Schoolboy Hacked Mock Florida Election Site In 10 Minutes

Uploaded on 2018-11-13 in NEWS-Cybersecurity News, GOVERNMENT-Local, FREE TO VIEW

At the annual hacker conference DefCon erlier this year, Emmett Brewer, an 11-year-old boy from Austin, Texas, was able to change the results on a mock Florida election website. It took him 10 minutes.

Though the website in question was a mere replica of the Florida Secretary of State website, the hack points to the larger vulnerabilities of the election infrastructure.

This comes on the heels of Russian meddling in the 2016 US election, Microsoft has already detected evidence of Russian interference in three races in the 2018 mid-terms. 

The hacking event was part of a hands-on workshop within the larger cybersecurity conference. In a series of exercises, adults and kids participating in the “DefCon Voting Machine Hacking Village” attempted to manipulate party names, candidate names, and vote-count totals on mock websites from key battleground states. 

Brewer was one of about 50 children between the ages of 8 and 16 who took part.

“The site may be a replica but the vulnerabilities that these kids were exploiting were not replicas, they’re the real thing,” Nico Sell, the event organizer, told PBS.

In a statement, the National Association for Secretaries of State questioned the hacking event, claiming it was not a realistic proxy for the systems currently in use.

DefenseOne

You Might Also Read:

Election Hacking Threatens US Mid-Terms:

US Air Force Hacked By Teenager:

« Why The Public Directory Of Domain Names Is About To Vanish
Neither US, Russia Or China Will Sign Macron's Cyber Pact »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Blue Frost Security

Blue Frost Security

Blue Frost Security provides high-level IT security consulting, penetration testing services, ISO 27001 Solutions, PCI compliance solutions and training.

Arsenal Insurance Company

Arsenal Insurance Company

Arsenal is an insurance provider based in Moscow, Russia. Services offered include Cyber Risk insurance.

Dubex

Dubex

Dubex is Denmark's leading business-oriented IT security specialist.

Cybersecurity Association of Maryland (CAMI)

Cybersecurity Association of Maryland (CAMI)

CAMI’s mission is to create a global cybersecurity marketplace in Maryland and generate thousands of high-pay jobs through the cybersecurity industry.

Quokka

Quokka

Quokka (formerly Kryptowire) is the source for mobile security and privacy solutions, staying steps ahead of the threat and delivering peace of mind.

Cask Government Services

Cask Government Services

Cask Government Services focuses on program management, cybersecurity, logistics, business analysis and engineering services for Federal, State and Local Government.

Workz Group

Workz Group

Workz connects and protects mobile subscribers of today and tomorrow by providing secure removable or embedded SIMs and remote provisioning solutions for consumer, M2M and IOT devices.

Irish National Accreditation Board (INAB)

Irish National Accreditation Board (INAB)

INAB is the national accreditation body for Ireland. The directory of members provides details of organisations offering certification services for ISO 27001.

Data Terminator

Data Terminator

Data Terminator provide a comprehensive range of secure data destruction equipment and services are in compliance to US Department of Defense (DoD) and National Security Agency (NSA) standards.

Utility Cyber Security Forum

Utility Cyber Security Forum

The Utility Cyber Security Forum offers a focused venue in which utility executives can network one-on-one with colleagues facing issues in protecting against cyber attacks.

Protocol Labs

Protocol Labs

Protocol Labs is a research, development, and deployment institution for improving Internet technology.

Sylint

Sylint

Sylint is an internationally recognized cyber security and digital data forensics firm with extensive experience discretely addressing some of today’s biggest cyber breaches.

Intersistemi Italia

Intersistemi Italia

Intersistemi is a leading Italian company in the field of information technology integration and digital transformation including cybersecurity.

Cyber Security Partners (CSP)

Cyber Security Partners (CSP)

Cyber Security Partners specialise in the provision of Cyber Security Consultancy, Data Protection and Certification and Compliance services.

Ascent Solutions

Ascent Solutions

Ascent is built to help firms evolve their cybersecurity posture, modernize their Microsoft solutions, and accelerate their journey to the cloud.

NXM Labs

NXM Labs

NXM is a leader in a leader in advanced cybersecurity software for connected devices.