Cybersecurity

Miami's Voter Fraud Is Only the Beginning of Election Hacking

Authorities have confirmed for the first time ever, that hackers attempted and almost succeeded at rigging a Miami primary vote, uncovering underlying security issues with the online voting systems of the future. In the Miami-Dade primary election last August, requests for over 2,500 phantom absentee ballots flooded the Miami Dade voter registration site, a phenomenon which a grand jury has now confirmed came from hackersreports MSNBC's Gil Aegerter. Because it had some hallmarks of trickery, the election department's software was able to halt the scheme before it actually affected the election. But, the scarier part is how easy the hack was to perform, as the Miami Herald's Patricia Mazzei explains. With a tiny bit more skill, this person could have bypassed the trigger that caught the hack. "And that, of course, is the most frightening thing: that any moderately or even marginally skilled programmer could have done this," Steven Rambam, who reviewed the IP addresses associated with this hack told Mazzei. So, yeah, this is just the beginning.

Specifically, the still unknown party built a program that rapid-fire filled out online ballot requests user voter information for people who would likely not participate in a primary election. To make the absentee ballot requests seem legit, that person then made the IP addresses look like they came from a foreign country. This time, the requests were flagged as suspicious because they came in so quickly and also targeted Democratic voters in specific elections. In addition a Captcha system can also detect these types of automated requests. However, the president of the company that provides that software to Miami-Dade and 52 other counties admitted that's not hard to bypass. "That’s a barrier, but I’m told that for someone who’s sophisticated enough as a programmer, they can get over that hurdle," Jane Watson told Mazzei. Services out there would cost less then $0.001 per voter, claim resaerchers Aegerter spoke with.

Read more at The Atlantic Wire

Threatwatch Alert

Spearphishing / Stolen credentials / User accounts compromised

Hackers fund flights to London for Romanian pickpockets through iThing scam

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
// 12:58 PM ET