It’s 10 a.m. at Caesar’s Palace hotel and casino in Las Vegas, and the conference room is packed.
Scores of hackers, cybersecurity professionals, and press have gathered at the DEF CON hacker conference to hear straight from the horse’s mouth just how bad things are when it comes to securing our elections. And, as Department of Homeland Security’s assistant secretary for the office of cybersecurity and communications Jeanette Manfra explained, it’s bad.
“I yearn for the days when we were just worried about the electric grid going down,” she told the crowd.
Which, well, is not exactly what anyone wants to hear with the 2018 midterms on the horizon and known Russian attempts to influence the 2016 presidential election not that far in the rear-view mirror.
Manfra said that, while it’s “really difficult to manipulate the actual vote count itself” without detection, there are very real concerns. For example, she painted a picture in which, on election day, registered voters turn up at their correct polling places only to find that the poll workers’ documentation says they should actually vote somewhere else. And so provisional ballots are cast — again, and again, and again, as voter after voter runs into problems and the lines to vote grow.
Basically, the election system doesn’t need to be totally broken to cause serious problems — clogged up will do just fine for those looking to throw a wrench into our collective faith in election integrity.
For those at DEF CON, none of this is abstract. To see first hand what Manfra was talking about, all one had to do was walk down the hall to the Vote Hacking Village — where researchers and the generally curious teamed up to tear down and hack voting machines from around the country.
The general idea? Find the flaws, before the bad guys do.
“Every voting machine in this room is in use in [the] next election [in] 2018,” explained Village co-founder Harri Hursti. “Every single one, every single model, is a model still in use.”
This is the Vote Hacking Village’s second year at DEF CON. Last year, all the voting machines in the village were hacked within three hours. There is no reason to doubt this year will be substantially different.
Certainly, there’s a big difference between a voting machine room at a hacker conference where pwning the machines is encouraged, and an actual polling place in an election. But it’s enough to have DHS worried to reach out to the hacker community.
“[This is the] first time in a national security space the government is not on the front lines,” said Manfra. Instead, she pointed out, private individuals or organizations often are. She wants their help. She noted that she hoped those in the crowd would, if not work for DHS, would work with the government agency.
Manfra’s message may not have been as well-received as she might have hoped. At least one heckler yelled “fake news” and “feds didn’t used to give talks at DEF CON” as attendees left the conference hall. For the sake of democracy, here’s hoping he didn’t speak for everyone.