Hackers Threaten Voting Systems, Electoral Process

By Fahmida Y. Rashid  |  Posted 2011-12-20

Hackers Threaten Voting Systems, Electoral Process

An apparent threat to hack into voting systems and disrupt the vote has the Iowa Republican Party on edge, according to the Associated Press.

The state's Republican Party is boosting the security of the computer systems it will be using Jan. 3 for the first caucus in the 2012 presidential campaign, AP reported Dec. 19. Party officials were acting in response to a video posted on YouTube calling on Anonymous supporters to "peacefully shut down the first-in-the-nation Iowa caucuses" to protest the corrupt political system that favors corporations.

Investigators don't know yet whether the threat is authentic and have not yet confirmed whether the Anonymous hacktivist collective is really planning any protests to prevent the vote. As a loose collective of like-minded hackers, Anonymous doesn't have an official hierarchy or structure, making it very easy for a single person, or a select few, to claim an attack without most of the group's participation or knowledge.

"With the eyes of the media on the state, the last thing we want to do is have a situation where there is trouble with the reporting system," Wes Enos, a member of the Iowa GOP's central committee, told AP.

Attackers may target the database used to gather votes and crash the Website that would publicize the results, AP reported. The party recently authorized additional security measures aimed at preventing attackers from delaying publication of the caucus results. Some areas in Iowa may use paper ballots instead of just a show of hands so that the results can be reconstructed if there are any problems.

The early caucuses and primaries are critical to the presidential campaign, with many candidates tweaking their campaign strategy based on their performance.

Security experts have long worried about the security of the voting machines and the infrastructure supporting elections. Researchers at the Vulnerability Assessment Team at Argonne National Laboratory in Illinois hacked a Diebold Accuvote touch-screen voting system in September and managed to change voting results without leaving any trace of the attack. The researchers said their attack relied on inserting "alien electronics," or a credit-card-sized device that cost about $10, inside the machine to give attackers remote access to the system.

Example of Tampering


An example of vote tampering would involve the voter making the selections, but with the attacker intercepting the final ballot when submitting it. The ballot could be recorded after a few items were changed, and it would be difficult to find any traces of which votes had been modified.

Diebold systems are used in several states, including Georgia, Maryland, Utah, Nevada, New Jersey, Pennsylvania, Indiana and Texas.

"In light of the rapidly approaching 2012 U.S. Presidential Election, it seems there may be a need to give serious attention to securing our election technology," Cameron Camp, security researcher at ESET, wrote on the company blog. "Unscrupulous, well-heeled bad actors" can easily gather together a group of hackers, especially if they are politically motivated, to tamper with votes and swing elections, Camp said.

Last fall, a Washington, D.C., district system invited a team from the University of Michigan's College of Engineering to try to breach its pilot of an online voting system. It took the team only 3 hours to find a SQL injection flaw to take over the server, change ballot results, cause the site to broadcast the university's fight song when someone accessed the site, and find personal information of voters registered on the system.

There have been several opportunities for cyber-attackers intent on influencing the political process in recent weeks around the world. During the Russian elections earlier this month, popular Russian media Websites such as the Moscow Echo radio station, election monitoring group Golos and the LiveJournal blogging service were knocked offline by distributed denial of service (DDoS) attacks. A botnet using a piece of malware was behind some of the DDoS attacks, according to Sebastien Duquette, a researcher at ESET.

The DDoS attacks targeted Websites that were discussing election fraud and other political violations, Moscow Echo's editor in chief claimed.

It's a plausible scenario as "true political activism is a strong and real motivator for Internet DDoS attack activity," Mike Paquette, chief strategy officer of Corero Network Security, told eWEEK.  "It is not hard to imagine that fringe groups, loosely associated with one political party, might employ these cyber-attacks to generally, or specifically, help their party in certain elections."

DDoS attacks aren't just a tool for protesters, as the establishment can use it just as effectively. In Russia, DDoS was used "as a mechanism of propaganda, censorship, information withholding and unfair political advantage," Paquette said.

Three of the top seven leaders in South Korea's ruling Grand National Party quit their posts for allegedly tampering with national elections in late October, the Wall Street Journal reported earlier this month. South Korea's cyber-terrorism police arrested a legislative aide to a top ruling politician after finding evidence that he launched the DDoS attack on the National Election Commission's Website on election day. The attack prevented young voters from being able to find their polling places, and may have suppressed voter turnout among the demographic that traditionally favor opposition parties, according to the report.

Rocket Fuel