01:57 PM
How to Prep for Millennials Being the Decision Makers, Are You Ready?
Aug 30, 2016
Millennials know exactly what they want and expectations are high - very high. They are empowered ...Read More>>

E-Voting System Has Security Risks

Security researchers say Diebold's electronic voting system is vulnerable to tampering, but can be fixed by election day.

Election insiders and hackers could disrupt or corrupt elections held using electronic voting machines made by Diebold Inc., according to a report presented to Maryland state legislators on Thursday. Diebold, however, says the report validates the security of their electronic voting systems. "Not only can many of the issues be mitigated by March, many have been already," says a Diebold spokesman. Maryland voters should not be concerned about the security or accuracy of the votes they cast electronically next month, he says.

The maker of electronic voting systems already has strengthened security by improving how the system handles passwords and by enhancing the encryption the system uses, the spokesman says.

The analysis of the voting system was conducted by RABA Technologies and made available on the Internet on Friday. The report concludes that while vulnerabilities exist, they can be fixed in time for Maryland's primary election in March. The report was prepared after RABA Technologies had security experts attempt to hack the system under actual election conditions.

Among the security concerns: Servers used in the test didn't have the most current Microsoft patches in place, leaving the systems up to potential attack. Also, easily guessed passwords made it possible to reveal the contents of smart cards used in the election process. Plus, the security team was able to use lock-picks to crack open a voting machine in about 10 seconds. The report also warned that someone using a standard handheld computer could alter the software to destroy or scramble results.

The report made it clear that all the vulnerabilities it cited could be fixed, but that an auditable paper trail of votes cast electronically should become a requirement.

"With all these near-term recommendations in place, we feel for this primary that the system will accurately render the election and is worthy of voter trust," the report stated. "However, between the March and November elections, we strongly feel that additional actions must be taken to mitigate increasing risks incumbent on a system that will receive broad scrutiny. Ultimately, we feel there will be a need for paper receipts, at least in a limited fashion."

Concerns raised about the security of electronic voting systems has sparked legislators at the state and federal levels to draft laws that would require auditable paper trails for all votes cast electronically. "It just makes sense to have something you can verify," says one state election official in California.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of July 17, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.