The United States election process has been at risk since the widespread adoption of electronic voting (e-voting) systems in 2002-2006. Despite the fact that researchers have spent the past decade demonstrating that Direct Recording Electronic (DRE) and optical scanning systems from every manufacturer are vulnerable along numerous attack vectors, our Nation is still plagued with a lack of transparency on the part of electronic voting system manufacturers and poorly trained election officials and staff. The preservation of the integrity of the democratic process rests on the expediency in which we respond to the hyper-evolving threat landscape in this digital age.
This report, entitled “Hacking Elections is Easy! Part 2: Psst! Wanna Buy a National Voter Database? Hacking E-Voting Systems Was Just the Beginning”, aims to establish the need for a substantial discussion on this topic, to loosely define the relevant attack surface, and to demonstrate the need to secure electronic voting systems. Specifically, the report discusses:
- The Risk of Local and State-Level Election Official and Staff Exploitation
- Documented Incidents of Data Breaches and Attacks Involving Electronic Voting Systems
- E-Voting Testing Requirements by Region
- Vulnerabilities in Electronic Voting Systems Currently / Previously in Use in the United States (organized by manufacturer)
This paper was authored by:
- James Scott (Senior Fellow – Institute for Critical Infrastructure Technology)
- Drew Spaniel (Researcher – Institute for Critical Infrastructure Technology)
The following experts contributed to this report:
- Jim Walter (ICIT Contributor & SPEAR Researcher, Cylance)
To Purchase this Publication Click HERE.