Hackers could target voting machines to swing the election

Published: Aug. 9, 2016 at 8:21 AM EDT
Email This Link
Share on Pinterest
Share on LinkedIn

Tech experts are sounding the alarm about the upcoming presidential election saying some voting machines are at risk of being hacked.

First, the Democratic National Committee was hacked. Now, a tech expert says it’s possible for hackers to swing the U.S. election.

George Kurtz, CEO of CrowdStrike, says, “I think a hacked U.S. election could tip the balance to one candidate or another.”

Over the last few months, hacking and politics have become a dangerous combination, with the DNC and Clinton campaign getting hacked.

We’re here in Las Vegas for Black Hat – it’s a conference where the best hackers in the world get together to talk security. While there’s no indication an election or the voting process has ever been hacked, we decided to ask if it were even possible.”

(Laurie Segall/ CNNMoney Senior Tech Correspondent) “You guys were pulled in to help the DNC figure out whether or not they were hacked. You did figure out that they had in fact been hacked. And all signs point to Russia. What are the implications of this?”

(George Kurtz/ CEO, CrowdStrike) “I think this is really a bit of a watershed event. 40 years ago we had Watergate, right? And that’s where you had a couple of boxes of files that were stolen. Now we’re talking about 20 thousand, 30 thousand files that are being dumped on the internet.”

(Laurie Segall/ CNNMoney Senior Tech Correspondent) “Do you worry that there are other state actors sitting in on some very important internal conversations pertaining to the U.S. election?”

(George Kurtz/ CEO, CrowdStrike) “It’s 100% certainty. There’s not even a doubt in my mind that there’s other actors out there that have yet to be found. It’s too big of an opportunity for them, it’s too easy to get in.”

But it goes beyond the campaigns being vulnerable. What about the actual machines we use to vote?

A security firm called Symantec actually purchased a couple of electronic voting machines on eBay to see how secure they really are.

Now, you have to remember that there’s a ton of different types of voting machines out there. And each U.S. county uses what they feel works, including electronic and optical scanning devices, and about 75 percent of the country make their choice on plain old paper.

In this particular case, they say they found some major issues. Here’s their perspective.

Brian Varner, Senior Researcher at Symantec, said, “So what we’re seeing is what a voter would be presented with when they go into a precinct. When you get your voter identification card, which is a smart card, and you would insert it into the machine, and then go ahead and start your voting process.”

“With the smart cards running small little computer systems on there, a device as tiny as this could be used to manipulate the smart card to allow you to vote multiple times.”

(Laurie Segall/ CNNMoney Senior Tech Correspondent) “So the idea behind this – anyone who is able to get their hands on the cards that are going to be used, if they have the technical skills, they can essentially build what you just built, which allowed them to go cast their vote as many times as possible.”

(Brian Varner/ Senior Researcher, Symantec) “I can probably put about four hundred votes in myself in less than a couple minutes and the poll workers would be none the wiser.”

(Laurie Segall/ CNNMoney Senior Tech Correspondent) “Take us through what happens after you submit your vote. What are other ways that this could be vulnerable?”

(Brian Varner/ Senior Researcher, Symantec) “These devices have to communicate with some sort of database system. We don’t know what the transport network looks like between this machine and the actual database server. So anywhere along that path, if a hacker was to have something installed then the communications could be intercepted.”

(Laurie Segall/ CNNMoney Senior Tech Correspondent) “Given all this research, what would you say is safer; electronic voting or voting on paper?”

(Brian Varner/ Senior Researcher, Symantec) “Well I can tell you this year I will be voting via paper with a mail-in ballot.”

(Laurie Segall/ CNNMoney Senior Tech Correspondent) “As someone who is knee-deep in the vulnerabilities, you always see the worst could happen. What keeps you up at night?”

(Brian Varner/ Senior Researcher, Symantec) “A compromised election.”

Varner says he doesn’t believe we’re that close to a compromised election yet, but he does want to raise awareness of these types of vulnerabilities. What I did hear from these guys, is that even if one voting machine is perceived as compromised, that has broad implications in how the American public will view the political process.”