Disclosure of DEF CON Demo survey report hacking election system, warn of updating the urgent system

It has been pointed out over 10 years ago that there is a security problem in the electronic voting system that aggregates election results. However, in the hacking conference DEF CON held in July 2017, the voting system was actually hacked Demonstration took place, realistic dangers were shown a lot. Survey report on hacking to the electronic balloting system "DEF CON 25 voting village reportIt was gathered and opened to the public on October 10, 2017. The report urges the need to update the American electronic balloting system as soon as possible.

DEF CON 25 voting village report.pdf
(PDF file)https://www.defcon.org/images/defcon-25/DEF%20CON%2025%20voting%20village%20report.pdf

U.S. voting machines are susceptible to hacking by foreign actors - CBS News

Hack-Vulnerable Voting Machines a 'National Security Threat,' Experts Warn

A hacking conference held in July 2017DEF CON 25"Hacking demo of the American electronic balloting system was done. Electronic voting system in just 1 hour and 30 minutes You can check the hacking which you succeeded in remotely entering WinVote in the following article.

American e-voting machine is hacked in haste quickly by DEF CON - GIGAZINE

A survey report on the hacking demo "DEF CON 25 voting village report" was released, and detailed clarifications on the method used in the demonstration etc are clarified. In the preamble of the survey report, there is a word that Douglas Root, formerly a member of NATO's standing committee, says "We (America) voting system is not safe".

The system used in the voting system is operating with classical software, such as the OS "Sequoia AVC Edge" produced in 1989, and there is little mechanism to check whether the code being executed is legitimate And that. Nevertheless, because it has a versatile external port such as a USB port, it seems that preparation for physical attacks is very poor.

It is also pointed out that hacking is possible even if the voting system itself is not connected to a network line. In addition to attacks involving physical contacts from external terminals, attacks are also assumed in which malware is pre-loaded at the part level that constitutes hardware of the voting system.

Only four manufacturers have delivered equipment that is used in the voting system in the United States. Although these four manufacturers claim both are safe, the report concludes that hacking to the voting system is a real threat.

In the report, Mr. Route said, "It has been proven that Russia can intervene in the election process of the United States with cyber tools, which is neither an academic theory nor a hypothesis, proving that it is viable in reality It is a real threat and we are trying to figure out whether radical intervention in Russia 's election will succeed to radical and criminal groups such as Iran, North Korea and Islamic State (IS). " He points out that cyber attack on the voting system is an immediate problem.

At the time of writing the article, in the USA, Delaware state, Georgia state, Louisiana state, New Jersey state, South Carolina state that electronic balloting system which does not use any ballot paper is introduced. The report recommends that the electronic balloting system should be reviewed by the 2018 middle election.

in Software,   Hardware,   Security, Posted by darkhorse_log