Experts: Hackers will crack election systems

By Steve Elwart

The result of an election will be changed by hackers, the only question remaining for an online security expert is which election will it be.

“I’m somewhat surprised it hasn’t happened yet,” said Stephen Cobb, a security evangelist for ESET-North America, an IT security company, in a recent article by Dark Reading, a website for security professionals.

Hacktivist groups like Anonymous and LulzSec are growing more sophisticated every day with their use of new collaborative hacking techniques, such as “crowdsourcing.” Meanwhile, voter databases are increasingly being put online on state and local computer systems that are often insecure and administered by part-time IT personnel.

“If big, Internet-based companies like Yahoo, LinkedIn, or Sony can fall to hackers, then, yeah, big government databases and local authorities who actually administer the election process can be hacked,” said Cobb.

While the voter databases carry mostly innocuous information, such as name and address, a hacktivist group could create havoc in an election if it was able to make changes to a database.

A hacker could, for example, switch the address of a person on a voting roll, putting him in a different precinct than where he actually lives. The switch could be done close to the election and could very well not be noticed until the day of the vote. By then it would be too late, and the person would be ineligible to vote.

Combining a voting database with other database information, such as those collected by supermarkets, coupon offers and consumer polling data, hackers could target an area for disenfranchisement by simply looking at the demographic breakdown of a voting precinct.

In a close race, as this presidential contest is shaping up to be, shifting the election turnout in a few precincts in a swing state such as Ohio could change the outcome of an  election. One only needs to look at the 2000 election results in Florida to see how the voting results in one or two precincts would have given the country President Gore.

In the 2008 senatorial race in Minnesota, Al Franken won by 312 votes, the equivalent of one precinct. Tampering with just one machine could have changed the outcome of the election.

Such a scenario is not fanciful. With states such as Washington and Maryland putting voter registration data online, the threat is all too real.

“Any system that is networked, especially to the Internet, is inherently vulnerable to attacks on its availability, and the confidentiality and integrity of its data,” said Steve Santorelli, director of global outreach for the security research group Team Cymru.

According to Hugh Thompson, program committee chairman for RSA Conference, one of the biggest dangers of voting-related cybercrime is its undermining of voter confidence.

“Interestingly, the wrong person winning is not the worst thing that can happen,” he said. “The real worst case is a hacker proving that the vote was compromised and ultimately undermining the entire voting process.”

Many political observers are already saying that this election could be even more contentious than the 2000 contest without the added complexity of electronic voter fraud. The new reality is that a candidate may not have to just win an election but win it convincingly enough to avoid a challenge in court.

If a hacktivist group were to prove that its activities changed the outcome of the presidential election, it could throw the legitimacy of the outcome of all levels of election results into question.

Already Democratic operatives are paving the way for a challenge to the presidential election results. Their talking point is that their polls show that Barack Obama has the votes to win the presidency, and if he loses, it has to be on account of voter fraud.

Should such a challenge occur, many municipalities and even states don’t have mechanisms in place to handle a case of massive voting fraud.

Would there be a recount? Would the election be thrown out and done again? Most governing entities are not ready for that kind of scenario.

“It would impact the stock market and erode confidence in the entire system, which is a real motivator for organizations that want to attack critical infrastructure,” said Thompson.

“For the first time, technology is allowing groups of disgruntled people to become empowered. These groups are organized, collected, and collaborative, with a means to get their message and point across through scenario attack tools, like DDoS (Distributed Denial of Service attacks), that were not possible in 2008,” he said.

While these vulnerabilities are well known, some security experts believe they are difficult to take advantage of.

Many of the systems have multiple copies of the voting database stored in several locations and can be compared for discrepancies. This would keep the casual hacker, called a “script kiddie,” from doing damage, but it is not beyond the capability of a sophisticated hacktivist group such as Anonymous or a government.

A country such as Iran or China has the money and manpower to launch such an attack. China is recruiting millions of its own people to form a cyber army, and Iran is conducting schools in “Cyber Jihad,” training a generation of Muslim radicals on how to cripple a country with a mouse click.

It is not only the databases that are vulnerable, the voting machines themselves have problems of their own. The problems with the voting machines become more acute as more and more people vote electronically. About 30 percent of all voters will use electronic machines

It is important to note that voting machines aren’t much different than regular consumer computers. Many of them run on the Windows operating system and are susceptible to many of the same types of vulnerabilities their cousins in the home or office are exposed to. Known exploits or weaknesses such as weak passwords, poor password protection and buffer overflows can be used to compromise voting machines.

Researchers at Argonne National Laboratory outside of Chicago have determined that electronic voting machines can be easily manipulated, casting doubt on their security and effectiveness.

The group used a attack method called the “man in the middle” in which data communication from one machine to another is interrupted by a hacker and only the information he wants to go through is allowed passage.

If the data stream, the polling result, favors a candidate the hacker wants, the data is allowed to go through. If not, the data could be intercepted and sequestered.

The Argonne group used a small remote control device to control the data coming from the machine.

The vulnerability assessment team believes that even a talented teenager could hijack a voting machine with hacking equipment that could be built for $26.

“I think our view of the voting machines we’ve looked at is that there really isn’t much security thought put into these devices,” according to Roger Johnston, head of Argonne’s Vulnerability Assessment Team.

One of the problems facing election officials is the fact that there are very few ways to publicly verify the security claims offered by e-voting system manufacturers.

Most electronic voting machine manufacturers practice “security by obscurity,” using proprietary software for their machines. While it may make a hacker work harder to crack the machine originally, it also makes it very difficult to verify the system’s integrity.

In a video, researchers Roger Johnston and Jon Warner from Argonne National Laboratory’s Vulnerability Assessment Team demonstrate three of the techniques a hacker can take control of an electronic voting machine by attaching a piece of “alien electronics” into the machine’s circuit board.

The video, linked here, shows how a hacker could input data into a machine no matter what the voter enters. When a voter presses the “vote now” button, the screen will momentarily go blank. During this time, the hacker could enter his own information remotely into the machine.

Johnston explained: “When the voter hits the ‘vote now’ button to register his votes, we can blank the screen and then go back and vote differently and the voter will be unaware that this has happened.”

The researchers explain that because of the ease in which the machines can be hacked, they not only need to be designed to be more secure, the physical security around the machines needs to be improved.

“Spend an extra four bucks and get a better lock,” Johnston said. “You don’t have to have state-of-the-art security, but you can do some things were it takes at least a little bit of skill to get in.”

Steve Elwart

Steve Elwart, P.E., Ph.D., is the executive research analyst with the Koinonia Institute and a subject matter expert for the Department of Homeland Security. He can be contacted at [email protected]. Read more of Steve Elwart's articles here.


Leave a Comment