A sysadmin at a leading voting machine vendor posted a firewall configuration file, including passwords, into a public Cisco support forum in 2011, opening the company up to possible attack. The config files expose a wealth of information useful to an attacker, including domain name, hostname, and ASA version number. While there is no evidence that the voting machine vendor was compromised, this accidental leakage of information is “juicy intelligence,” Dan Tentler, founder and CEO of Phobos Group, an attack simulation security company, tells CSO. “If you have a crack team of cat burglar types and they’re all going to break into a building, this firewall configuration file is the equivalent of finding the floor plan of the building they are planning to break into,” Tentler says.
… A nation-state attacker could also have copied the voting machine source code and used it to look for security flaws. “The voting machine vendors…are certainly on the radar of powerful attackers, including nation-state adversaries,” Alex Halderman, a professor of computer science at the University of Michigan, and an expert of voting machine security, tells CSO. “The networks they are using for developing, testing, and debugging election system software are likely to be probed by attackers who would want to weaken the security of our elections.”
“If you can get into one of these vendors,” he adds, “take the source code to the voting machines, that’s of enormous advantage to someone who wants to attack them.”