Post by the Scribe on Mar 8, 2020 14:34:33 GMT
From voter suppression, to election chaos to election theft. A very good interview from NPR.
Cybersecurity reporter Kim Zetter warns that our election systems, including our voting machines, are vulnerable to hacking: "We can't rule out that elections haven't already been manipulated."
Elections
mp3 to listen:
ondemand.npr.org/anon.npr-mp3/npr/fa/2017/07/20170720_fa_01.mp3?orgId=427869011&topicId=139482413&d=1176&p=13&story=538312605&t=progseg&e=538312289&seg=1&siteplayer=true&dl=1
The Insecurity Of America's Old And Underfunded Voting Systems
TERRY GROSS, HOST:
transcript:
This is FRESH AIR. I'm Terry Gross. I want you to think back to the computer you had 10 years ago. It's a long time in computer years, right? That old computer would be pretty out-of-date now. Well, consider America's voting infrastructure. Most of the electronic touch screens and optical scan voting systems are more than 10 years old. They're too old to download the latest security patches. Our election system was already hacked by Russia.
My guest Kim Zetter has been writing about our voting system's vulnerabilities since 2003, in the aftermath of the contested Bush v. Gore election. Last month, before the special election in Georgia between Democrat Jon Ossoff and Republican Karen Handel, Zetter wrote a long article in Politico about critical security problems in Georgia's election systems, which are representative of the larger problem. She's a former reporter for Wired and wrote the 2014 book "Countdown To Zero Day: Stuxnet And The Launch Of The World's First Digital Weapon."
Kim Zetter, welcome to FRESH AIR. You know, there's so much news to keep straight. So help us out here, if you will, and just sum up what we know about what was hacked by Russia in our voting system - in our election system.
KIM ZETTER: All we have right now are, you know, a few published reports that have coming out of intelligence agencies and news outlets. And those focus right now, not on the voting systems where the votes are cast or tallied but on voter registration systems, or, essentially, the servers that store voter registration databases and also, in one case in Florida, with a company that creates voting registration software and interacts with election officials.
And so what we know is that - from reports - is that hackers somehow connected to Russian intelligence accessed or probed those kinds of systems in 39 states. Now when we say probe, what we mean is that they are looking for - and sometimes it can be simply an automated scan, and they're looking for any kind of vulnerability in the server to see if they actually can get into it.
And that doesn't mean that they actually breached those. We know from one of the hearings on Capitol Hill that there were actually only two states where they breached the networks and looked like they were making attempts to either delete data or change data.
GROSS: So this could be laying the groundwork for a future attack.
ZETTER: Sure. And it - and in some cases, it can be a jumping off point to getting further into more critical systems. I'll just address, first of all, what you can do by getting into the voter registration databases. You could delete voters' records, or you could alter them in some way that creates problems for voters when they go to the polls that disenfranchises them. Maybe it indicates that they should be voting at a different polling place, and so they end up running around in the morning, from polling place to polling place, trying to find their correct polling place. Or officials tell them you're not registered.
So a lot of things can cause delays and backups and chaos. But sometimes these voter registration systems are connected to systems that are used to program the voting machines. Now, this shouldn't be the case. And in many cases, election officials will assure us publicly that that's not the case.
But security is very difficult to get right. And security is not - is sort of the enemy of efficiency. If you want to do things efficient, security is sort of against that because it requires you to take all of these extra precautions. And so quite often, you'll find that systems that should be separated aren't always securely separated.
GROSS: Now, you've emphasized that we know what we know largely through reporters uncovering it and through leaks that the reporters receive. Do you think that American citizens should know exactly what's going on with our voting and election system?
ZETTER: Yes. And I think that - I mean, you know, not just the public but election officials right now are in the dark as well. Those 39 states that were probed, you know, not all of that information has been disclosed specifically to the ones who were targeted there.
And I think that in some cases, you know, election officials don't have security clearances. So if there is more significant information that the intelligence agencies have, election officials right now aren't - and even secretaries of states, who are considered the top election official in most states - they don't have the clearances to actually get more information.
