Professional hackers were invited to break into dozens of voting machines and election software at this year’s annual DEFCON cybersecurity conference. And they successfully hacked every single one of the 30 machines acquired by the conference. The challenge was held at DEF CON’s “Voting Village,” where hackers took turns breaching ten sample voting machines and voter registration systems, Politico reported. … “Follow the money,” Harri Hursti, the cofounder of Nordic Innovation Labs, which helped organize DEF CON, told The Hill. “On the other end of the ballot, that’s where the money is — banks and roads.” Hodge said that if officials take care to “store machines, set them up, [and] always have someone keeping an eye on machines,” that could go a long way in ensuring the safety of the electoral process.
But others are not so sure. “Going back to a scantron machine is probably the best bet” to guard against cyberattacks, Alex McGeorge, the head of threat intelligence at cybersecurity firm Immunity Inc, told Business Insider. “It’s unlikely that one could create software that would withstand the attention of a nation-state, especially if you had physical access to the machines.”
That assessment was echoed by Barbara Simons, the Board Chair of Verified Voting, a nonprofit that studies US election equipment. Simons told Politico that DEFCON exercise sheds light on the need for the US to go back to using verifiable paper ballots and mandatory audits. Still, her concerns extended to states that have begun moving in that direction.
“Even where there are paper ballots, most ballots haven’t been checked to see if there was any hacking or intrusion, so even if security people didn’t see any outside hacking occurring on Election Day, things could have been attacked earlier,” Simons told Politico.