Runs about an hour and a half. I amod afternoon, president and ceo of the Atlantic Council and i am delighted to invite you to the council today on behalf of aeryone on the council and salute to you for everything you are doing in our Cyber Statecraft Initiative. For the launch of this crucially important report, people standing on podiums say things like crucially important it really is. Hacking the election, lessons from the devcon village. Operatethe council, we to secure the future. This is meant seriously because the founders of the Atlantic Council were there at the creation. One of the people who helped found this wrote the book the creation of the international liberal order. See that order as under threat and one of the things most under threat is the security of democracies. We see that order is being under we believe a stable world depends on sustaining democracy and democracy depends on the sanctity of the vote. In recent years, this fundamental core to our government has come under threat. In thedented assaults United States and europe are bringing scrutiny uncertainty to once in viable electoral processes. Ord has come under threat. Unprecedented assault in the United States and europe are bringing scrutiny and uncertainty to once and vibrant electoral processes. We havent yet donein countering this information both within our Eurasia Center and in our Digital Forensic research lab, cutting edge work. We havent done yet work in this area so its a particular pleasure and honor to be associated with this event and the work behind it. In the current geoPolitical Climate, preserving or in some cases reinstating public faith in the integrity of security of our elections is more crucial than ever before. This can only be achieved if were able to protect the technologies, to protect the technologies underpinning our democracy. While much of the discussion over the past 12 months has focused on the russian link Information Operations with carefully timed a leaks, fake news, facebook ads recently, recent revelations have made clear how vulnerable the very technologies we use to manage our records can cast a vote in town of results with our, and thats new. We now have alarming evidence of russian connected hackers successfully breaching electronic poll books and state and local voter databases in a lease 21 states across the United States this recently released by the department of Homeland Security. You have to understand how careful dhs is before it puts out this kind of information. The Technical Community including many Atlantic Council experts have attempted to raise alarm about these threats for some years. This some of the experts on todays panel and others concerned about the safety of the vote teamed up with the World Largest hacker conference, defcon, to host the first ever, and id like this, first ever voting machine hacking village. This determined group invited security researchers to probe to dozens electronic Voting Machines to dozens. Many of which are still in use today. The hackers were able to break into and gain Remote Control of the machines in a matter of minutes. These findings from the voting village are incredibly disconcerting. We Atlantic Council applaud the groundbreaking and tireless work of the organizers to shed light on these threads and this unsettling reality. We believe that transparency is about 80 of what is needed because you have to understand to know the threat in order to get the targets and others to take care of defending themselves. This is a this is a simply a Cybersecurity Issue but one of the most pressing National Security concerns eating at the bedrock of our democracy. The councils own cyber team is proud to support this critical effort by taking representatives james link of an and will las vegas this july, the first sitting congressman to ever attend the conference and witness firsthand this voting village. We are honored to continue this partnership by convening todays discussion and look forward to assisting in the next steps that is crucially important effort. You may have read in usa today that a group is coming together to try to continue to work and continue to work around this and were proud to be part of that. Before i turn over to jeff for his remarks, let me take a moment to introduce our panelists. Jeff is the founder of two of the most influential Information Security conferences in the world, defcon and black cat, and hes a senior fellow with Galactic Councils Cyber Statecraft Initiative and are Brent Scowcroft said on interNational Security. Ambassador looked luke is a former u. S. Permanent representative of and serving under president obama from 2013. 017 prior to this and after retiring from active duty as Lieutenant General after 35 years of service he served as the assistant to the president and Deputy National adviser under president bush as well as under president obama. We had a bipartisan ethos. Youve worked in real handson bipartisan manner. John gilligan is chairman of the board at the center for the Internet Security cookies are just president of the Schafer Corporation Senior Vice President , and chief Information Officer at the u. S. Air force and department of energy. Sherri ramsay is Senior Advisor to the ceo at cyber international, engaged in Strategy Development and planning. She is the former director of the nsa css threat operations center, thats a pretty big job and pretty significant position where she led discovery and characterization of threats to National Study systems. Harri hursti is a Founding Partner of nordic Innovation Labs in one of the organizers of the defcon voting village. He has fast dating insights. Fascinating insights. I just took a little bit outside this room on this probably would talk about today. Is one of the world leading authorities in the areas of election voting security and Critical Infrastructure security, and as an ethical hacker famously demonstrated how certain Voting Machines could be hacked, ultimately altering voting results. Our moderate