Latest in Tomorrow

Image credit: ASSOCIATED PRESS

Key U.S. election systems could have been exposed online for months

More than 30 backend systems in 10 states were left connected.
228 Shares
Share
Tweet
Share
Save

Sponsored Links

ASSOCIATED PRESS

More than 30 backend election systems over the last year -- including some in key swing states like Florida, Michigan and Wisconsin -- have been left online and were susceptible to hackers. A Motherboard investigation published today revealed that systems made by ES&S, one of the largest makers of voting machines in the country, were connected to the internet for long periods of time, in some instances as long as a year. This information contradicts prior claims by election officials that voting machine systems were no longer connected after Election Day.

It's likely the case that election officials who claimed their systems weren't online didn't know any better. "We ... discovered that at least some jurisdictions were not aware that their systems were online," Kevin Skoglund, an independent security consultant, told Motherboard.

At issue isn't the electronic voting machines themselves, but the SFTP server and firewall that some polling places use to speedily transmit votes. Such systems are only supposed to be connected to the internet during Election Day, and then are promptly disconnected. Researchers told Motherboard that critical backend systems are connected to the firewalls. If a hacker was able to intercept the firewall, they could alter vote totals or infect voting machines with malware.

ES&S disagrees with the conclusion reached by the researchers interviewed for the story. "There's nothing connected to the firewall that is exposed to the internet," Gary Weber, vice president of software development and engineering for ES&S, told Motherboard.

This isn't the first instance of ES&S running into trouble for its handling of election security. Last summer, the vendor admitted to Senator Ron Wyden (D-OR) that some of its election management systems had vulnerable remote-access tools -- despite repeated denials in the past. The North Carolina Board of Elections -- which uses ES&S systems -- recently voted to disqualify the company's machines for not providing an option for hand-marked ballots.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
228 Shares
Share
Tweet
Share
Save

Popular on Engadget

The best smart home sensors for Alexa

The best smart home sensors for Alexa

View
Runkeeper drops its Wear OS app due to a 'buggy experience'

Runkeeper drops its Wear OS app due to a 'buggy experience'

View
Drako's GTE electric supercar will be a four-motor, 1,200HP monster

Drako's GTE electric supercar will be a four-motor, 1,200HP monster

View
Nintendo says there is no Switch exchange program

Nintendo says there is no Switch exchange program

View
IKEA creates a business unit devoted to smart home tech

IKEA creates a business unit devoted to smart home tech

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr