“Earlier this year, I attended a conference and was shocked to find that you could actually buy voting machines on eBay. So I bought one, two months ago, and have been able to open it up and look at the chips.”

Beatrice Atobatele is trying to hack one of the most commonly used voting machines in the US, to look for security vulnerabilities, but not with any criminal intentions.

Beatrice is actually one of more than 200 people who have signed up to a volunteer group of security experts and hackers called the Election Cyber Surge.

And by understanding how this machine works, she hopes she can ensure any vulnerabilities are fixed.

“I’ve bypassed the authentication itself,” she says.

“I’m still learning and trying to find any new vulnerabilities that might not be known about yet.”

Human error

The problem with US elections, Beatrice and others say, is how disjointed they are.

Most estimates suggest there are about 8,000 separate election jurisdictions.

The equipment and voting methods vary dramatically.

And every step of the process is vulnerable to hackers and human error.

Soccer-obsessed daughters

In the polling booth, there are many different systems, from direct-recording electronic voting machines to ballot-marking devices and paper-based systems.

And the more digitised and connected a system is, the higher the risk of some sort of cyber-interference.

Like all the volunteers, Beatrice’s research is conducted outside of her day job.

And as a keen footballer, and mother to two soccer-obsessed daughters in New York City, she has to fit the volunteering around a busy schedule.

She didn’t plan to get into cyber-security at all.

But 17 years ago, she lost more than $1,000 (£775) after hackers used her account to buy five pairs of Nike trainers.

It spurred her on to a new career path.

And she is now a security specialist for state and local government.

‘Worst-case scenario’

Despite the pressure she’s under, Beatrice is desperate to help the election run smoothly.

“Every vote cast should count,” she says.

“The thing that I’m worried about is some sort of ransomware attack on these machines on the day, which would stop people from voting.

“That’s my worst-case scenario.”

A ransomware attack is when hackers take over a computer system or encrypt data until the victims have paid a ransom.

Potential problems

Beatrice and the rest of the Election Cyber Surge group are aware time is running out.

By now, it’s too late to update physical voting equipment.

But she is still searching for critical software flaws and offering to help election officials better understand their machines and any potential problems.

The group is being led by the University of Chicago’s Cyber Policy Institute, trying to “open up a line of communication between election officials and a network of volunteers for direct communication about cyber-security matters” leading up to the 3 November vote.

Hackers from all over the US have signed up to help secure the election or deal with any attacks that could derail an already fraught process.

“It’s not just voting machines on polling day that could be vulnerable to cyber-attack,” Christopher Budd, another volunteer from Washington state, says.

“With my hacker hat on, going after the registration lists being compiled right now across the US would be a great way to disrupt an election.

“If I’m not registered or if my registration record is altered in some way, even if the voting system is completely secure, my vote might not count.”

And again, the disjointed nature of the electoral system adds risk.

The security and even the actual structure of voter-registration databases vary.

And an FBI alert in the lead-up to the 2016 election warned foreign actors had gained access to some of these databases.

LEAVE A REPLY

Please enter your comment!
Please enter your name here