Any information security professional will tell you, there is no way to guarantee absolute security in any system if an attacker is determined enough to breach it. So why would anyone think voting machines would be any different? Researchers at Argonne National Laboratory have shown that not only are the electronic voting machines that will be used today by more than 35 million people in over 20 states vulnerable to tampering, the feat can be accomplished with little in the way of technical savvy and with less than $30 worth of off-the-shelf components.
The method employed in the hack is a man-in-the-middle (MitM) attack in which the researchers implanted a type of microprocessor to monitor and control the communications between the voter interface and the primary systems in the targeted machine. The implanted device can later be removed and leave no forensic traces that the tampering ever took place.
"We used a logic analyzer. Digital communication is a series of zeros and ones. The voltage goes higher, the voltage goes lower. A logic analyzer collects the oscillating voltages between high and low and then will display for you the digital data in a variety of formats," explained Roger Johnston, head of Argonne 's Vulnerability Assessment Team.
"But there all kinds of way to do it. You can use a logic analyzer, you can use a microprocessor, you can use a computer--basically, anything that lets you see the information that’s being exchanged and then lets you know what to do to mimic the information," Johnson continued.
MitM attacks occur when malicious actors to insert themselves between the target and any system they attempt to communicate with, allowing the attackers to monitor the messages, intercept sensitive information, and - in this case - alter the data to manipulate the final vote count.
"Sometimes you block communications, sometimes you tamper with information, sometimes you just look at it and let it pass on through. That’s essentially the idea. Figure out the communications going on, then tamper as needed, including with the information being sent back to the voter," Johnson said.
Network security specialist Scot Terban told Security Bistro that MitM attacks can be difficult to combat, especially if there is a malicious insider involved in the operation. "The installation of hardware or software by rogue elements or insider attacks is a common issue. In the case of the Diebold voting machines as well as their lines of ATM's the possibilities of compromise vary," Terban said.
The key to the vulnerability in the voting machines Johnson's team tested is the absence of any form of encryption for the data being processed by the units, and he said that the skill and knowledge required to access and manipulate the communications is low-level at best. "I’ve been to high school science fairs where the kids had more sophisticated microprocessor projects than the ones needed to rig these machines," Johnson said.
"In the case of voting machines the US is still rather lacking in check and balance on hardware spot checks as well as chain of custody. This has been proven before by other penetration testers in past years concerning the MitM attacks that would be necessary to hack the vote. What the Argonne lab has pointed out is just another way to mod the systems if given access to them, and change people's votes on the fly," Terban said of the research.
Terban points out that security issues surrounding the hardware are just one part of a greater set of security risks around the voting machines and their use in our electoral process. "Diebold and others should design their systems with more tamper resistance and resiliency as well as allow an open source look into furthering their security. This though will not happen as Diebold and others keep their code proprietary, Terban continued.
While the method Johnson's team used requires physical access to the targeted machines both before the votes are cast and after to remove evidence of fraud, other researchers have demonstrated that the networks being developed to handle data from electronic voting machines and transmit it over the Internet are also vulnerable to exploits.
In March of this year, a University of Michigan research team published a report discussing the the hack of a prototype online voting system after having been invited to identify vulnerabilities during trial runs of the network. The researchers were able to quickly identify and exploit multiple weaknesses in the network's open source architecture, exploiting a previously disclosed Linux kernel protocol flaw and circumvent the system's encryption.
The evidence of exploitable vulnerabilities led DHS senior cybersecurity adviser Bruce McConnell to warn state and local election officials that it would be premature to deploy voting systems that rely on data transfers via the Internet.
The elections in 2000 were decided by a handful of votes in one state and created a furor over the handling of paper ballots. Imagine the uproar if it is discovered that potentially tens of millions of votes in dozens of states might have been subject to manipulation. Perhaps we should let security catch up to convenience in matters of national import.
- About Corero
- Investor Relations
- News Room
- Executive Management Team
- Corero Offices
- Contact Us