1. Extra Categories
  2. Editor's Pick
November 1, 2018updated 02 Nov 2018 1:59pm

Election hacking: Less than half of US states have run cybersecurity tests

By Lucy Ingham

Despite widespread fears surrounding election hacking, just 21 out of 50 US states have tested their election systems for cybersecurity vulnerabilities.

The news has raised considerable concern from the cybersecurity community, as with less than a week to go before the midterm elections, fears of inference are high.

“Voting systems have not been subjected to basic security best practices such as third-party source code review, vulnerability disclosure, and any level of transparency that a critical system should undergo before they are depended on by our democracy,” said Marten Mickos, CEO of hacker-powered security testing service HackerOne.

“As a result of this, voting machines are actually at a higher risk than many other critical systems.”

Why cybersecurity tests are needed to stop election hacking

Aside from the fact that running cybersecurity tests can help identify potential vulnerabilities, and so aid the prevention of election hacking attempts, they also help maintain the integrity of the democratic process.

“It is imperative that society set strict security standards on voting systems and that old machines are updated or entirely taken out of commission. Otherwise, trust by citizens in the voting system will erode, which would not bode well for democracy,” said Mickos.

This is particularly important in the US as election machines have been used now for many years, meaning the technology is not as security focused as it would be if developed today.

“Until recently, the public was largely unaware that voting machines could be targets of cyberattacks. To those in the security industry, however, it comes as no surprise that these systems are hackable,” he added.

“The electronic voting machines and systems were developed in an era when cybersecurity was not a priority.”

Americans defy hacking threat

There are fears that election hacking will take place in the midterms, with the threat from Russia particularly acute given recent revelations about the nation’s cyber engagement practices.

However, this has so far not put off the majority of voters.

According to research by HackerOne, while 12% have said they are less likely to vote over election hacking concerns, 45% say they are now more likely to vote in defiance of the threat. Among registered voters, this rises to 50%.

“Our democracy is under attack.We now have concrete evidence of criminal hacking and foreign interference influencing US elections. The revelation of this threat has galvanized Americans into getting involved,” said Alex Rice, co-founder and CTO of HackerOne.

“This engagement will provide some counterbalance to the threat but it’s not enough. We must demand additional transparency and action from election officials to safeguard the integrity of this essential institution.”