“So, when you’re talking about an advanced attacker, like a nation-state, unfortunately mere disconnection of the voting machines themselves from the internet isn’t enough to stop them.” — J. Alex Halderman, expert on election security, on the oft-repeated myth that our voting machines are safe from hacking.
I read with mild alarm this week when one of my favorite columnists admonished his readers to put on their big boy pants and accept the election results or risk looking like “irrational birthers.”
This opinion piece appeared as new revelations of Russian interference, potential for blackmail, and unholy alliances with the Trump administration came to light in a damning piece of journalism published by the New York Times. While, hovering menacingly off the eastern seaboard is a Russian spy ship as a backdrop for these precarious times.
We are instructed by some to largely disregard foreign influence in our electoral process and instead adopt pragmatic solutions for moving forward by gaining a better understanding of the nation’s internal campaign landscape. Attempts to assuage voters on the integrity of the election continue to miss the mark.
Trump and his flying monkeys regularly gin-up public unrest over imaginary voter fraud. It’s doubtful there was any of that in the 2016 cycle. Neither did hacking play a role in the result. Yet, the potential for election hacking in future contests is very real, and the Russians are certainly working to that end. Midterms are right over the horizon.
Denial of the threat frequently employs two arguments. First, each state has its own unique patchwork of voting machines, in theory rendering a widespread successful hack impossible. And second, naysayers claim that because the machines are not connected to the internet they are inviolate.
The first argument is just plain silly. Hackers would only need to identify those key states and districts where they could potentially throw an election. They don’t need to hack every last machine.
But it’s the second claim that is a dangerously naive assumption about how actual hacking occurs. Professor J. Alex Halderman — a University of Michigan computer science and engineering expert who specializes in the security of election systems, knows all too well the folly of this belief.
The “Air Gap Connection” Hack
Halderman appeared on C-SPAN last October to explain the easy mechanism by which a foreign or domestic entity could stealthily alter election results even with no internet connectivity of voting machines. It’s called an “air gap connection” hack. Earning its name from plumbing terminology, air-gapped computer networks are physically isolated from other systems, the internet and wifi. This is the case with our voting machines, except there’s a simple way to get around the air gap. And American spies perfected it.
Readers may recall Stuxnet from several years ago, when the United States teamed up with Israel to hack and disable Iran’s nuclear enrichment program. The Iranian computer network was air-gapped, except for one key vulnerability. Malware was introduced via a USB flash drive that had been used on an internet connected computer and then on their protected system. These devices are needed to transfer data from one network to another — in this case it was through a contractor updating the programming of the closed system. The worm did its damage then erased itself, leaving the Iranians clueless as to what occurred.
American voting machines have the same susceptibility, but with much less vigilance protecting their integrity — if any effort is put forth at all. They require flash drives or memory cards to transfer data from unprotected municipal computers to the air-gapped machines. That’s how our voting machines are programmed prior to an election. Halderman warned of the very real threat:
“The voting machines have to receive the data about the ballot design, about the software that’s running on them from somewhere, and they get that data from central systems in the counties or states. These are called Election Management Systems… And, because the voting machines are receiving the data and sending back data to these central systems, it doesn’t go over the internet — but it goes over what we might call a ‘sneakernet’, which is basically memory cards.
So, when you’re talking about an advanced attacker, like a nation-state, unfortunately mere disconnection of the voting machines themselves from the internet isn’t enough to stop them.”
Whistling past the graveyard, the chair of the U.S. Election Assistance Commission, Thomas Hicks, asserted in a September 2016 C-SPAN interview that “there’s no way to hack into those machines using the internet.” True, but by that flawed logic, we should all be relieved to also learn that we can’t catch the Zika virus from a toilet seat.
It gets worse. Hackers may not even need to transfer the malware via a flash drive or memory card. Wired magazine reports that technology exists that uses radio waves through cell phones to attack air-gapped systems. Multiple avenues of technology exist to break into seemingly isolated systems.
How real is the threat?
Very.
Last month we learned that municipal computers in Grand Traverse County in Northern Michigan were the subject of a 2014 foreign-based hack. The FBI has been monitoring the situation since that time. Paul Knific, of Epic Technology Solutions, the county’s IT consultant, advised that the hack put all the computers on that network at risk. The breach appeared to have been a preliminary test of the system. Knific described it: “It was kind of like, ‘Hey we’re here.’”
And so they are.
6 Comments