ICYMI: Last Week, Several Kid Hackers Hacked Into the U.S. Voting System – Two of Them Did So In About 11 Minutes.
USA — At the DEFCON hackathon conference, held in Las Vegas, fifty kids attended, and several tried their hand at hacking imitation U.S. election websites. More than half of the children attendees, who were ranging in age from 7-years-old to 16-years-old, managed to succeed in doing so. One of them, 11-year-old Emmett Brewer, hacked into the imitation election website in just eleven minutes.
Of course, immediate response came from the media. TIME magazine covered the story, calling the hacking “alarming”. BuzzFeed News covered the event, too, although they gave the credit for the fastest hack to a girl the same age named Audrey. BuzzFeed interviewed Audrey Jones, who said that: “Basically what you’re doing is you’re taking advantage of it being not secure […] It took maybe a minute or so because I’m a fast typer.”
In fact, Audrey Jones, after being asked if it really took her ten to eleven minutes to hack the website said: “Well, I was pretty distracted at the time,” suggesting that she could have done so ever faster if she wanted to (video below).
Unsurprisingly, there was concern brought up by many people. Mostly, the media took on the idea that this DEFCON conference essentially showed that the voting system was completely insecure, “if a child can hack it”.
The idea here being that if someone so young could figure out that these voting systems had been running on expired SSL certificates, the hackers in Russia that the US is currently accusing of meddling with previous presidential elections, certainly could.
The National Association of Secretaries of State itself was worried about DEFCON encouraging people to try to hack into the voting system, while simultaneously trying to assure people that the electronic voting system isn’t really that insecure.
In a statement quoted by the aforementioned TIME article, the National Association of Secretaries of State said: “While we applaud the goal of DEFCON attendees to find and report vulnerabilities in election systems it is important to point out states have been hard at work with their own information technology teams […] our main concern with the approach taken by DEFCON is that it utilizes a pseudo-environment which in no way replicates state election systems, networks or physical security. Providing conference attendees with unlimited physical access to voting machines, most of which are no longer in use, does not replicate accurate physical and cyber protections established by state and local governments before and on Election Day.”
That being said, Rachel Tobac was able to show how she learned how to get admin access on a voting machine that’s used in 18 states — and it takes only two minutes, and no tools.
ABOUT THE AUTHOR:
Mariah Loeber is the Founder and Editor-in-Chief of FemSTEM.com. She studies English and is a huge fan of all things STEM. Find her on Twitter.