October 2018

You are browsing the archive for October 2018.

The front line of election security in Connecticut has about 169 weak points

Last week, West Haven paid a $2,000 ransom to hackers to unlock its computer systems. In a statement from the city, the ransom was characterized as a “one-time fee.” The word-choice here reveals an oversimplified view of the reality of ransomware, a cyberattack in which hackers lock data and demand payment.

First, West Haven was lucky to regain access to its systems after paying the ransom. Fewer than a quarter of ransomware victims actually get their files back after paying up. More often, hackers pocket the money and leave the data scrambled.

The notion of a “one-time fee” also fails to account for reputation damage and loss of trust. A city like West Haven — which is already navigating difficult financial straights — needs to rally community support. A blunder like this undermines the momentum it was building…

 

Here’s How Russia May Have Already Hacked the 2018 Midterm Elections

New article from Newsweek: Here’s How Russia May Have Already Hacked the 2018 Midterm Elections  <read>

They are talking about PA, but the same could apply to Connecticut:

Even though Bucks County’s Shouptronics aren’t wired, hackers have several ways of compromising them. The most direct and effective way would be to replace a computer chip in the machine that holds instructions on what to do when voters press the buttons with one that holds instructions written by hackers.

Do Connecticut’s Tamper-“Evident” Seals Protect Our Ballots?

Experts and amateurs have long claimed that so called, tamper-evident seals are easy to defeat.

Email and Internet Voting: The Overlooked Threat to Election Security

New report Email and Internet Voting: The Overlooked Threat to Election Security

This report reviews the research that has been conducted by the federal government concluding that secure online voting is not yet feasible…

States that permit online return of voted ballots should suspend the practice.

The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies

Often, as a computer scientist, I forget that what a very small minority know that becomes almost intuitive, is far from obvious to others approaching magic, a deluded conspiracy, or amateur science fiction.

Any sufficiently advanced technology is indistinguishable from magic. – Arthur C. Clarke
This article from Bloomberg News is a case in point.

The Crisis in Election Security by Kim Zetter

The feature in the NYTmes Magazine by Kim Zetter:  The Crisis of Election Security – As the midterms approach, America’s electronic voting systems are more vulnerable than ever. Why isn’t anyone trying to fix them? <read>  The article is a sad summary of where are and how we got here.

Two years later, as the 2018 elections approach, the American intelligence community is issuing increasingly dire warnings about potential interference from Russia and other countries, but the voting infrastructure remains largely unchanged…How did our election system get so vulnerable, and why haven’t officials tried harder to fix it? The answer, ultimately, comes down to politics and money: The voting machines are made by well-connected private companies that wield immense control over their proprietary software, often fighting vigorously in court to prevent anyone from examining it when things go awry.