Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Researchers Demonstrate Voting Machine Hack

Despite several security alerts and research papers published in the past years, some of the voting machines used in the United States presidential election are still vulnerable to hacker attacks.

Despite several security alerts and research papers published in the past years, some of the voting machines used in the United States presidential election are still vulnerable to hacker attacks.

Security firm Cylance has published a video showing how an attacker with physical access to Sequoia AVC Edge Mk1 voting machines can use a PCMCIA card to reflash the device’s firmware and manipulate the voting tallies in memory. This attack method can also be used to tamper with systems designed to ensure that voting results are valid.

The affected Sequoia voting machine, which has been known to have significant security weaknesses, will be used in several states by millions of voters, Cylance noted. The company has not disclosed any technical details of the hack, but it claims to have notified the vendor and government authorities.

A few weeks ago, Symantec researchers also showed how direct-recording electronic (DRE) voting machines can be hacked by someone with physical access. Polling stations that use these types of machines give voters special chip cards they can use to cast their vote.

However, experts warned that these cards can be hacked with a $15 device, allowing attackers to reset the card and use it to cast more than one vote, or program the card to cast multiple votes at once.

While these types of attacks are not easy to carry out in a real-world scenario, especially on a wide scale, the fact that voting machines can be hacked can cast doubt on the validity of election results.

Cylance said it disclosed the voting machine vulnerabilities to raise awareness and encourage authorities to take the proper physical security measures to prevent incidents. However, others see it as a PR stunt and some even believe this type of disclosure can do more harm than good.

Hacking the elections via remote attacks

Advertisement. Scroll to continue reading.

While local attacks against voting machines are a possibility, the United States government is more concerned about remote attacks, particularly ones launched by state-sponsored threat actors.

This presidential election has been targeted from several angles. Hackers have attacked voter registration databases and the systems of the Democratic Party, both campaigns being attributed to the Russian government. Moscow has also been accused of trying to interfere with the election through data leaks.

Flashpoint researchers believe WikiLeaks may have wittingly or unwittingly become a pawn of the Russian government, especially since some of the information it published recently on Hillary Clinton and the Democratic Party allegedly comes from Guccifer 2.0, which experts believe is a persona used by Russian state-sponsored hackers.

The United States has officially accused Russia of being behind the attacks with the intent of interfering with the presidential election, and vowed to respond. According to some reports, U.S. military hackers have already broken into Russia’s critical systems and may leverage this access if needed.

Flashpoint also reported on Monday that less sophisticated actors had used Mirai botnets to launch distributed denial-of-service (DDoS) attacks against the websites of presidential candidates Hillary Clinton and Donald Trump. However, none of the targeted sites suffered outages as a result of these attacks.

Despite growing cybersecurity threats, U.S. officials said they have confidence in the integrity of electoral systems.

“The U.S. election landscape is made up of approximately 9,000 different state and local jurisdictions, providing a patchwork of laws, standards, processes, and voting machines. This environment is a formidable challenge to any actor — nation-state or not — who seeks to substantially influence or alter the outcome of an election,” said Ian Gray, cyber intelligence analyst at Flashpoint. “Doing so would require mastering a large number of these disparate cyber environments and finding a multitude of ways to manipulate them. An operation of this size would require vast resources over a multi-year period — an operation that would likely be detected and countered before it could come to fruition.”

“Russia can most likely achieve a more reliable outcome with fewer resources not by attacking the election infrastructure directly, but rather by organizing a disinformation campaign attacking confidence in the election itself,” Gray added.

Related: Electronic Voting – The Greatest Threat to Democracy

Related: Ecuador Says it Cut Assange Internet Over US Election Leaks

Related: Researcher Arrested For Hacking Elections Websites

Related: Russian Hackers Target Cash Before Politics

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

An engineer recruited by intelligence services reportedly used a water pump to deliver Stuxnet, which reportedly cost $1-2 billion to develop.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.