Symantec Shows How A $15 Device Can Be Used To Hack The U.S. Presidential Election

symantec-hack-the-vote-us-election

symantec-hack-the-vote-us-electionShort Bytes: Can some group of notorious hackers influence the U.S. Presidential Election? To study the same, the cybersecurity firm Symantec simulated the election process and found various security loopholes in the process. The biggest flaws sketched by the firm are related to the lack of encryption in voting machine hard drives and data storing cartridges.

Due the increasing security threats, there are ongoing discussions regarding the chances of upcoming US elections being influenced by the hackers. While some are labeling the possibility of a hack as absurd and far-fetched, others are busy exploring how easy it is to hack the elections.

The voting machines being used in the elections must adhere to the National Institute for Interdisciplinary Science and Technology (NIIST) guidelines that state that the machine should never connect to the internet and they must be kept locked. So, to hack them, an attacker needs to get access before the election or tamper with on the day of the election. To study the different aspects involved, the leading cybersecurity firm Symantec created an election simulation named “Hack the Vote”. To get things done, they bought the actual DRE voting machines from a website and other equipment.

Voting multiple times using a $15 device

When voters enter a polling station, they are handled a chip card for casting their vote. The card is basically a tiny computer with its own RAM, CPU, and OS. So, just like any other computer, its flaws can be exploited. Symantec examined that a hacker can modify the code on a voter’s chip card. If an attacker knows how to program a chip card, using a $15 Raspberry Pi-like device, he/she can reactivate the card and vote multiple times.

“This year, 43 states will use electronic voting machines that are at least 10 years old. It’s reasonable to suspect some tabulation computers and software have been left unpatched or unsupported, opening the doors to other means of infiltration” — Symantec

Lack of encryption on voting machines

Surprisingly, there was no encryption on the voting machine’s internal hard drive and it used an outdated operating system. This absence of encryption on machines can act as another attack layer. A skilled hacker can reprogram the drive using a simple device.

Manipulation and tampering

The study also showed that the behind-the-scenes data tabulation presents an even scarier scenario. The votes are stored in simple cartridges like a USB drive that stores data without any encryption. A hacker can easily rewrite the information and add votes. Symantec also explored the possibility of uploading malware to alter the voting database or erase it.

Interestingly, Symantec has recommended voting by paper–if it’s available at your polling station. Wondering why? Because there’s nothing much an average user can do to secure the voting technology. You can obviously inform a poll worker if you notice something strange.

Did you find this article helpful? Don’t forget to drop your feedback in the comments section below.

Also Read: Hackers Successfully Attacked A Nuclear Power Plant

Similar Posts