The Federal Bureau of Investigation’s disclosure earlier this month that foreign hackers had infiltrated voter registration systems in Illinois and Arizona came as no surprise to some cybersecurity experts.
“Given where cybercrime has gone, it’s not too surprising to think about how information risks might manifest themselves during the election season to cause some level of either potential disruption, change in voting, or even just political fodder to add the hype cycle,” says Malcolm Harkins, chief security and trust officer at network security firm Cylance.
Growing concern that hackers sponsored by Russia or other countries may be attempting to disrupt the presidential election is certainly not far-fetched, given the recent data breach at the Democratic National Committee headquarters. In fact, hacking an election is shockingly easy, according to a report by the Institute for Critical Infrastructure Technology, a cybersecurity think tank.
In most cases, electronic voting systems “are nothing but bare-bone, decade old computer systems that lack even rudimentary endpoint security,” according to the report. Security vulnerabilities are discussed every four years, but little attention is given to the problem. “It’s time for a complete overhaul in the electoral process’ cyber, technical and physical security,” the report concludes.
Earlier this month the FBI reported its most recent findings to election officials across the country and urged them to take new steps to enhance the security of their computer systems.
Illinois Board of Elections officials report that information from almost 200,000 voters were hacked beginning June 23. The breach was discovered two weeks later. No files were erased or modified, nor were voting history information or digital signature images captured, officials said. Hackers did, however, have access to voters’ drivers’ license numbers and the last four digits of Social Security numbers. In Arizona, the attack affected fewer voter files, and officials said last week that no data was removed in the attack.
While voter databases are separate from voting systems, cybersecurity pros say the voter database hack speaks to a larger vulnerability. "A hack of state election systems raises the stakes in this battle and is a dangerous sign that traditional defenses aren't cutting it,” says Paul Hooper, CEO of Gigamon. “These systems must be impenetrable to hackers so that we have complete trust come this fall.”
Election systems remain vulnerable, in part, because the system depends on federal, state, and local authorities, who each possess their own systems, software, hardware, and security protocols.
Finding the vulnerabilities
The FBI reported that hackers identified an SQL injection vulnerability and used SQLmap to target the Illinois voter registration website and gain access to data. Seven suspicious IP addresses were used by the hackers, and election boards were urged to check for similar activity to their logs.
Sign up for Computerworld eNewsletters.