With Donald Trump already talking about the presidential election being rigged, Symantec has set up a simulated voting station that shows how electronic systems might be hacked to alter actual vote tallies for just a few hundred dollars. They found that while it’s possible to change the number of votes cast for each candidate, it would be very difficult to do so on a large enough scale to swing the election one way or the other. However, enough machines in random precincts could be provably compromised so that general public confidence in the official outcome would be undermined, says Samir Kapuria, Symantec’s senior vice president for cyber security. Using a voting-machine simulator that contains an aggregate of known vulnerabilities from real-world voting machines and some that Symantec found itself, Kapuria demonstrated several ways attackers could taint voting results.
… Other security experts are concerned as well. Bruce Schneier, for one, has written urgently for action before this fall’s election. “But while computer security experts like me have sounded the alarm for many years, states have largely ignored the threat, and the machine manufacturers have thrown up enough obfuscating babble that election officials are largely mollified,” he writes.
“We no longer have time for that. We must ignore the machine manufacturers’ spurious claims of security, create tiger teams to test the machines’ and systems’ resistance to attack, drastically increase their cyber-defenses and take them offline if we can’t guarantee their security online.”