recommended reading

Miami's Voter Fraud Is Only the Beginning of Election Hacking

Authorities have confirmed for the first time ever, that hackers attempted and almost succeeded at rigging a Miami primary vote, uncovering underlying security issues with the online voting systems of the future. In the Miami-Dade primary election last August, requests for over 2,500 phantom absentee ballots flooded the Miami Dade voter registration site, a phenomenon which a grand jury has now confirmed came from hackersreports MSNBC's Gil Aegerter. Because it had some hallmarks of trickery, the election department's software was able to halt the scheme before it actually affected the election. But, the scarier part is how easy the hack was to perform, as the Miami Herald's Patricia Mazzei explains. With a tiny bit more skill, this person could have bypassed the trigger that caught the hack. "And that, of course, is the most frightening thing: that any moderately or even marginally skilled programmer could have done this," Steven Rambam, who reviewed the IP addresses associated with this hack told Mazzei. So, yeah, this is just the beginning.

Specifically, the still unknown party built a program that rapid-fire filled out online ballot requests user voter information for people who would likely not participate in a primary election. To make the absentee ballot requests seem legit, that person then made the IP addresses look like they came from a foreign country. This time, the requests were flagged as suspicious because they came in so quickly and also targeted Democratic voters in specific elections. In addition a Captcha system can also detect these types of automated requests. However, the president of the company that provides that software to Miami-Dade and 52 other counties admitted that's not hard to bypass. "That’s a barrier, but I’m told that for someone who’s sophisticated enough as a programmer, they can get over that hurdle," Jane Watson told Mazzei. Services out there would cost less then $0.001 per voter, claim resaerchers Aegerter spoke with.

Read more at The Atlantic Wire

Threatwatch Alert

Software vulnerability

Malware Has a New Hiding Place: Subtitles

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.