US Electronic Voting System Hijacked In Less Than 48 Hours

A team of researchers from the University of Michigan hacked an American pilot project for online voting and changed all of the ballots in less than 48 hours in February.

Election officials did not detect the intrusion for nearly two business days—and might have remained unaware for far longer if the team hadn’t deliberately left a prominent clue. The findings were presented at the 16th Conference on Financial Cryptography & Data Security, held on Carribean Island of Bonaire this month.

Foundations of democracy

In 2010, Washington, D.C. developed an Internet voting pilot project that was intended to allow overseas absentee voters to cast their ballots using a website. Prior to deploying the system in the general election, the District held a unique public trial: a mock election during which anyone was invited to test the system or attempt to compromise its security.

Within 48 hours of the system going live, the team from the University of Michigan had gained nearly complete control of the election server. They successfully changed every vote and revealed almost every secret ballot.

“We used the stolen public key to replace all of the encrypted ballot files on the server at the time of our intrusion with a forged ballot of our choosing. In addition, we modified the ballot-processing function to append any subsequently voted ballots to a .tar file in the publicly accessible images directory (where we could later retrieve them) and replace the originals with our forged ballot,” reads the report entitled “Attacking the Washington, D.C. Internet Voting System“.

“Recovery from this attack is difficult; there is little hope for protecting future ballots from this level of compromise, since the code that processes the ballots is itself suspect.”

Unsecured network surveillance cameras gave researchers a real-time view into the network operations center. They could observe whether administrators made physical changes to the servers running the voting system and even monitor the frequency of patrols by security guards.

As many as 25 percent of Americans are expected to use paperless electronic voting machines in the upcoming November elections, according to the Verified Voting Foundation, but confidence has been eroded by incidents showing vulnerabilities.

Last September, researchers led by Roger Johnston at the Argonne lab were able to change votes on the a ballot machine using about $25 worth of equipment, by inserting a device to manipulate touch screens by remote control, reports the AFP.

A month later, Microsoft Research released a paper describing a so-called “trash attack” which it said could be “effective against the majority of fully verifiable election systems.” Microsoft also offered a technical fix for this weakness.

How well do you know Internet security? Try our quiz and find out!