US Lab Says Electronic Voting Machines Easy to Hack
As the primary election season gains momentum in the United States in early 2012, voters will head to the polls to cast votes for their preferred candidates. About 30 percent of Americans will use electronic voting machines, all the way through the general election next November. A group of researchers at Argonne National Laboratory outside of Chicago, Illinois have determined that those electronic voting machines can be easily manipulated, casting doubt on their security and effectiveness.
Jon Warner’s full time job at Argonne National Laboratory is testing the security strength of the world’s most sensitive areas.
"We do international nuclear safeguards," said Warner. "We break into real security systems."
His part-time job is changing the course of fictitious elections, on real electronic voting machines that more than a quarter of American voters use.
"These machines are modularly designed, so you have a touch screen, that’s a module, and when I press the touch screen, that sends a signal to the CPU," he said. "Well, the CPU is going to respond back with something. All I did was intercept that communication flow. If I like the vote, fine let it go through. If I don’t, change it."
Warner manipulates voting information on the electronic machines using a small, custom-made remote control device.
If it sounds simple, that’s because it is.
"We believe that a very resourceful 12 to 13-year-old would be able to essentially produce these alien electronics that can hijack the machine," said Roger Johnston.
Roger Johnston heads up Argonne’s Vulnerability Assessment Team.
"I think our view of the voting machines we’ve looked at is that there really isn’t much security thought put into these devices," he said.
Johnston says security concerns are not isolated to the way the machines are made.
"Often the warehouses where these machines are stored have fairly weak security, but almost universally, these machines are transported by third party low bid trucking companies, where there’s no background checks on these individuals," said Johnston. "Often the machines arrive at a polling place and there’s no one to sign for them or to take responsibility for their oversight. So there’s often quite a period of time when these machines could be tampered with."
Johnston’s group tested two different electronic voting machines out of about 12 different models.
"We think that the kind of attacks that we’ve demonstrated on these two machines would probably work on quite a number of other voting machines, but we don’t know that for sure - we simply haven’t had the opportunity to try," he said.
The 2000 presidential election was decided by several hundred manually entered votes in the southern state of Florida. The recount of those votes, and problems in how the ballots were marked, fueled a drive to have more electronic voting machines for the next election.
Johnston says now, the closer the outcome of an election, the greater the role of just one electronic voting machine.
"In the 2008 senatorial race in Minnesota, Al Franken won by 312 votes - that’s one voting machine," he said. "Tampering just a little bit with just one voting machine could potentially have swung that election the other way."
Johnston says the problem is not isolated to the United States. The push for faster calculation of election results worldwide is driving up the demand for electronic voting machines. If those machines are not secure, Johnston says, it could cast doubt on the integrity of the election. |