This July, eight months after Russians targeted U.S. election systems, hackers gathered at a conference in Las Vegas to prove just how vulnerable our system is to interference. In a matter of minutes, hackers were able to break into and gain remote control of voting machines, changing votes and potentially shutting down the system.
“These machines were pretty easy to hack,” Jeff Moss, founder the world’s largest hacker conference, DEFCON, said Tuesday. Hackers with very little prior knowledge and limited resources were able to expose personal voter information and undermine the integrity of every piece of equipment they attempted to breach.
Now, using that information, those hackers are teaming up with U.S. governors to try to make U.S. election systems more immune to interference.
DEFCON, the National Governors Association, the Atlantic Council, and other academics released a report Tuesday finding that “our voting systems are not secure” and detailing ways the groups can work together to prevent future hacks.
The Department of Homeland Security has said there is evidence of Russian-connected hackers successfully breaching electronic poll books and state and local voter databases in at least 21 states across the United States. At an event Tuesday, the organizations said that if Russia can interfere with our elections, so can other nations or even extremist groups.
“This is not simply a cybersecurity issue but one of the most pressing national security concerns eating at the bedrock of our democracy,”
said Atlantic Council President Frederick Kempe.
David Lute, former U.S. ambassador to NATO under President Obama, also explained the need to take action immediately.
“In my over 40 years of working on national security issues, I don’t believe I’ve seen a more severe threat to American national security than the election hacking experience of 2016,” he said.
At its “Voting Village,” attendees of DEFCON attempted to gain control of more than a dozen voting machines — the same kind a large number of U.S. states use. According to the report, many U.S. elections machines use foreign-made hardware and software, making them vulnerable to hacking on a scale worse than what we saw last year. Because China and other foreign countries don’t use secure suppliers and shippers, hackers could infiltrate equipment and plant malware before that equipment even reaches the United States.
“It was well established that every machine we have is hackable,” said Harri Hursti, founding partner of Nordic Innovation Labs which organized the Voting Village.
Some fixes would be easy, like changing machine passwords — one machine had an unchangeable, universal default password that hackers found using Google — while others would require more time and effort, including moving some states away from paperless systems.
The report comes as Congress and special counsel Robert Mueller continue their separate investigations into Russia’s interference in the 2016 election. Meanwhile, Trump’s Presidential Advisory Commission on Election Integrity says it will also look into vulnerable election systems, although most of its efforts have focused on the non-existent problem of “voter fraud.”
Lute said he thinks the U.S. cannot waste any time responding to the attack which he says is as serious a threat to our democracy as any he has seen in the last four decades. Russian President Vladimir Putin’s willingness to interfere in the last presidential election should be a red flag that Russia and other adversaries will continue to interfere in future elections until the United States does something to block them, he said.
“This is a serious national security issue that strikes at the core of our democracy,” he wrote.