CS Monitor-factual article: Could e-voting machines in Election 2012 be hacked? Yes.

Voters cast ballots on touch-screen voting machines during in-person absentee voting

at the Fairfax County Governmental Center in Fairfax, Va., in early October.

Rapid advances in the development of cyber weapons and malicious software mean that electronic-voting machines used in the 2012 election could be hacked, potentially tipping the presidential election or a number of other races.

Related stories

Exclusive: E-voting puts vote accuracy at risk in four key states

How much do you know about cybersecurity? Take our quiz.

Voting fraud in Election 2012: How common is it? (+video)

Subscribe Today to the Monitor

Click Here for your FREE 30 DAYS of
The Christian Science Monitor
Weekly Digital Edition

Since the machines are not connected to the Internet, any hack would not be a matter of someone sneaking through cyberspace to change ballots. Rather, the concern is that an individual hacker, a partisan group, or even a nation state could infect voting machines by gaining physical access to them or by targeting the companies that service them.

The 2010 discovery of the Stuxnet cyberweapon, which used a thumb drive to attack Iran‘s nuclear facilities and spread among its computers, illustrated how one type of attack could work. Most at risk are paperless e-voting machines, which don’t print out any record of votes, meaning the electronically stored results could be altered without anyone knowing they had been changed.

RELATED: Exclusive: E-voting puts vote accuracy at risk in four key states

In a tight election, the result could be the difference between winning and losing. A Monitor analysis shows that four swing states – Pennsylvania, Virginia, Colorado, and Florida – rely to varying degrees on paperless machines.

"The risk of cyber manipulation of these machines is quite real," says Barbara Simons, a computer researcher and author of "Broken Ballots," a book documenting e-voting vulnerabilities. "Most people don’t understand that these computer-based voting machines can have software bugs or even election-rigging malicious software in them."

There are plenty of software vulnerabilities to exploit, says Matt Blaze, a computer scientist at the University of Pennsylvania in Philadelphia. In 2007, he was on a team investigating touch-screen and other voting systems for California and Ohio. The resulting study concluded "virtually every important software security mechanism is vulnerable."

How much do you know about cybersecurity? Take our quiz.

The paperless machines, however, stand out as particularly vulnerable.

"If there’s no paper trail, you can have the corrupted software display on the voting-machine screen whatever you want to display – and then after the voter leaves, record something completely different inside," says Richard Kemmerer, a computer scientist who heads the University of California, Santa Barbara, Computer Security Group.

Voting for Pac-Man

For example, Alex Halderman, a researcher at the University of Michigan, and a colleague at Princeton University hacked into a paperless touch-screen voting machine in 2010 and installed the video game Pac-Man. That lab exercise took three afternoons but did not break any tamper-proof seals and left no traces.

Similarly, he and Princeton researchers in 2006 demonstrated that if someone could get a few minutes’ unattended access to a paperless machine, that person could install a software virus that could spread to other machines and switch those machines’ votes before deleting all traces of itself.

1 | 2 | 3

Next

http://www.csmonitor.com/USA/Elections/2012/1026/Could-e-voting-machines-in-Election-2012-be-hacked-Yes

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s