defcon voting machine hacks hint at real world threats that should be taken seriously say security experts

B2B Next Conference & Exhibition, Sept 24-26, Chicago
Hear 47 e-commerce experts as they provide B2B executives with actionable insights on how to profit from the digital disruption in their markets and transform their companies into B2B e-commerce leaders. Register Today.

Hackers cracked into a wide array of voting equipment Def Con’s Voting Village, an event held Friday at Caesar’s Palace in Las Vegas, Nevada.

Last year, conference goers hacked five machines and an e-poll book of registered voters. This year, in addition to voting machines, tabulators and smart card readers were available for hacking.

Websites weren’t off limits, either. An 11-year-old hacked into a replica of the Florida secretary of state’s office site in 10 minutes and changed the results there. In real life, such an attack might create confusion, but it would not effect the actual vote tally of an election.

Election stakeholders last year were caught by surprise by the hacking frenzy at the Voting Village, but they were prepared for it this time around.

One of the largest providers of election equipment in the United States, ES&S, sent an email to its customers advising them that it was highly unlikely that any hacker would be able to get the physical access to a voting machine that a Def Con attendee could get at the conference.

Significant Threat

The National Association of Secretaries of State, which represents local officials overseeing elections in the states, expressed similar sentiments, arguing that the unlimited physical access Def Con attendees got to voting machines, many no longer in use, did not replicate real-world election conditions.

However, the weaknesses Def Con hackers exposed should not be ignored, security experts warned.

“These hacks pose a tremendously significant threat to election systems,” said John Cassidy, CEO of Alexandria, Virginia-based King & Union, maker of a cybersecurity analysis collaboration platform.

“They illustrate just how poorly security has been considered in many of these systems,” he told the E-Commerce Times.

While the Def Con hacks required manual access to the voting machines, it is highly likely hackers already know of other vulnerabilities that do not require that kind of access, Cassidy said.

More Than Machines

“Def Con demonstrates how vulnerable the system is,” remarked Avivah Litan, a security analyst at Gartner, a research and advisory company based in Stamford, Connecticut.

“It’s just amazing the country is so lax at responding to this. We don’t have any national response that’s meaningful,” she told the E-Commerce Times. “Hacking elections has become a partisan issue.”

As the 11-year-old’s hack illustrated, more than voting machines are at risk.

“There are many different attack vectors,” Litan…