With various elections now taking place in the U.S., a recent report published by Ariel J. Feldman, J. Alex Halderman and Edward W. Felten of Princeton University details insecurities found in AccuVote-TS/x e-voting machines. Pointing out and detailing three different types of software-based attacks, this paper is sure to receive further attention.
The question is will it be the attention of malicious attackers, or from Diebold and the U.S. government.
From a malware research perspective, the most interesting attack detailed in the article is the Vote stealing virus. After reading this section of the paper I was left with the impression of a small malicious program with rootkit-like characteristics. We aren’t talking about hidden files and modified software kernels however. In the described attack, covering tracks is as easy as modifying two separate data files in a way that end results agree with each other.
As described the malicious program randomly steals votes from one candidate and gives them to another. The authors of the paper understand well enough about election fraud, and took steps to ensure their malicious program did not result in a completely lopsided election result. In theory, if the results “feel” right, officials won’t detect the fraud and may accept the results. There will be no need for people to vote again.
All-in-all a very interesting paper, and unlike the recent RFID proof-of-concept paper this one seems to have substance to it. One can easily imagine a would-be attacker slipping into a small, hidden, enclosed space to do their thing. In this case, that small enclosed space might just be your local voting booth!