Security Experts:

Connect with us

Hi, what are you looking for?



Man-in-the-Middle Attacks on Voting Machines: Vote Early, Often, and Why Not Vote Remotely?

Hacking Electronic Voting Machines via Man-in-the-Middle Attacks

Hacking Electronic Voting Machines via Man-in-the-Middle Attacks

With election day fast approaching in many states, researchers from the Vulnerability Assessment Team (VAT) at Argonne National Laboratories have produced a video (embedded below) that demonstrates “simple, non-cyber, man-in-the-middle attacks” on the Diebold Accuvote TS electronic voting machine. Using parts that cost $10, researchers Roger Johnston and Jon Warner inserted custom hardware into the Diebold AccuVote TS that could read the touchscreen vote as well as alter the stored information. Changing electronic votes is not new. What’s novel is that with an additional $16 remote control, the team was able to perform a man-in-the-middle attack from up to a half mile away.

Diebold AccuVote TS Hacking“The level of sophistication needed was that of an eighth grade science project,” said Warner.

Previously the same team, described on their site as “a multi-disciplinary team of physicists, engineers, hackers, and social scientists,” demonstrated similar flaws on Sequoia Voting Solutions machines.

After the contentious 2000 presidential election, various elections commissions studied the problems in counting the final vote in several states. In December 2005, the US Election Assistance Commission adopted what are known as the Voluntary Voting System Guidelines (VVSG). These guidelines sought to establish a minimum security standard for voting systems including electronic voting systems. The VVSG took effect in 2007.

Apparently the word “voluntary” has been taken too liberally as relatively simple hacks are still possible today.

The Diebold AccuVote-TS voting system in particular is no stranger to controversy. In 2004, California Secretary of State Kevin Shelley de-certified the Diebold AccuVote-TS machines after fraud was found in both Alameda and San Diego Counties. In 2007, the new California Secretary of State, Debra Bowen, commissioned “red team” researchers for a “Top to Bottom” evaluation of all the voting machines in her state—including optical scanners and punch cards. Companies included in that survey wee Diebold Election Systems, Hart InterCivic, Sequoia Voting Systems and Elections Systems and Software, Inc. In the end, all units—including the AccuVote-TS–were found not to meet the VVSG, were vulnerable to attack, and were de-certified from continued use until the known issues were resolved.

Even if a given voting machine is certified at the election office, voting machines are often shipped to the polling stations several days in advance of an election. It is in this period of time–when the machines are outside the election office, stored in schools, libraries, and even homes–that tampering may occur. Certainly $26 would be a trivial amount to a desperate campaign.

Previously Princeton researcher J. Alex Halderman and others have shown how easy it is to open electronic voting machines such as the Diebold AccuVote TS. In some cases researchers have found the physical key was generic across all the different machines—in some cases, you could order them online. And there was a whole traning session at the this year’s Black Hat in Las Vegas dedicated to removing tamper-proof seals so as not void the warranty.

This is a sorry state. In the decade since the 2000 presidential elections, voting technology has not aggressively pursued security. Much of the controversy has focused on the requirement of paper receipts: advocates say it guards against vote tampering, and opponents claim privacy violations. The researchers at Argonne National Laboratory remind us that more basic concerns—interrupting the circuitry—remains a concern, with or without paper receipts.

Note: In 2006, Diebold changed its voting systems to Premiere Election Solutions and in September 2009, that Premiere subsidiary was sold to Election Systems and Software, which now markets the AccuVote product line.

Related Reading: Hacking Internet Connected HDTVs

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.


GoAnywhere MFT users warned about a zero-day remote code injection exploit that can be targeted directly from the internet