It’s no secret, given the hacks that have plagued the Democratic National Committee and the Clinton campaign. But security researchers warn that it’s just the beginning. “There’s not even a doubt in my mind that there are other actors out there that have yet to be found,” Crowdstrike CEO George Kurtz told CNNMoney. “I’m sure there will be other hacks that come out over the course of this election and certainly beyond that.” Kurtz, whose firm was brought in by the DNC to investigate the hack, called the hack a watershed moment. He said Crowdstrike has been fielding calls from Washington as political parties wrap their heads around a new type of threat: Hackers trying to manipulate the U.S. election. Far from Washington, hackers descended on Las Vegas to show off their party tricks at Black Hat, the annual conference that puts security on the frontlines. They hacked cars, ATMs and mobile devices. This year, there was a new addition: a simulated version of a hackable electronic voting machine, assembled by security firm Symantec. Brian Varner, a security researcher at Symantec, said the electronic voting machine is another frontier for hackers.
Seventy-five percent of the country’s votes are cast using paper ballots and even many electronic machines print a ballot so that there’s a paper trail. But five states (Georgia, Delaware, Louisiana, South Carolina and New Jersey) use electronic voting machines that leave no way to audit results after the fact, according to Pamela Smith, president of Verified Voting, which advocates for transparency in voting machines.
Some of the electronic machines use a voter access card, which you receive when you go to the polls. The card can be reused by multiple voters. These machines represent an opportunity for hackers. But they must gain access to the physical card ahead of time in order to manipulate it.
In a demo, Varner showed CNNMoney how a voter access card can be hacked by a small device that reprograms the card, giving voters the ability to cast their vote as many times as they wish. “I can probably put about 400 votes in myself in less than a couple minutes and the poll workers would be none the wiser,” Varner said.
Full Article: Just how secure are electronic voting machines? – Aug. 9, 2016.