“This isn’t conjecture, this isn’t my dystopian fantasy world, this is something we know they do … The fragmentation argument is absolute horseshit, because once you’re in the chips, you can hack whole classes of machines, nationwide, from the fucking Kremlin.”
“The No 1 thing we found last year wasn’t a hack at all, it was the fact that we opened up the back of the machine, and of course, no surprise, all the parts are made across the world, especially China. “That’s bullshit,” Braun says when I put Manfra’s words to him. Hackers try to access and alter voter data at the Def Con convention last year. And so while you may be able to get into a few voting machines, you can’t really affect that at scale without detection, and it would be really hard.” There’s a lot of reasons for that: voting machines are physically secure, we’ve got thousands of jurisdictions across the country that all use different things. “We found that it’s actually really, really difficult to manipulate the actual vote count itself. The four-person campaign team, which first learned of a potential attack in March, couldn’t even afford the minimum price of hiring a security team to investigate, according to Reuters.īut Manfra did have some good news. “This is about more than just voting machines,” Manfra told attendees.Īs if to demonstrate Manfra’s words, just days after Def Con, another attack was reported on American democracy, through the campaign computer of a Democratic congressional candidate, California’s David Min. The resulting chaos, as millions of people attempt to secure provisional ballots, or are turned away at the polling station, would certainly undermine confidence. If the database isn’t secure, an attacker could delete, say, every 10th entry. And there’s a lot of ways to do that without actually hacking the vote.” “What are they trying to do? They are trying to undermine our democratic process, and the confidence that we have in our democratic process. This year, Jeanette Manfra, assistant secretary at the Department of Homeland Security’s office of cybersecurity and communications turned up to reassure attendees – partly.ĭHS, she said, put itself in the shoes of America’s adversaries. (The runner-up, the rapper Lil Pump, apparently standing for the Democratic party, had just under 46m votes.)Īs the number of flaws discovered by Def Con attendees, young and older, mounts, the US government has taken an interest.
At the point I arrived in the room, the website for the state of Colorado was being projected on the wall, declaring that the candidate for the “Comnnunism” party, Kim Jong-un, had won the state’s election with one quadrillion votes. “It took an 11-year-old girl 10 minutes to do it,” Braun says, “and she was the first one.” After that, the convention cycled to a new state’s website every 30 minutes, and another child would break it in less than a quarter-hour, over and over. Armed with facsimiles of the websites of 13 battleground states and a child-friendly guide to basic hacking techniques, the kids were set loose on critical infrastructure – and proceeded to tear it apart. Instead, Braun turned to Rootz, another Def Con staple, where the children of attendees experience their own mini hacking convention. “It’s really important, it’s a huge vulnerability, but the adult down in the Village wouldn’t find this interesting, because they could do it in two minutes.” Unfortunately for Braun, unlike voting machines, there’s not a lot of interest in testing the security of the various states’ election websites. It took an 11-year-old girl 10 minutes to do it Security expert Jake Braun But then the Russians announced that their candidate had won on RT, when he hadn’t.” Disarray ensued, and the Russian press had a foothold from which to begin spreading the allegation that the winner of the election wasn’t legitimate. Fortunately, the Ukrainians caught it and shut the website down. “They did it in the Ukraine, where they hacked Ukrainian election results on the government website. “We know that Russia has done this before,” Braun says. And, whether they are used for voter registration, online campaigning or announcing the results at the end of the election, they can be used to sow havoc. Unlike a voting machine, Braun explains, websites represent a compelling target because they are, by their nature, connected to the internet 24/7. Braun, a former White House liaison on cybersecurity, is one of a small group of volunteer IT professionals who have been testing the security – or lack thereof – of the US voting infrastructure every year at the Def Con hacking conference, where he co-founded the Voting Village, a sort of conference-within-a-conference. “The most vulnerable part of election infrastructure is the websites,” explained the security expert Jake Braun.
0 kommentar(er)
