Voting machine vulnerabilities go well beyond what most voters know, warns Dan Zimmerman, a computer scientist who specializes in election information technology. There probably is not time to fix all of those vulnerabilities by November. But there are still things election officials could do to reduce the hack-ability of the U.S. presidential election. Here are his five steps for making the U.S. election less hackable.
1. More federal oversight (and not just on Election Day)
This week’s report sophisticated actors in Russia trying to penetrate voter databases sounded alarm bells about the U.S. election being hacked. Zimmerman, who works with Free & Fair, a company that provides election-related IT services, says that because most electronic voting machines are not connected to the internet, the threat of remote hacking from Russia is small. The machines are far from secure, however.
“I haven’t observed anything in particular that would make me think somebody is developing some new attack against these machines. Some of these machines were so terribly easy to attack in the first place, essentially, my concern is that some of these machines have been designed in way such that somebody with an eighth-grade level of knowledge of computer science and a little bit of time could hack them.”
It’s an issue that’s been around for years, but lawmakers haven’t done much about it. Bottom line, there’s no federal standard for physical security around voting machines and that makes them very vulnerable. “They could be in a broom closet in a city clerk’s office. There is no federal level oversight other than there is something called the Election Assistance Commission, or EAC. The EAC was established in the early 2000s, basically as a response to the 2000 debacle, and has until recently effectively been a joke,” he says.
The first step could be more federal oversight of how voting machines are stored when not in use, complete with remote monitoring via cameras and other means.
Full Article: 5 Steps To Make U.S. Elections Less Hackable – Defense One.