GROSS: Let's talk about some of the things you've added to our knowledge of what's gone wrong with our election system.
more: www.npr.org/2017/07/20/538312605/the-insecurity-of-americas-old-and-underfunded-voting-systems
Cybersecurity reporter Kim Zetter warns that our election systems, including our voting machines, are vulnerable to hacking: "We can't rule out that elections haven't already been manipulated."
Elections
mp3 to listen:
ondemand.npr.org/anon.npr-mp3/npr/fa/2017/07/20170720_fa_01.mp3?orgId=427869011&topicId=139482413&d=1176&p=13&story=538312605&t=progseg&e=538312289&seg=1&siteplayer=true&dl=1
The Insecurity Of America's Old And Underfunded Voting Systems
TERRY GROSS, HOST:
transcript:
This is FRESH AIR. I'm Terry Gross. I want you to think back to the computer you had 10 years ago. It's a long time in computer years, right? That old computer would be pretty out-of-date now. Well, consider America's voting infrastructure. Most of the electronic touch screens and optical scan voting systems are more than 10 years old. They're too old to download the latest security patches. Our election system was already hacked by Russia.
My guest Kim Zetter has been writing about our voting system's vulnerabilities since 2003, in the aftermath of the contested Bush v. Gore election. Last month, before the special election in Georgia between Democrat Jon Ossoff and Republican Karen Handel, Zetter wrote a long article in Politico about critical security problems in Georgia's election systems, which are representative of the larger problem. She's a former reporter for Wired and wrote the 2014 book "Countdown To Zero Day: Stuxnet And The Launch Of The World's First Digital Weapon."
Kim Zetter, welcome to FRESH AIR. You know, there's so much news to keep straight. So help us out here, if you will, and just sum up what we know about what was hacked by Russia in our voting system - in our election system.
KIM ZETTER: All we have right now are, you know, a few published reports that have coming out of intelligence agencies and news outlets. And those focus right now, not on the voting systems where the votes are cast or tallied but on voter registration systems, or, essentially, the servers that store voter registration databases and also, in one case in Florida, with a company that creates voting registration software and interacts with election officials.
And so what we know is that - from reports - is that hackers somehow connected to Russian intelligence accessed or probed those kinds of systems in 39 states. Now when we say probe, what we mean is that they are looking for - and sometimes it can be simply an automated scan, and they're looking for any kind of vulnerability in the server to see if they actually can get into it.
And that doesn't mean that they actually breached those. We know from one of the hearings on Capitol Hill that there were actually only two states where they breached the networks and looked like they were making attempts to either delete data or change data.
GROSS: So this could be laying the groundwork for a future attack.
ZETTER: Sure. And it - and in some cases, it can be a jumping off point to getting further into more critical systems. I'll just address, first of all, what you can do by getting into the voter registration databases. You could delete voters' records, or you could alter them in some way that creates problems for voters when they go to the polls that disenfranchises them. Maybe it indicates that they should be voting at a different polling place, and so they end up running around in the morning, from polling place to polling place, trying to find their correct polling place. Or officials tell them you're not registered.
So a lot of things can cause delays and backups and chaos. But sometimes these voter registration systems are connected to systems that are used to program the voting machines. Now, this shouldn't be the case. And in many cases, election officials will assure us publicly that that's not the case.
But security is very difficult to get right. And security is not - is sort of the enemy of efficiency. If you want to do things efficient, security is sort of against that because it requires you to take all of these extra precautions. And so quite often, you'll find that systems that should be separated aren't always securely separated.
GROSS: Now, you've emphasized that we know what we know largely through reporters uncovering it and through leaks that the reporters receive. Do you think that American citizens should know exactly what's going on with our voting and election system?
ZETTER: Yes. And I think that - I mean, you know, not just the public but election officials right now are in the dark as well. Those 39 states that were probed, you know, not all of that information has been disclosed specifically to the ones who were targeted there.
And I think that in some cases, you know, election officials don't have security clearances. So if there is more significant information that the intelligence agencies have, election officials right now aren't - and even secretaries of states, who are considered the top election official in most states - they don't have the clearances to actually get more information.
GROSS: Let's talk about some of the things you've added to our knowledge of what's gone wrong with our election system.
more: www.npr.org/2017/07/20/538312605/the-insecurity-of-americas-old-and-underfunded-voting-systems