After the Cambridge Analytica fiasco and the spotlight that was shone on how frail democracy can be, especially with outsider influence on social media, another blow was dealt to people’s confidence in state-level security practices. An 11-year old managed to show just how easy election hacking can be. At Def Con, the annual hacker convention, 11-year old Emmett from Austin hacked the website for the Florida Secretary of State in 10 minutes, using a simple SQL injection. It’s a technique that, at least in hacking circles, is child’s play.
The organizers of the event, set up replica pages of actual websites used by the US Government, then set participants to work “breaking into the portions of the websites that are critical to the election process, [so] the kids worked against the replicas of the webpages where election results are reported by secretaries of state.”
Here’s the DefCon Voting Machine Hacking Village roundup of discoveries for the day! Day 1 / Part 1 pic.twitter.com/ovQs7uX7jK
— DEFCON VotingVillage (@VotingVillageDC) August 11, 2018
In essence, the experiment not only revealed quite a few talented kids, as 89% out of the 47 participants managed to hack their assigned websites, but also the poor security practices adopted by the state. After all, time and time again common vulnerabilities are exploited with deadly consequences.