Officials watch hackers pick apart voting machines at Las Vegas conference

DEF CON's Voting Village allowed hackers to prod and reprogram ballot machines, though a group representing states' top election officials said it wasn't an accurate physical or cyber representation of current protections.

For the second year in a row the annual DEF CON hacker conference’s Voting Village filled a Las Vegas convention hall with white-hat hackers tinkering with ballot machines, mock voter registration databases and replicas of election-results websites in an attempt to expose vulnerabilities in U.S. elections.

The session drew the attention of California Secretary of State Alex Padilla, who told CyberScoop’s Sean Lyngaas , “I’m here to learn.”

But not all of Padilla’s fellow statewide election chiefs were as open to watching hackers — some as young as 11 — take apart and manipulate election equipment.

“Our main concern with the approach taken by DEFCON is that it utilizes a pseudo environment which in no way replicates state election systems, networks or physical security,” says a statement released Friday by the National Association of Secretaries of State. “Providing con­ference attendees with unlimited physical access to voting machines, most of which are no longer in use, does not replicate accurate physical and cyber protections established by state and local governments before and on Election Day.”


But DEF CON organizers said the voting machines on display at the Voting Village are, in fact, still in use in many states, with one of the Voting Village’s leaders lambasting NASS as “f—ing luddites.”

The first Voting Village was convened last year in light of federal officials’ report that Russian hackers attempted to penetrate the election systems of at least 21 states during the the 2016 presidential election. Top cybersecurity officials have said that this year’s midterm elections are a target for Russian cyberattacks.

States are also figuring out how to spend their shares of $380 million in federal election-assistance funds Congress authorized earlier this year, though the individual sums they’re receiving will not be enough to entirely replace their existing voting equipment. California was awarded $36.3 million, though Padilla said that’s just a start, CyberScoop reported.

“We really need to think as a society about giving election officials significantly more resources as technical threats have become more and more prominent,” Padilla said.

Read the full story on CyberScoop .

Benjamin Freed

Written by Benjamin Freed

Benjamin Freed was the managing editor of StateScoop and EdScoop, covering cybersecurity issues affecting state and local governments across the country. He wrote extensively about ransomware, election security and the federal government’s role in assisting states and cities with information security.

Latest Podcasts