Schoolboy Hacked Mock Florida Election Site In 10 Minutes

Uploaded on 2018-11-13 in NEWS-Cybersecurity News, GOVERNMENT-Local, FREE TO VIEW

At the annual hacker conference DefCon erlier this year, Emmett Brewer, an 11-year-old boy from Austin, Texas, was able to change the results on a mock Florida election website. It took him 10 minutes.

Though the website in question was a mere replica of the Florida Secretary of State website, the hack points to the larger vulnerabilities of the election infrastructure.

This comes on the heels of Russian meddling in the 2016 US election, Microsoft has already detected evidence of Russian interference in three races in the 2018 mid-terms. 

The hacking event was part of a hands-on workshop within the larger cybersecurity conference. In a series of exercises, adults and kids participating in the “DefCon Voting Machine Hacking Village” attempted to manipulate party names, candidate names, and vote-count totals on mock websites from key battleground states. 

Brewer was one of about 50 children between the ages of 8 and 16 who took part.

“The site may be a replica but the vulnerabilities that these kids were exploiting were not replicas, they’re the real thing,” Nico Sell, the event organizer, told PBS.

In a statement, the National Association for Secretaries of State questioned the hacking event, claiming it was not a realistic proxy for the systems currently in use.

DefenseOne

You Might Also Read:

Election Hacking Threatens US Mid-Terms:

US Air Force Hacked By Teenager:

« Why The Public Directory Of Domain Names Is About To Vanish
Neither US, Russia Or China Will Sign Macron's Cyber Pact »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Privacy Professor

Privacy Professor

Privacy Professor provides information privacy, security and compliance services, tools and products to organizations in a wide range of industries.

Cloud Foundry Foundation (CFF)

Cloud Foundry Foundation (CFF)

Cloud Foundry supports the full application development lifecycle, from inception, through all testing stages, to deployment.

Nordic IT Security

Nordic IT Security

Nordic IT Security is a cyber security business forum in Scandinavia bringing together the converging worlds of IT, Cyber and Information Security.

Johnson Controls International

Johnson Controls International

Johnson Controls is a global diversified technology company with a focus on smart cities, energy, infrastructure and transportation including the security of automation and control systems.

Risk Based Security (RBS)

Risk Based Security (RBS)

Risk Based Security provide the most comprehensive and timely vulnerability intelligence, breach data and risk ratings.

Trusona

Trusona

Trusona is a pioneer and leader in passwordless two-factor authentication (2FA).

US Marine Corps Forces Cyberspace Command (MARFORCYBER)

US Marine Corps Forces Cyberspace Command (MARFORCYBER)

US Marine Corps Forces Cyberspace Command (MARFORCYBER) conducts full spectrum military cyberspace operations in order to enable freedom of action in cyberspace and deny the same to the adversary.

Winbond Electronics

Winbond Electronics

Winbond is a Specialty memory IC company. Product lines include Code Storage Flash Memory, TrustME® Secure Flash, Specialty DRAM and Mobile DRAM.

InfusionPoints

InfusionPoints

InfusionPoints is your independent trusted partner dedicated to assisting you in building your secure and compliant business solutions.

Lupovis

Lupovis

Lupovis is an AI-based deception solution that deploys active decoys turning your network from a flock of sheep to a pack of wolves where the hunter becomes the hunted.

RiskOpsAI

RiskOpsAI

RiskOpsAI (formerly OptimEyes) is an AI/ML driven Integrated Risk Modeling and Decisioning Platform functioning as an advanced GRC/Risk Management Integration Accelerator.

Splashtop

Splashtop

Splashtop’s cloud-based, secure, and easily managed remote access solution is increasingly replacing legacy approaches such as virtual private networks.

Pixee

Pixee

Pixee fixes vulnerabilities, hardens code, squashes bugs, and gives engineers more time to focus on the work that counts.

SGS Brightsight

SGS Brightsight

SGS Brightsight is the largest independent security evaluation lab in the world, with ten recognised labs worldwide.

Krash Consulting

Krash Consulting

Krash Consulting is a premier provider of Cyber Security solutions, offering a range of services to safeguard businesses against cyber-attacks, minimize fraud, and protect brand reputation globally.

Operant AI

Operant AI

Operant AI is the only Runtime AI Application Defense Platform that actively protects every layer of live cloud and AI applications from infra to APIs.