Vulnerabilities discovered in electoral counting machines in 23 states

Oct 8, 2018Elley
Learn more about 360 Total Security

Security researchers have found that there are 11 years of unpatched security vulnerabilities in the counting machines used in 23 states, making the counting machines vulnerable to hackers.

The M650 high-speed ballot scanner is manufactured by Election Systems & Software (ES&S), the leading electoral equipment supplier in the United States. A technical report pointed out that the vulnerability is the most serious vulnerability in voting equipment.

When talking about the M650, Jake Braun, one of the cybersecurity experts and organizers at the University of Chicago, said: “If someone exploits a vulnerability to crack a password and tries to adjust the number of votes, it may change the count of the entire county/state vote. The opinion of another organizer and researcher is that an infected disk can take over the entire electoral system.

Broun said that ES&S continues to support and serve the M650, which reflects the current state of the national voting equipment industry that many problematic ticket holders are still on the job.

Cybersecurity experts have long been concerned that the country’s outdated electoral infrastructure is vulnerable to attack, and this is an important factor in Russia’s ability to influence elections in 2016.

A report from the National Academy of Sciences in September urged that the electoral facilities need to implement the necessary reforms by 2020, including ongoing federal funding, because the elections are governed by states and related security measures are slow to change. Other recommendations include the lack of “human-readable” paper records for retired electronic machines and the need for reliable post-election review. The Republican Party’s leadership in Congress has recently hampered the process of adopting electoral reform legislation.

The researchers’ safety testing process was also in a slump, they received more than 30 voting devices and other machines for security testing, but they could test very limited content because the vendor refused to provide proprietary equipment. Policymakers at the National Security Agency and the Department of Homeland Security believe that the best way to ensure that equipment is elected is to have no hostile technicians attack it, but ES&S has rejected the proposal, and the current environmental exposure-specific technology will instead allow the election to be elected. Rebutted.

Learn more about 360 Total Security