Kentucky: Online voter registration left system vulnerable to attack | Louisville Courier Journal
Heralded as the state voting system’s “most transformational reform to date,” the ability for Kentuckians to register to vote online also made them vulnerable to attack. A ProPublica investigation found that as recently as this week, a computer server powering Kentucky’s voter registration website was inadvertently exposing sensitive back-end files to hackers. Kentucky introduced online voter registration in 2016. At the time, Secretary of State Alison Lundergan Grimes said the move would pave the way for increased participation in elections. … “FTP is a 40-year-old protocol that is insecure and not being retired quickly enough,” said Joseph Lorenzo Hall, the chief technologist at the Center for Democracy and Technology in Washington, D.C., and an advocate for better voting security. “Every communication sent via FTP is not secure, meaning anyone in the hotel, airport or coffee shop on the same public Wi-Fi network that you are on can see everything sent and received. “And malicious attackers can change the contents of a transmission without either side detecting the change.”