Report details persistent voting system vulnerabilities

U.S. voting systems remain vulnerable to cyberattacks three years after documented efforts to penetrate election machines, according to a report released Thursday.

The report is based on the findings of the white-hat hacker DEFCON Voting Village, an annual gathering of hackers that uses election machines to find vulnerabilities that could allow someone to interfere with the voting process.

This year’s event allowed hackers to test voting equipment, including e-poll books, optical scan paper voting devices and direct recording electronic voting machines — all certified for use in at least one U.S. voting jurisdiction.

“Voting Village participants were able to find new ways, or replicate previously published methods, of compromising every one of the devices in the room in ways that could alter stored vote tallies, change ballots displayed to voters, or alter the internal software that controls the machines,” the report said.

Despite the “disturbing” findings of the report, the authors wrote that the findings were “not surprising,” particularly in light of the fact that many of the election equipment cyber vulnerabilities found were “reported almost a decade earlier.”

Equipment that was tested included those made by leading voting machines companies Election Systems and Software and Dominion Systems.

Neither company immediately responded to a request for comment.

The authors emphasized the need to secure the supply chain involved in building election equipment, noting the vulnerabilities posed by using components originating in foreign countries.

And they emphasized an “urgent need for paper-ballots and risk-limiting audits.”