American voting machines are full of foreign-made hardware and software, including from China, and a top group of hackers and national security officials says that means they could have been infiltrated last year and into the future. DEFCON, the world’s largest hacker conference, will release its findings on Tuesday, months after hosting a July demonstration in which hackers quickly broke into 25 different types of voting machines. The report, to be unveiled at an event at the Atlantic Council, comes as the investigation continues by four Hill committees, plus Justice Department special counsel Robert Mueller, into Russian meddling in the 2016 elections, on top of the firm intelligence community assessments of interference. Though the report offers no proof of an attack last year, experts involved with it say they’re sure it is possible—and probable—and that the chances of a bigger attack in the future are high.
“From a technological point of view, this is something that is clearly doable,” said Sherri Ramsay, the former director of the federal Central Security Service Threat Operations Center, which handles cyber threats for the military and the National Security Agency. “For us to turn a blind eye to this, I think that would be very irresponsible on our part.”
Often, voting machine companies argue that their supply chain is secure or that the parts are American-made or that the number of different and disconnected officials administering elections would make a widespread hack impossible. The companies also regularly say that since many machines are not connected to the internet, hackers’ ability to get in is limited.