Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Man-in-the-Middle Attacks on Voting Machines: Vote Early, Often, and Why Not Vote Remotely?

Hacking Electronic Voting Machines via Man-in-the-Middle Attacks

Hacking Electronic Voting Machines via Man-in-the-Middle Attacks

With election day fast approaching in many states, researchers from the Vulnerability Assessment Team (VAT) at Argonne National Laboratories have produced a video (embedded below) that demonstrates “simple, non-cyber, man-in-the-middle attacks” on the Diebold Accuvote TS electronic voting machine. Using parts that cost $10, researchers Roger Johnston and Jon Warner inserted custom hardware into the Diebold AccuVote TS that could read the touchscreen vote as well as alter the stored information. Changing electronic votes is not new. What’s novel is that with an additional $16 remote control, the team was able to perform a man-in-the-middle attack from up to a half mile away.

Diebold AccuVote TS Hacking“The level of sophistication needed was that of an eighth grade science project,” said Warner.

Previously the same team, described on their site as “a multi-disciplinary team of physicists, engineers, hackers, and social scientists,” demonstrated similar flaws on Sequoia Voting Solutions machines.

After the contentious 2000 presidential election, various elections commissions studied the problems in counting the final vote in several states. In December 2005, the US Election Assistance Commission adopted what are known as the Voluntary Voting System Guidelines (VVSG). These guidelines sought to establish a minimum security standard for voting systems including electronic voting systems. The VVSG took effect in 2007.

Apparently the word “voluntary” has been taken too liberally as relatively simple hacks are still possible today.

The Diebold AccuVote-TS voting system in particular is no stranger to controversy. In 2004, California Secretary of State Kevin Shelley de-certified the Diebold AccuVote-TS machines after fraud was found in both Alameda and San Diego Counties. In 2007, the new California Secretary of State, Debra Bowen, commissioned “red team” researchers for a “Top to Bottom” evaluation of all the voting machines in her state—including optical scanners and punch cards. Companies included in that survey wee Diebold Election Systems, Hart InterCivic, Sequoia Voting Systems and Elections Systems and Software, Inc. In the end, all units—including the AccuVote-TS–were found not to meet the VVSG, were vulnerable to attack, and were de-certified from continued use until the known issues were resolved.

Even if a given voting machine is certified at the election office, voting machines are often shipped to the polling stations several days in advance of an election. It is in this period of time–when the machines are outside the election office, stored in schools, libraries, and even homes–that tampering may occur. Certainly $26 would be a trivial amount to a desperate campaign.

Previously Princeton researcher J. Alex Halderman and others have shown how easy it is to open electronic voting machines such as the Diebold AccuVote TS. In some cases researchers have found the physical key was generic across all the different machines—in some cases, you could order them online. And there was a whole traning session at the this year’s Black Hat in Las Vegas dedicated to removing tamper-proof seals so as not void the warranty.

Advertisement. Scroll to continue reading.

This is a sorry state. In the decade since the 2000 presidential elections, voting technology has not aggressively pursued security. Much of the controversy has focused on the requirement of paper receipts: advocates say it guards against vote tampering, and opponents claim privacy violations. The researchers at Argonne National Laboratory remind us that more basic concerns—interrupting the circuitry—remains a concern, with or without paper receipts.

Note: In 2006, Diebold changed its voting systems to Premiere Election Solutions and in September 2009, that Premiere subsidiary was sold to Election Systems and Software, which now markets the AccuVote product line.

Related Reading: Hacking Internet Connected HDTVs

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.