed to expose security issues in digital poll books and memory-card readers.

A man takes part in a hacking contest during the Def Con hacker convention in Las Vegas, Nevada, U.S. on July 29, 2017. REUTERS/Steve Marcus

A man takes part in a hacking contest during the Def Con hacker convention in Las Vegas, US, 2017. Image: Reuters

“We see a lot of value in doing things like this. We think it’s important,” said Jeanette Manfra, assistant secretary of cybersecurity and communications at the US Department of Homeland Security, in an interview.

“The idea is when we find things here, how do we connect them with the actual vendors and make sure that we are closing this loop back to a coordinated vulnerability disclosure process.”

Organizers have returned ahead of the November elections, in which Democrats hope to take control of the US House of Representatives. Trump’s national security team last week warned that Russia had launched “pervasive” efforts to interfere in the elections.

Voting machines are displayed in a Voting Machine Hacking Village during the Def Con hacker convention in Las Vegas, Nevada, U.S. on July 29, 2017. REUTERS/Steve Marcus

Voting machines are displayed in a Voting Machine Hacking Village during the Def Con hacker convention in Las Vegas, US, 2017. Image: Reuters

“These vulnerabilities that will be identified over the course of the next three days would, in an actual election, cause mass chaos,” said Jake Braun, one of the village’s organizers. “They need to be identified and addressed, regardless of the environment in which they are found.”

Participants will have a chance to hack into more than five types of voting machines from manufacturers including Elections Systems & Software and Dominion Voting.

Last year a Danish researcher figured out how to take control of a touchscreen voting system used through 2014 in a remote hack that organizers said could work from up to 1,000 feet away.

A hacker tries to access and alter data from an electronic poll book in a Voting Machine Hacking Village during the Def Con hacker convention in Las Vegas, Nevada, U.S. on July 29, 2017. REUTERS/Steve Marcus

A hacker tries to access and alter data from an electronic poll book in a Voting Machine Hacking Village during the Def Con hacker convention in Las Vegas, US, 2017. Image: Reuters

A group representing US secretaries of state lauded the goal of bolstering election security but warned that the findings might be skewed.

“It utilizes a pseudo-environment which in no way replicates state election systems, networks or physical security,” the National Association of Secretaries of State said in a statement.

Verified Voting, an advocacy group that helped organise the hacking village, said that some of the voting machine models being tested are still used to tally votes across the United States.

One system, the Dominion Premier/Diebold AccuVote TSx system, is used in 20 states and 23,784 precincts, according to Verified Voting.

Loading...



Top Stories


also see

science