A University of Michigan research team has published a report outlining the successful hack of a prototype online voting system.
The researchers were able to not only infiltrate the systems for the project, but also demonstrated the ability to alter vote counts and access sensitive ballot information.
"This case study—the first (to our knowledge) to analyze the security of a government Internet voting system from the perspective of an attacker in a realistic pre-election deployment—attempts to illuminate the practical challenges of securing online voting as practiced today by a growing number of jurisdictions," the researchers said in their report.
The District of Columbia developed the system in cooperation with the Open Source Digital Voting Foundation, and the project was meant to replace the need for absentee voters to submit their ballots via conventional mail services.
"In 2010, Washington, D.C. developed an Internet voting pilot project that was intended to allow overseas absentee voters to cast their ballots using a website. Prior to deploying the system in the general election, the District held a unique public trial: a mock election during which anyone was invited to test the system or attempt to compromise its security," the report explains.
The University of Michigan research team was invited to participate in trial runs of the new system in an effort to identify security vulnerabilities that could make the networks susceptible to manipulation.
"Our objective was to approach the system as real attackers would: starting from publicly available information, we looked for weaknesses that would allow us to seize control, unmask secret ballots, and alter the outcome of the mock election," the researchers stated.
The team was able to identify and exploit multiple weaknesses in the open source architecture, including a known flaw in the Linux kernel protocol, as well as being able to circumvent the system's encryption.
"Within 48 hours of the system going live, we had gained near complete control of the election server. We successfully changed every vote and revealed almost every secret ballot."
Despite making a lot of "noise" during the exploits and purposefully not cover their tracks, the intrusion was not discovered by system administrators for several days.
"Election officials did not detect our intrusion for nearly two business days—and might have remained unaware for far longer had we not deliberately left a prominent clue," the report notes.
The report warns that the development of online voting systems will be difficult from a security perspective, potentially leaving elections vulnerable to outright manipulation.
"Our simulated attack succeeded at each of these goals and prompted the D.C. BOEE to discontinue its plans to deploy digital ballot return in the November election."