기본 콘텐츠로 건너뛰기

The ABCs of Hacking a Voting Machine


A hacker who successfully infiltrated a voting machine at last year's DEF CON will demonstrate at Black Hat USA how he did it, as well as what he later found stored on other decommissioned WinVote machines.
It took computer scientist Carsten Schuermann just minutes last year to hackinto one of the 30 pieces of voting equipment sitting in a cramped room in Caesar's Palace that housed DEF CON's maiden Voting Machine Village. He fired up his laptop, quickly spotted a WinVote voting machine on the Wi-Fi network using Wireshark, and then typed in a command that launched a Metasploit exploit.
"And, poof, that was it," Schuermann says. He was able to access the Windows XP-based voting machine using the Remote Desktop Protocol (RDP), exposing real election and voting data that was still stored in it. The voting machine's inherent weaknesses made it an easy mark: It ran XP (Service Pack 0), Wi-Fi and RDP were enabled by default, it employed the outdated WEP security protocol, and the majority of WinVote machines he had studied all used the same password: "abcde."  
"The only changes I did was turn off the machines remotely, and we added new files to the directories," he says. His exploit used an old buffer overrun flaw in XP, which apparently had not been patched on the voting machine.
Schuermann had been studying security weaknesses in the WinVote machine back at his home office at the IT University of Copenhagen in Denmark. He now has eight decommissioned WinVote machines that were used in previous elections – four from Virginia – that he's been dissecting and looking for clues of compromise and hacking attempts. He'll be back in Vegas in August at Black Hat USA, demonstrating just how he hacked the machine at DEF CON, as well as sharing some research findings from the WinVote machines he's been studying. 
"I'm going to bring a machine and show how easy it is to hack ... exploiting the same vulnerability" used in last year's DEF CON contest, he says. Schuermann, an academic expert in election security who has been studying election security for a decade, used a root shell script to control the machine, and says he can change data on the voting machines. The notoriously insecure WinVote machines – which don't include a paper-trail feature – were replaced in Virginia prior to the 2016 election, but some localities, including some in Pennsylvania, still use them.
"Since these machines all have the same access point they connect to, once you know how to get into that wireless network ... and use the 'abcde' password, then you have networking access to the machine and can deploy the exploit. Then you're in," he says. "The scary thing is you could make this automatic: You could drive by polling stations and make changes on all of the totals in the voting machines."
Schuermann has been conducting forensic investigations on the disks in the WinVote machines using the so-called Autopsy tool. "I was trying to understand if everything was OK with the machine or was it hacked," he says.
But because the machine's XP platform doesn't provide system logging, there's no way to track whether someone connected remotely to the machine. "There's no trail of who accessed it," Schuermann says. So the only way to spot a potential hack is the data on the disks.
So far, Schuermann has found traces of MP3 files on the disks of one of the WinVote machines, including a Chinese music file, he says. It appears the machine was used to record songs from CDs and play MP3s.
"But there's no evidence real hacking happened" on the machines so far, he says, and no signs of election-meddling in vote counts. 
Even so, Schuermann says hacking one of the machines would have been fairly simple. "If anyone really knows what they are doing, they could hack those machines in a minute. And once you've hacked one, you know [how] to hack [others]," he says.
The biggest risk overall, he says, is citizens losing trust in an election and the voting systems if hackers are able to break into them and alter or change results. "Now, with the Russia investigation and election interference, people are becoming more aware that this is not only possible but also likely someday. That's the scary part," he says. 
His message for the US midterm elections: "How important [a] paper [trail] is," he says.
Home Page Photo Credit: Monica M. Davey / Epa/Shutterstock  
Related Content:

Kelly Jackson Higgins / 7/25/2018 / 07:00 PM

댓글

댓글 쓰기

이 블로그의 인기 게시물

Six Tools Used by Hackers to Steal Cryptocurrency: How to Protect Wallets

In the early July, it was  reported  that Bleeping Computer detected suspicious activity targeted at defrauding 2.3 million Bitcoin wallets, which they found to be under threat of being hacked. The attackers used malware — known as “clipboard hijackers” — which operates in the clipboard and can potentially replace the copied wallet address with one of the attackers. The threat of hacking attacks of this type has been  predicted  by Kaspersky Lab as early as November of last year, and they did not take long to become reality. For the time being, this is one of the most widespread types of attacks that is aimed at stealing users’ information or money, with the overall estimated share of attacks to individual accounts and wallets being about 20 percent of the total number of malware attacks. And there’s more. On July 12, Cointelegraph  published  Kaspersky Lab’s report, which stated that criminals were able to steal more than $9 million in  Ethere...
댓글 쓰기
자세한 내용 보기

BLACK LABEL, Joined CeBIT 2018 hosted in Hanover, Germany

South Korean IT Companies Target the European Digital Market -  KOTRA operates the unified Korean pavilion for Hanover Information Communication Exhibition 2018 ... 56 companies in total. Black Label participated with IoT module and IoT product developed directly at CeBIT 2018 in Hanover, Germany. Click on the blog link below for a list of government press releases and participating companies. 한국 IT 기업들 , 유럽 디지털 시장 공략 -KOTRA, 2018 독일 하노버 정보통신전시회 (CeBIT 2018) 통합 한국관 운영 ... 총 56 개사 참가 블랙라벨이 독일 하노버에서 열린 CeBIT 2018에 직접 개발한  IoT 모듈과 IoT 제품을 가지고 참가했습니다. 아래의 블로그 링크를 클릭하시면 정부보도자료와 참가업체 리스트를 확인하실 수 있습니다. http://blog.daum.net/htiger31/18387695 블랙라벨 관련 문의사항 HP: 010-9818-3511 / 이메일:  uklim72@gmail.com 블랙라벨 홈페이지  https://blacklabel.io/index.do
댓글 쓰기
자세한 내용 보기

Keeping Smart Homes Safe And Secure

Bad actors are increasingly targeting connected devices, and network providers are fighting back. But when it comes to protecting the IoT, a one-size-fits-all approach simply doesn’t fit. The security measures that protect IoT devices in business settings don’t readily translate to devices in consumers’ homes, says Marcio Avillez, SVP of networks at CUJO AI. In the latest Intelligence of Things Tracker, Avillez makes a case for taking a device-specific approach in thwarting threats to smart homes. Consumers often find the promise of greater convenience to be a convincing reason to buy connected devices. Unfortunately, reports of breached connected devices are all too frequent, and consumers may find they are introducing not just connectivity, but also bad actors, into their homes. IoT-related breaches are innumerable. In 2017, the FBI  warned  consumers against purchasing IoT-connected toys, stating that such devices could be hacked and used to record and spy on c...
댓글 쓰기
자세한 내용 보기