Latest in Tomorrow

Image credit: ASSOCIATED PRESS

Key U.S. election systems could have been exposed online for months

More than 30 backend systems in 10 states were left connected.
228 Shares
Share
Tweet
Share

Sponsored Links

ASSOCIATED PRESS

More than 30 backend election systems over the last year -- including some in key swing states like Florida, Michigan and Wisconsin -- have been left online and were susceptible to hackers. A Motherboard investigation published today revealed that systems made by ES&S, one of the largest makers of voting machines in the country, were connected to the internet for long periods of time, in some instances as long as a year. This information contradicts prior claims by election officials that voting machine systems were no longer connected after Election Day.

It's likely the case that election officials who claimed their systems weren't online didn't know any better. "We ... discovered that at least some jurisdictions were not aware that their systems were online," Kevin Skoglund, an independent security consultant, told Motherboard.

At issue isn't the electronic voting machines themselves, but the SFTP server and firewall that some polling places use to speedily transmit votes. Such systems are only supposed to be connected to the internet during Election Day, and then are promptly disconnected. Researchers told Motherboard that critical backend systems are connected to the firewalls. If a hacker was able to intercept the firewall, they could alter vote totals or infect voting machines with malware.

ES&S disagrees with the conclusion reached by the researchers interviewed for the story. "There's nothing connected to the firewall that is exposed to the internet," Gary Weber, vice president of software development and engineering for ES&S, told Motherboard.

This isn't the first instance of ES&S running into trouble for its handling of election security. Last summer, the vendor admitted to Senator Ron Wyden (D-OR) that some of its election management systems had vulnerable remote-access tools -- despite repeated denials in the past. The North Carolina Board of Elections -- which uses ES&S systems -- recently voted to disqualify the company's machines for not providing an option for hand-marked ballots.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
228 Shares
Share
Tweet
Share

Popular on Engadget

Lebanon plans to charge a fee for internet voice calls

Lebanon plans to charge a fee for internet voice calls

View
California's Earthquake Early Warning system rolls out statewide

California's Earthquake Early Warning system rolls out statewide

View
Motorola invite hints at a 'reinvented' RAZR

Motorola invite hints at a 'reinvented' RAZR

View
Get $24 off the Nintendo Switch on Amazon

Get $24 off the Nintendo Switch on Amazon

View
Supreme’s burner phone is a hypebeast’s dream

Supreme’s burner phone is a hypebeast’s dream

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr