Researchers Assembled over 100 Voting Machines. Hackers Broke Into Every Single One.

A cybersecurity exercise highlights both new and unaddressed vulnerabilities riddling US election systems.

im Weber/The Commercial AppealZuma Press

For indispensable reporting on the coronavirus crisis, the election, and more, subscribe to the Mother Jones Daily newsletter.

A report issued Thursday by some of the country’s leading election security experts found that voting machines used in dozens of state remain vulnerable to hacks and manipulations, warning that that without continued efforts to increase funding, upgrade technology, and adopt voter-marked paper ballot systems, “we fear that the 2020 presidential elections will realize the worst fears only hinted at during the 2016 elections: insecure, attacked, and ultimately distrusted.”

The 47-page report is the product of researchers who organized a shakedown of voting machines at the annual DefCon conference, one of world’s biggest information security gatherings frequented by hackers, government officials, and industry workers. First incorporated into DefCon in 2017 with the aim of improving voting machine security, this year’s version of the now-annual “Voting Machine Hacking Village” assembled over 100 machines and let hackers loose to find and exploit their vulnerabilities. While election officials have criticized the effort’s utility as a testing ground, deriding it as a “pseudo environment,” some have seen value in letting machines’ flaws become more known and potentially lead to security improvements.

“Once again, Voting Village participants were able to find new ways, or replicate previously published methods, of compromising every one of the devices in the room,” the authors wrote, pointing out that every piece of assembled equipment is certified for use in at least one US jurisdiction. The report’s authors, some of whom have been involved with election machine security research going back more than a decade, noted that in most cases the participants tested voting equipment “they had no prior knowledge of or experience” in a “challenging setting ” with less time and resources than attackers would be assumed to marshal.

The report urges election officials to use machines relying on voter-marked paper ballots and pair those with “statistically rigorous post-election audits” to verify the outcome of elections reflects the will of voters. The authors also warn that supply chain issues “continue to pose significant security risks,” including cases where machines include hardware components of foreign origin, or where election administrators deploy foreign-based software, cloud, or other remote services. The report lands as officials in several states are working to upgrade election equipment, and as lawmakers in Washington, D.C. debate federal election security legislation and funding.

Ultimately, the report notes flaws that have been acknowledged for years.

“As disturbing as this outcome is, we note that it is at this point an unsurprising result,” the authors conclude. “However, it is notable—and especially disappointing—that many of the specific vulnerabilities reported over a decade earlier…are still present in these systems today.”

Read the full report below:

 
 



Voting Village Report defcon27 (Text)

DEMOCRACY DOES NOT EXIST...

without free and fair elections, a vigorous free press, and engaged citizens to reclaim power from those who abuse it.

In this election year unlike any other—against a backdrop of a pandemic, an economic crisis, racial reckoning, and so much daily crazy—Mother Jones' journalism is driven by one simple question: Will America will move closer to, or further from, justice and equity in the years to come?

If you're able to, please join us in this mission with a donation today. Our reporting right now is focused on voting rights and election security, corruption, disinformation, racial and gender equity, and the climate crisis. We can’t do it without the support of readers like you, and we need to give it everything we've got between now and November. Thank you.

DEMOCRACY DOES NOT EXIST...

without free and fair elections, a vigorous free press, and engaged citizens to reclaim power from those who abuse it.

In this election year unlike any other—against a backdrop of a pandemic, an economic crisis, racial reckoning, and so much daily crazy—Mother Jones' journalism is driven by one simple question: Will America will move closer to, or further from, justice and equity in the years to come?

If you're able to, please join us in this mission with a donation today. Our reporting right now is focused on voting rights and election security, corruption, disinformation, racial and gender equity, and the climate crisis. We can’t do it without the support of readers like you, and we need to give it everything we've got between now and November. Thank you.

We Recommend

Latest

Sign up for our newsletters

Subscribe and we'll send Mother Jones straight to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate