Schoolboy Hacked Mock Florida Election Site In 10 Minutes

Uploaded on 2018-11-13 in NEWS-Cybersecurity News, GOVERNMENT-Local, FREE TO VIEW

At the annual hacker conference DefCon erlier this year, Emmett Brewer, an 11-year-old boy from Austin, Texas, was able to change the results on a mock Florida election website. It took him 10 minutes.

Though the website in question was a mere replica of the Florida Secretary of State website, the hack points to the larger vulnerabilities of the election infrastructure.

This comes on the heels of Russian meddling in the 2016 US election, Microsoft has already detected evidence of Russian interference in three races in the 2018 mid-terms. 

The hacking event was part of a hands-on workshop within the larger cybersecurity conference. In a series of exercises, adults and kids participating in the “DefCon Voting Machine Hacking Village” attempted to manipulate party names, candidate names, and vote-count totals on mock websites from key battleground states. 

Brewer was one of about 50 children between the ages of 8 and 16 who took part.

“The site may be a replica but the vulnerabilities that these kids were exploiting were not replicas, they’re the real thing,” Nico Sell, the event organizer, told PBS.

In a statement, the National Association for Secretaries of State questioned the hacking event, claiming it was not a realistic proxy for the systems currently in use.

DefenseOne

You Might Also Read:

Election Hacking Threatens US Mid-Terms:

US Air Force Hacked By Teenager:

« Why The Public Directory Of Domain Names Is About To Vanish
Neither US, Russia Or China Will Sign Macron's Cyber Pact »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Varonis

Varonis

Varonis provide a security software platform to let organizations track, visualize, analyze and protect their unstructured data.

European Cyber Security Organisation (ECSO)

European Cyber Security Organisation (ECSO)

The main objective of ECSO is to support all types of initiatives or projects that aim to develop, promote and encourage European cybersecurity.

SECURITYMADEIN.LU

SECURITYMADEIN.LU

SECURITYMADEIN.LU is the main online source for cyber security in Luxembourg providing news, information and a toolbox of cyber security solutions.

Electric Imp

Electric Imp

Electric Imp offers an innovative and powerful Internet of Things platform that securely connects devices with advanced cloud computing resources.

Futurex

Futurex

Futurex is a globally recognized provider of enterprise-class data encryption solutions.

Neoteric Networks

Neoteric Networks

We deliver a no nonsense procedure to implementing technology. The technology selection process ensures that all customers enjoy an engineered methodology implementing technology.

NetDiligence

NetDiligence

NetDiligence is a privately-held cyber risk assessment and data breach services company.

ATIS Systems

ATIS Systems

ATIS Systems offers first-class complete solutions for legal interception, mediation, data retention, and IT forensics.

NGS (UK)

NGS (UK)

NGS (UK) Ltd are independent, vendor agnostic, next generation security trusted advisors, providing all-encompassing solutions from the perimeter to the endpoint.

Document Security Systems (DSS)

Document Security Systems (DSS)

DSS anti-counterfeit, authentication, and brand protection solutions are deployed to prevent attacks which threaten products, digital presence, financial instruments, and identification.

Raqmiyat

Raqmiyat

Raqmiyat provides end-to-end IT Services and business solutions including consultancy, digital transformation, infrastructure and cybersecurity.

Wontok

Wontok

Wontok deliver innovative value-added data security services that fill the gaps left in traditional security solutions.

NXTsoft

NXTsoft

NXTsoft’s solutions help businesses secure, connect and optimize their data to maximize revenue opportunities, enhance profitability, and mitigate cybersecurity risk.

ViewDS Identity Solutions

ViewDS Identity Solutions

ViewDS Identity Solutions develops innovative identity software including cloud identity management solutions, directory services, access and authorization management solutions.

Bitdefender

Bitdefender

Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide.

Lodestone

Lodestone

Lodestone partners with clients to help them mitigate business and reputational risk, through our human-based, approach to cyber security, digital forensics and incident response.