Ever since news broke that hackers at the DEFCON ‘Voter Village’ were able to exploit vulnerabilities in voting machines in under 90 minutes, the Institute for Critical Infrastructure Technology (ICIT) has been flooded with requests for access to its research on the topic of hacking elections, election system integrity, and Russian election tampering.
Below are links to ICIT publications which may make your research easier if you are looking into this topic:
- Hacking Elections is Easy! Part 1: Tactics, Techniques, and Procedures
- Hacking Elections is Easy! Part 2: Psst! Wanna Buy a National Voter Database? Hacking E-Voting Systems Was Just the Beginning
- Congressional Briefing: Strengthening Election Cybersecurity
Clearly, the system we base our democracy on is far from secure when it comes to the voting machines used today. Cylance has recently been at the forefront of research regarding these systems. Some of our current research (including specific compromises on Sequoia Voting machines) can be found here:
- Cylance Discloses Voting Machine Vulnerability
- Newsweek – How Easy Is It to Hack a Voting Machine?
- Cybersecurity and U.S. Voting Systems The ICIT hosted a series of discussions on Cybersecurity threats.
We need more efforts like Voter Hacking Village, which allow security researchers and engineers full access to these systems in a controlled environment. Too often, researchers are seen as “the bad guys” who should be kept as far away as possible from these machines, but in fact the opposite should be true.
These researchers are the ones who understand exactly how a malicious attacker might go about breaking into our voting systems. If we are to preserve the integrity of our current election setup, researchers should be at the front lines of these systems, right alongside the manufacturers, locking shields to prevent future breaches of data and trust.
Manufacturers and (Read more...)
This is a Security Bloggers Network syndicated blog post authored by The Cylance Team. Read the original post at: Cylance Blog