The top United States seller of voting machine technology, Election Systems & Software LLC, will be working together with computer-security experts to locate and discover potential vulnerabilities of its systems.
Hackers gain access to systems
The US general elections are only three months away. On Wednesday, ES&S's Chief Information Security Officer, Chris Wlaschin, announced that the company would seek out security researchers at the annual Black Hat hacker convention that will be held virtually this year.
According to the Wall Street Journal, Wlaschin will outline a new vulnerability disclosure policy which details safe harbor protections that the company will provide to legitimate researchers if or when they discover anomalies in the system and notify ES&S.
The provisions in the new policy are similar to what most companies already have including computer equipment of vehicles and medical devices, as manufacturers contract help from outside their companies to ensure their products' security.
However, researchers said ES&S have previously been wary of seeking outside help from security experts to have access to their systems.
The decision to allow outside access to the company's systems comes after the Department of Homeland Security (DHS) announced a statement last week calling for increased cooperation between companies, election officials, and security researchers after it released guidance given to election administrators to address vulnerabilities to voting systems.
Previously, ES&S and a few election officials had defended their arguments against seeking the help of security researchers saying some hackers conducted unrealistic scenarios and published claims for attention. They added real-world polling was equipped with safeguards including poll workers and fellow voters that made the system resistant to hacking and fraud.
Recently, national security officials of the US have warned about the potential threat to the election that foreign rivals pose. Intelligence officials said Russia had previously probed state election systems and interfered with events using social media during the elections in 2016 which Moscow had since denied, as reported by Kiosk Marketplace.
The concerns over voting fraud and hacking have been on the rise as the University of Michigan, and MIT researchers discovered that an online voting platform that some states are currently using have serious vulnerabilities that some nefarious individuals could take advantage of to alter votes without anyone noticing.
One system in question is OmniBallot that Democracy Live created and is used for statewide primaries in Delaware and West Virginia along with several localities in New Jersey and other states.
According to Business Insider, OmniBallot provides a means for voters to cast their votes online, a relatively rare method that had previously been used only by voters from overseas. Recently, however, some states have expanded online voting to support in-person polls due to the health risks of the coronavirus pandemic when large crowds of people gather.
Hackers can gain access to OmniBallot's vote tallies by breaching servers or any one of the third-party web services providers such as Amazon or Google. Researchers say a security attack of that scale could also come from an insider working within Democracy live.