Hack the Vote – Fox News

votingmachinepic

The recent cyber theft of millions of personnel records from the federal government was sophisticated and potentially crippling, but hackers with just rudimentary skills could easily do even more damage by targeting voting machines, according to security experts.

Voter fraud is nearly as old as elections themselves, and different states and precincts use different voting systems and machines. But in many cases, even the electronic ballots could be manipulated remotely, according to a new report by the Commonwealth Security and Risk Management for the Virginia Information Technologies Agency. That report found that the AVS WINVote machines Virginia has used since 2002 have such flimsy security that an amateur hacker could change votes from outside a polling location.

“Our entire democracy depends on systems with minimal, easily bypassed security.”

– Cris Thomas, Tenable Network Security,

“This means anyone could have broken into the machines from the parking lot,” said Cris Thomas, a strategist with the Columbia, Md.-based Tenable Network Security, one of the nation’s leading cyber and enterprise security firms. “Our entire democracy depends on systems with minimal, easily bypassed security.”

The report was commissioned after one precinct in Virginia reported “unusual activity with some of the devices used to capture votes,” during last November’s statewide elections.

“Security deficiencies were identified in multiple areas, including physical controls, network access, operating system controls, data protection, and the voting tally process,” the report found. “The combination of critical vulnerabilities in these areas, along with the ability to remotely modify votes discretely, is considered to present a significant risk. This heightened level of risk has led VITA security staff to conclude that malicious third party could be able to alter votes on these devices. These machines should not remain in service.”

Mississippi and Pennsylvania decertified the machines years ago, because they used an outdated version of Windows that had not been updated since 2004 and had default passwords that could allow for wifi access, Thomas noted.
Read more here.
')