Hacking our country’s election results is literally child’s play
On Friday, an 11-year-old boy was successfully able to hack a replica Florida state election website and change Florida election results at the annual DEFCON security convention, and it took him less than 10 minutes to do so.
In the “DEFCON Voting Machine Hacking Village,” 50 kids and teens aged eight to 16 were tasked with infiltrating 13 imitation websites believed to be key to the upcoming midterm elections. The young hackers could edit candidate names, party names, or vote count totals on the websites.
The 11-year old, Emmett Brewer, wasn’t the only one to successfully hack the sites. An 11-year old girl accomplished the same task in under 15 minutes, hacking the same replica Florida election results site to show three times the number of votes originally reported there. In total, 30 of the young attendees were able to hack a number of different replica websites in 30 minutes or less.
The DEFCON Voting Machine Hacking Village Twitter account shared some of the findings and conclusions of the young hackers over three days of events.
Voting Village discovery roundup, Day 3 (final day). Expect our official report later this year! pic.twitter.com/TGpeCihm13
— DEF CON VotingVillage (@VotingVillageDC) August 13, 2018
“These things should not be easy enough for an 8-year-old kid to hack within 30 minutes, it’s negligent for us as a society,” Nico Sell, the co-founder of r00tz Asylum, the organizer of the event, told PBS NewsHour. DEFCON had a similar challenge for adult hackers at last year’s conference. Attendees were able to hack sites in less than five minutes. This year, Sell decided to offer kids and teens a similar “challenge.”
The National Association of Secretaries of State said in a statement that it is willing to work with the DEFCON community to shore up election security but was also skeptical that the replica sites accurately reflected the “unique networks and custom-built databases” that many states employ. The organization also noted that these websites are used to report unofficial, preliminary election night reports—they’re not actually connected to state voting equipment. Still, a hacker changing this data could wreak chaos on a populace.
As the 2018 midterm elections approach, election security is a becoming a growing concern, particularly as reports surface evidence that outside parties have indeed penetrated election systems.
H/T PBS