In the first known example of an attempt to hack a U.S. election, an online attacker took advantage of the lax security surrounding the online process of requesting absentee ballots in the 2012 primary in Miami-Dade County, Florida, to order more than 2,500 ballots.
The scheme could have actually worked if it was done with more skill, stated a grand jury report released in December, but whose findings only recently came to light.
Although the attack failed to affect the election’s outcome, it succeeded in verifying the dangers of election processes that allow voters to cast their ballots via email over the Internet.
While voting irregularities have cropped up in numerous U.S. elections, no known hack of a live election has been attempted, said David Jefferson, computer scientist at Lawrence Livermore National Laboratory and a member of the board of directors of Verified Voting and the California Voter Foundation.
“There have been many demonstrations of how to do it, but this is the first one that we know of, in the United States, in a real election, where an actual technical attack was perpetrated. So it’s a big deal for that reason,” he told eWEEK. “It shows that there are people somewhere with the motivation and the technical capability to pull something like this off.”
Known nationally for the “hanging chad” controversy that resulted in the invalidation of many votes during the closely contested 2000 presidential election, Florida now has the dubious honor of being the first state to have confirmed an attempt to hack an actual election. As a result of rumored absentee ballot fraud in the Aug. 14, 2012, elections, a grand jury was impaneled to investigate the allegations.
The grand jury found that the company hired by the Miami-Dade County elections department to create and monitor the voter registration system became suspicious when more than 2,500 online requests appeared at nearly the same time.
Requests came from a group of overseas proxies, or anonymizers, that hid the actual source of the traffic. The scheme would have succeeded except for the attacker’s use of IP addresses in Ireland, England and India, along with the fact that the requests for ballots came in faster than a human could input the data.
The report clearly stated that the system’s basic security measures did nothing to stop the attacker.
“The security of the online absentee ballot request systems is very low as there are no user-specific log-ins or passwords required by the voter requesting a ballot,” according to the grand jury report.
As a result of the incident, the grand jury recommended that Miami-Dade County’s election department upgrade the Web site to require that voter’s log in to a secure site using a username and password. While such a system could be attacked to get access to each user’s account, the security measures would make wholesale fraud involving thousands of votes more difficult.
Election officials should also understand that Internet voting is inherently insecure, LLNL’s Jefferson said. The incident shows that U.S. elections must tread carefully on how the Internet is used to augment the election process, he said.
“In the precinct voting situation, where people vote in person using a piece of paper or voting machine, I think the country is moving in the right direction,” Jefferson said. “The converse trend, toward Internet voting, is huge and much worse. We really can’t go to Internet voting now or any time in the near future.”