Georgia Secretary of State Brad Raffensperger touted the Mitre report as proof that the state’s voting system is secure. Most would affect “a statistically insignificant number of votes on a single device at a time,” and the attack that could spread malware to many machines requires unrealistic access to Dominion software and machines, the Mitre report says. Mitre said it based its analysis on the difficulty and the technical skill and time required for the proposed attacks. In that report, which was also made public Wednesday, Mitre deemed the potential attacks “operationally infeasible.” Last year, Dominion commissioned a report by the Mitre Corporation’s National Election Security Lab to assess the risks Halderman identified. The attacks would likely not be detected by Georgia’s current practices and protocols, the report says. Halderman also said that by modifying certain files that election workers copy to voting machines before each election an attacker could spread malware to every voting machine in a county, or the whole state, without physical access to individual machines. Malware could be installed on individual voting machines by people with temporary physical access, such election workers or voters, the report says. His findings mean Georgia voters cannot be confident their votes are secured and correctly counted or that future elections using the current system will be safe from attack and produce the correct result, the report says. Halderman wrote that in examining a Dominion ImageCast X voting machine and associated equipment, he “played the role of an attacker and attempted to discover ways to compromise the system and change votes.”Ī longtime critic of electronic voting machines, Halderman advocates using hand-marked paper ballots read by scanners along with robust post-election audits. Georgia’s touchscreen voting machines print a paper ballot with a QR code and a human-readable list reflecting the voter’s selections, and votes are tallied by a scanner that reads the QR code. Halderman called the revelation that Georgia wouldn’t install the software upgrade until 2025 “stunning.” That gives potential attackers time to plan and execute attacks in 2024 elections, he said. “While we are constantly working to offer the latest security features and innovations to our customers, the CISA advisory clearly states that exploitation of any of the issues raised can be mitigated by following standard procedural and operational security processes for administering elections,” the company said in an emailed statement. Gabriel Sterling, chief operating officer for the Georgia secretary of state’s office, dismissed Halderman’s claims as “theoretical in many ways.” Even if no attack happens, Halderman wrote, the existence of vulnerabilities “is all but certain to be exploited by partisan actors to suppress voter participation and cast doubt on the legitimacy of election results.” “No grand conspiracies would be necessary to commit large-scale fraud, but rather only moderate technical skills of the kind that attackers who are likely to target Georgia’s elections already possess,” the report says. A redacted version was made public Wednesday. His report was filed with the court and kept under seal for nearly two years. Alex Halderman spent 12 weeks examining the ImageCast X voting machines used statewide in Georgia and by at least some voters in more than a dozen other states. University of Michigan computer scientist J. They insist the state’s elections are secure. But the time and labor required to install the latest Dominion software makes it unrealistic to do it before the 2024 election cycle, they say. Georgia election officials say they’re doing just that. Cybersecurity and Infrastructure Security Agency, or CISA, last year published an advisory based on those findings that urges election officials to take steps to mitigate the risks “as soon as possible.” The vulnerabilities in the Dominion Voting Systems equipment were identified by an expert witness in a lawsuit challenging the constitutionality of Georgia’s election system. ATLANTA (AP) - Critics of Georgia’s plan to wait until after next year’s presidential election to install a software update to address security flaws on the state’s voting equipment called that irresponsible, saying the machines would be left open to attack.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |