Hackers at Convention Test Voting Systems for Bugs

Hackers at Convention Test Voting Systems for Bugs

525
The Black Hat logo is displayed before a keynote address during the Black Hat information security conference in Las Vegas
The Black Hat logo is displayed before a keynote address during the Black Hat information security conference in Las Vegas, Nevada, U.S., July 26, 2017. REUTERS/Steve Marcus
Advertisement

By Christopher Bing
LAS VEGAS (Reuters)

Def Con, one of the world’s largest security conventions, served as a laboratory for breaking into voting machines on Friday, extending its efforts to identify potential security flaws in technology that may be used in the November U.S. elections

Hackers will continue to probe the systems over the weekend in a bid to discover new vulnerabilities, which could be turned over to voting machine makers to fix.

The three-day Las Vegas-based “Voting Village” also aimed to expose security issues in digital poll books and memory-card readers.

“We see a lot of value in doing things like this. We think it’s important,” said Jeanette Manfra, assistant secretary of cybersecurity and communications at the U.S. Department of Homeland Security, in an interview.

 

Hackers try to access and alter data from an electronic poll books in a Voting Machine Hacking Village during the Def Con hacker convention in Las Vegas
Hackers try to access and alter data from an electronic poll books in a Voting Machine Hacking Village during the Def Con hacker convention in Las Vegas, Nevada, U.S., July 29, 2017. REUTERS/Steve Marcus

 

“The idea is, when we find things here, how do we connect them with the actual vendors and make sure that we are closing this loop back to a coordinated vulnerability disclosure process.”

Def Con held its first voting village last year after U.S. intelligence agencies concluded the Russian government used hacking in its attempt to support Donald Trump’s 2016 candidacy for president. Moscow has denied the allegations.

Organizers have returned ahead of the November elections, in which Democrats hope to take control of the U.S. House of Representatives.

 

 

Trump’s national security team last week warned that Russia had launched “pervasive” efforts to interfere in the elections.

“These vulnerabilities that will be identified over the course of the next three days would, in an actual election, cause mass chaos,” said Jake Braun, one of the village’s organizers. “They need to be identified and addressed, regardless of the environment in which they are found.”

Participants will have a chance to hack into more than five types of voting machines from manufacturers including Elections Systems & Software and Dominion Voting.

 

A man types into a keyboard during the Def Con hacker convention in Las Vegas
A man types into a keyboard during the Def Con hacker convention in Las Vegas, Nevada, U.S. July 29, 2017. REUTERS/Steve Marcus

 

Last year a Danish researcher figured out how to take control of a touchscreen voting system used through 2014 in a remote hack that organizers said could work from up to 1,000 feet away.

A group representing U.S. secretaries of state lauded the goal of bolstering election security, but warned that the findings might be skewed.

“It utilizes a pseudo environment which in no way replicates state election systems, networks or physical security,” the National Association of Secretaries of State said in a statement.

 

Participants are silhouetted as they pass through the IOT (Internet of Things) Village during the Def Con hacker convention in Las Vegas
Participants are silhouetted as they pass through the IOT (Internet of Things) Village during the Def Con hacker convention in Las Vegas, Nevada, U.S., July 29, 2017. REUTERS/Steve Marcus

 

Verified Voting, an advocacy group that helped organise the hacking village, said that some of the voting machine models being tested are still used to tally votes across the United States.

One system, the Dominion Premier/Diebold AccuVote TSx system, is used in 20 states and 23,784 precincts, according to Verified Voting.

 

(Reporting by Christopher Bing in Las Vegas; Editing by Jim Finkle and Richard Chang)