Hackers breached defences of US voting machines in less than 90 minutes

Hackers competed to take control of US voting machines and overcame some of their security defences in less than 90 minutes.

One hacking team at the DEF CON cybersecurity conference in Las Vegas ‘rick-roll’d’ a touchscreen voting machine so it played Rick Astley’s 1987 hit ‘Never Gonna Give You Up’, and another contestant was able to gain full remote control of a notoriously weak device from his laptop.

The results of the competition are likely to add to anxieties about the hacking of future US elections and about possible Russian interference in Donald Trump’s victory in November.

The US Department of Homeland Security said last year that it was “confident” the Russian Government had directed the hacking and leaking of Democratic National Committee emails in the run-up to Donald Trump’s victory over his Democrat rival Hillary Clinton.

And last month it was reported that a leaked National Security Agency document stated that Russian military intelligence executed a cyberattack on at least one US voting software supplier and sent phishing emails to more than 100 local election officials just days before the presidential election.

The DEF CON competition was said to have exposed a wide range of vulnerabilities in 30 computer-powered ballot boxes that had been acquired on eBay or from US government auctions so hackers could try to attack them.

The hackers were allowed to break the machines open to see how they worked, as well as trying to gain control of them remotely.

It allegedly took them less than 90 minutes to find the first cracks in the machines’ defences.

It was also claimed that Carsten Schürmann, an associate professor at the IT University of Copenhagen, was able to exploit poorly secured WiFi to gain remote control of one machine that has been used in previous US county elections.

The Register reported that some machines were using outdated and relatively easily hacked software, including unpatched versions of OpenSSL and Windows XP and CE.

Full article from the Source…

Back to Top