Days ago, Trump’s own national security team made an extremely overdue announcement that Russia would interfere in our elections again, using cyber attacks on voting infrastructure. Three Senate panels are expected to weigh bills that would tighten the security of U.S. voting stations in the coming weeks. Now to give that some alarming context, we learn that an 11-year-old boy named Emmett Brewer and an 11-year-old girl named Audrey Jones just hacked replicas of state election websites in under 10 minutes, changing vote totals drastically.
“The bugs in the code makes us [able] to do whatever we want,” said Audrey Jones.
“We call somebody our own name if we want to, make it look like we won the election!”
According to the BBC:
“While the hacks learned here wouldn’t change actual vote counts – even if carried out for real – they could alter how the vote results were displayed on official websites. It doesn’t take much imagination to picture the furor that would be caused were an official election website to declare the wrong candidate the winner.”
No worries! These websites only report the election results to the public and tell them where to go vote, after all…
— WUSA9 (@wusa9) August 13, 2018
According to a PBS report, another 11-year-old girl also managed to make changes to the same Florida replica website in about 15 minutes, “tripling the number of votes found there.”
“I’m going to try and change the votes for Donald Trump,” says one young hacker named Bianca.
“I’m going to try to give him less votes. Maybe even delete him off of the whole thing.”
Hacking the simulated websites were part of a challenge called the “DEFCON Voting Machine Hacking Village” at the largest annual hacking convention, DEFCON 26 in Las Vegas.
This was the first year hacking elections was the theme.
A group of kids was challenged with hacking 13 imitation websites ” linked to voting in presidential battleground states.”
About 50 kids were tasked with changing candidate and party names and vote count totals. More than 30 of them were able to hack similar state websites in under 30 minutes, according to Nico Sell, co-founder of r00tz Asylum, which promotes “hacking for good.”
During the challenge, the young hackers cast about 12 billion votes and a candidate named “Bob Da Builder” won the fake election.
“We need to take this threat really seriously,” says Sell. “The Secretary of State websites should not be this vulnerable. These are known vulnerabilities. It’s something that we as a society need to gather together and fix, because our democracy is at risk.”
"While the hacks learnt by kids @defcon #r00tz wouldn’t change vote counts(if carried out for real),they could alter the results displayed officially. Easy to imagine the furor were an official website to declare the wrong candidate the winner" @DaveLeeBBC https://t.co/STEWrV0QNq
— r00tz (@r00tzasylum) August 12, 2018
The question that immediately must be asked: If an 11-year-old can do it in such a short time, what does that mean for Russian trolls, trained specifically for the purpose of undermining our elections?
Let’s all contemplate that one as we consider that the Republican-controlled Congress rejected an amendment by the Democrats to fund $380m to be used for voting security in 2019, although the same amount was granted in a previous budget.
Now contrast that with the statement from intelligence director Dan Coats:
“Russia has used numerous ways in which they want to influence, through media, social media, through bots, through actors that they hire, through proxies – all of the above, and potentially more,” said Coats.
Does it seem as if Republicans in Congress are actually inviting election interference in the mid-terms? We bet we could get a very quick and and succinct answer to that from one of DEFCON 26’s 11-year-old hackers.
Featured image: Screenshot via YouTube