Some experts say that given uneven IT security requirements for voting systems, the best protection against election hacking may be less technology. “Based on my experience, I don’t have a lot of confidence” in the security of election equipment, said Alex Halderman, director of the University of Michigan’s Center for Computer Security and Society, at a Sept. 8 Brookings Institution discussion. “Our election systems are known to be vulnerable,” he said, adding that even if they were not manipulated by a foreign government in 2016, “I think it’s a matter of time… [attacks] will only be more sophisticated going forward.” Halderman’s research includes information security testing on the exact machines used by states during federal elections.
“The machines have vulnerabilities that could allow someone to hack in and alter the software that’s running on them,” he said. “You don’t even need physical access to the machines.” Nor do the machines need to be connected to the internet to be prone to manipulation, Halderman added.
“With just momentary access to the memory card that’s used to program the ballot for the election, we could insert vote-stealing software that would then reprogram the machine… and select whoever we wanted as the winning candidate,” he explained.
Halderman added that even if American machines were not manipulated by a foreign government in 2016, “I think it’s a matter of time” before vote tampering occurs, if the vulnerabilities are left unaddressed.
Full Article: Is low-tech the answer to election security? — FCW.