Monday, 29 August 2016

ICIT Analysis: Hacking Elections is Easy! Part One: Tactics, Techniques, and Procedures

True democracy relies on the reliability of the democratic process. The “Help America Vote Act”, passed in 2002, ushered in an era of uncertainty by proliferating the use of electronic voting systems vulnerable to cyber, technical and physical attack. More often than not, electronic voting systems are nothing but bare-bone, decade old computer systems that lack even rudimentary endpoint security. Despite the recurring discussion on electronic voting vulnerabilities that occurs every four years, only limited attention is given to the systemic problem undermining American democracy. It’s time for a complete overhaul in the electoral process’ cyber, technical and physical security.

In this analysis, entitled, Hacking Elections is Easy! Part One: Tactics, Techniques, and Procedures”, the Institute for Critical Infrastructure Technology provides a detailed analysis of the risks that voting machines and the digital age have introduced into our democratic process which have the potential to impact the integrity of election results.  The report discusses:

  • The shocking ease of hacking all aspects of virtually any voting machine’s “black box” technology
  • The cyber, technical and physical attack methods that could be enlisted by Nation States, Hacktivists and black hat hackers
  • Social Engineering attack vectors and methods that are so easy, even a novice script kiddie can do it
  • A few simple tactics that can “fix” any local, state or national campaign in just days or even hours
  • And much more

This paper was authored by:

  • James Scott (Senior Fellow – Institute for Critical Infrastructure Technology)
  • Drew Spaniel (Researcher – Institute for Critical Infrastructure Technology)

The following experts contributing to this report:

  • Rob Roy (Fellow – Institute for Critical Infrastructure Technology & Federal CTO, HPE)

Part Two of this paper will be published shortly and provide a deeper technical analysis of this threat.

Download the paper here:  http://ift.tt/2c4hYNx

This paper was underwritten by:

HP

 



from cyber security caucus http://ift.tt/2c4i87J
via IFTTT

No comments:

Post a Comment