 "How a $15 device can hack US presidential election")
During its "Hack the Vote" election simulation, cyber security firm Symantec has revealed three easy ways an attacker with the right level of intelligence and motivation could impact the US presidential election and it will cost just $15.
To analyse the ecosystem of an election — from electronic voting machines to data transfers, vote tabulation and broadcasting the results — the company tested the actual direct-recording electronic (DRE) voting machines and other equipment to simulate a real-world voting system.
According to the general process, voters use a chip card to cast their vote. Once someone has voted, the same card is re-used by the next voter.
"Just like credit cards, these cards are essentially a computer with its own RAM, CPU and operating system. Which means they can be exploited like any computing device," the company said in a statement.
"In examining the election process for vulnerabilities, we discovered that there's an opportunity for a hacker to modify the code put on a voter's chip card. Anyone who knows how to programme a chip card and purchases a simple $15 Raspberry Pi-like device, could secretly reactivate their voter card while inside the privacy of a voting booth," added Symantec.
The card can be faked in two different ways — one, reset the card to allow someone to vote multiple times using the same chip card and second, programming the card to allow multiple vote casting.
"There was no form of encryption on the internal hard drive of the voting machines we purchased, which were running an outdated operating system to display the ballots and record votes," Symantec found.
The second method to influence the votes is tampering with tabulation.
All the votes are registered in the voting and attackers could compromise the integrity of the voting data by manipulation of cartridges as these storage cartridges function like a USB drive which stores data in plain text with no embedded encryption.
Thirdly, by propagating misinformation on social media networks, a hacktivist or attacker could also change voter behaviour.
Symantec said that these vulnerabilities can easily be fixed by installing security software at all points of the process.
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →*Subscribe to Business Standard digital and get complimentary access to The New York Times
Smart Quarterly
₹900
3 Months
₹300/Month
SAVE 25%
Smart Essential
₹2,700
1 Year
₹225/Month
SAVE 46%
*Complimentary New York Times access for the 2nd year will be given after 12 months
Super Saver
₹3,900
2 Years
₹162/Month
Subscribe
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app
SAVE 25%