The ABCs of Hacking a Voting Machine

  /     /     /  
Publicated : 23/11/2024   Category : security

The ABCs of Hacking a Voting Machine


A hacker who successfully infiltrated a voting machine at last years DEF CON will demonstrate at Black Hat USA how he did it, as well as what he later found stored on other decommissioned WinVote machines.


It took computer scientist Carsten Schuermann just minutes last year to
hack
into one of the 30 pieces of voting equipment sitting in a cramped room in Caesars Palace that housed DEF CONs maiden Voting Machine Village. He fired up his laptop, quickly spotted a WinVote voting machine on the Wi-Fi network using Wireshark, and then typed in a command that launched a Metasploit exploit.
And, poof, that was it, Schuermann says. He was able to access the Windows XP-based voting machine using the Remote Desktop Protocol (RDP), exposing real election and voting data that was still stored in it. The voting machines inherent weaknesses made it an easy mark: It ran XP (Service Pack 0), Wi-Fi and RDP were enabled by default, it employed the outdated WEP security protocol, and the majority of WinVote machines he had studied all used the same password: abcde. 
The only changes I did was turn off the machines remotely, and we added new files to the directories, he says. His exploit used an old
buffer overrun flaw
in XP, which apparently had not been patched on the voting machine.
Schuermann had been studying security weaknesses in the WinVote machine back at his home office at the IT University of Copenhagen in Denmark. He now has eight decommissioned WinVote machines that were used in previous elections – four from Virginia – that hes been dissecting and looking for clues of compromise and hacking attempts. Hell be back in Vegas in August at Black Hat USA, demonstrating just how he hacked the machine at DEF CON, as well as sharing some research findings from the WinVote machines hes been studying. 
[See Schuermanns Black Hat USA talk on August 9,
Lessons from Virginia - A Comparative Forensic Analysis of WinVote Voting Machines
]
Im going to bring a machine and show how easy it is to hack ... exploiting the same vulnerability used in last years DEF CON contest, he says. Schuermann, an academic expert in election security who has been studying election security for a decade, used a root shell script to control the machine, and says he can change data on the voting machines. The notoriously insecure WinVote machines – which dont include a paper-trail feature – were replaced in Virginia prior to the 2016 election, but some localities, including some in Pennsylvania, still use them.
Since these machines all have the same access point they connect to, once you know how to get into that wireless network ... and use the abcde password, then you have networking access to the machine and can deploy the exploit. Then youre in, he says. The scary thing is you could make this automatic: You could drive by polling stations and make changes on all of the totals in the voting machines.
Schuermann has been conducting forensic investigations on the disks in the WinVote machines using the so-called Autopsy tool. I was trying to understand if everything was OK with the machine or was it hacked, he says.
But because the machines XP platform doesnt provide system logging, theres no way to track whether someone connected remotely to the machine. Theres no trail of who accessed it, Schuermann says. So the only way to spot a potential hack is the data on the disks.
So far, Schuermann has found traces of MP3 files on the disks of one of the WinVote machines, including a Chinese music file, he says. It appears the machine was used to record songs from CDs and play MP3s.
But theres no evidence real hacking happened on the machines so far, he says, and no signs of election-meddling in vote counts. 
Even so, Schuermann says hacking one of the machines would have been fairly simple. If anyone really knows what they are doing, they could hack those machines in a minute. And once youve hacked one, you know [how] to hack [others], he says.
The biggest risk overall, he says, is citizens losing trust in an election and the voting systems if hackers are able to break into them and alter or change results. Now, with the Russia investigation and election interference, people are becoming more aware that this is not only possible but also likely someday. Thats the scary part, he says. 
His message for the US midterm elections: How important [a] paper [trail] is, he says.
Home Page Photo Credit: Monica M. Davey / Epa/Shutterstock 
 
Related Content:
DEF CON Rocks the Vote with Live Machine Hacking
Voting System Hacks Prompt Push for Paper-Based Voting
White House Cybersecurity Strategy at a Crossroads
Congressional Report Cites States Most Vulnerable to Election Hacking
 
 
 
Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the
conference
 and
to register.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
The ABCs of Hacking a Voting Machine