It takes less than two minutes to hack into voting machines used in more than a dozen states, including one of the nation’s biggest swing states, Pennsylvania, correspondent Aaron Morrison reported in Thursday’s episode of Mic Dispatch.
Several cybersecurity experts say the AccuVote TSx, a voting machine created by Dominion Voting, can be easily compromised with a ballpoint pen and no additional tools.
CEO of SocialProof Security Rachel Tobac demonstrated just how simple it can be to access the insides of an AccuVote voting machine. A button at the top of the machine can be used to tilt the console forward. After unplugging the device found on the right side of the machine, a red button on the left can be used to reboot the machine. This gives the voter administration access.
“The locks are such poor quality in a lot of voting machines that people can bite off a disposable ballpoint pen end and use that to open the lock,” Harri Hursti, co-founder of Defcon’s Voting Village project, said in an interview with Mic Dispatch. Def Con is an annual convention where hackers and cyber security experts trade tricks, tips and secrets. With the Voting Village, Hursti and others showed how simple it is to compromise machines like the AccuVote TSx.
Dominion TSx does little to safeguard against a potential hack.
“Our company does not physically secure any election machines during voting. Election offices handle that job,” a Dominion spokesperson said in a statement to Mic.
Some elections officials are not concerned about the vulnerability of the machines, saying the scenario wouldn’t realistically happen.
“I think that somebody would notice if somebody was doing that in a polling place,” Nadine Manzoni, election director for Pike County in Pennsylvania, said in an interview. Manzoni noted that the county trains poll workers to look for voters spending an unusual amount of time using the machine. Pike County is one of 16 counties in Pennsylvania that use the AccuVote machines, but in the 2019 primaries the state is planning to switch to paper-based systems.
For his part, Hursti is less apathetic about the situation.
“Once you discover that vulnerability, the next step is to weaponize it,” Hursti said.
Check out episode 35 of Mic Dispatch — only on Facebook Watch.