today is jake moderator today is jake braun. Jake is a lecturer at the university of chicago and ceo of Cambridge Global Advisors and coorganizer of the defcon voting village. Jake also serves a Strategic Advisor on cybersecurity to the department of Homeland Security and the pentagon. So this is a heavyweight group, and we are looking forward to your reflections. Huge thanks for all of you joining us today and joining us online, and thank you for everything you contributed to this work. Lastly i encourage anyone in the audience watching online to take part in the conversation by following at ac scowcroft and at , but using theof hashtag accyber. And now without further delay, let me turn the podium over to jeff. Jeff thank you. good afternoon, everyone. Im going to start with a little and then you a couple thoughts on where i think we are going. Have been talking about Voting Machines for a long time. I think kerry has been poking at them for 10 years. We had one of our first speakers talk about his concept of black 10 Voting Machines about years ago. Isis not new but what is new the intention on them and the importance they are now playing and howard democracy. How did we get here . I am going to blame jake. National security coordinator in the white house and dhs back when i first securityt the homeland council. I got to note jake and he was very passionate about voter security during the obama campaign. We were talking and jake was saying, you know i bet these machines, theres got to be problems with these machines, right . I said, oh yes. There are definitely problems but i just dont know what they are. But i can tell you, there has got to be problems. Onlinearted going looking for studies, looking for needsty analyst terry missions apart. You cannot find them. You can find an everest report in 2008, some controlled reports where the manufacturers got the researchers to sign ndas and did limiting testing but for hackers that does not count. I want to see the pictures. I want to see the trials and tribulations of the hackers attacking these machines. I could not find him but i said, i am sure they are just a disaster. Than a couple weeks went by and he said, you know what . You should get a bunch of hackers to tear these things apart. I said, that is a great idea but we are not going to be able to get any of these from the manufacturers. They are so tightly controlled. You are not going to get the machines or the software. But i started looking on ebay and sure enough, thank you ebay, there were some to be found. We have two of them here that harry will hack into later. So it turned out we can get our hands on them. These things never get updated. They have been around for like a decade so you can get them fairly inexpensively. So i allocated some space. Got some people together. We started ordering machines and then i realized, i am not a voting machine expert. I can tell you historically what kind of systems have had issues but i cannot tell you the ins and outs specifically. Harry, and some others, who of spent more than a decade looking at the said ok. You get the machines and space and we will run me village. It was fascinating because if youre not familiar with def con, we have about 25,000 people who show up. They subdivide into topic areas. As soon as we announced a voting villages i got state, local, county voting officials desperate for information. I have these machines, ive no idea what they do. I have these machines and i do not know if i can trust documentation. Tell me what you find. We would try to get them to come say, ive nowould budget i can come out. Could you just livestream people hacking me machines. I said, i do not know how much that will help you but we will have this report. It is the first step in trying to change the narrative. As you will read, these machines are pretty easy to hack. This flies in the face of the narrative sung by the manufacturers which is, you have to be an insider. You have to have specific knowledge of the technology. Random people are not going to be able to approach these machines and ask them. They need to understand them and study them to know the context. I think we opened the doors and 35 minutes later, one of the machines fell. It turns out Hacking Technology is pretty much Hacking Technology. Automobiles,d implantable medical devices, airplanes, physical locks, Access Control systems, internet toys,ngs devices, adult atm machines. So chances are, yes, we are going to hack your 10yearold election machine. The differences now it counts. No people are paying attention and they were not Pay Attention 10 years ago. Now it is not a conversation between us and the state and local officials. This needs to be a discussion that a higher, more National Security level. I was struck by something professor leak said which was essentially there are two ways to changing government. Ballot box. R the i thought about that for a while and we spend a lot of money on box. Ullet we have nuclear triads, oversight, testing ranges, we have a large amount of money and technology invested in our bullet box. How much do we have invested in our ballot box . Pretty much comment nothing. It was only just recently called infrastructure. Other important but all of our energy is in the moreimportant bullet box. It also needs to be the ballot box. This problem is not going to go away, it is going to accelerate. Three things made this possible but first we have a threeyear dmca exemption. Usually you cannot reverse engineer these things for copyright elation. They use takedown notices to prevent researches from publishing results. Year three was this was year two, next year is your three. Pickrchers will be able to this apart and provided independent view. That was not possible before. Once remove the fear sort of a litigation in lined up an impressive array of lawyers waiting to defend us of anything happened, we felt confidence Going Forward that if anybody was going to sue us, we would have enough resources to defend ourselves. Dmca and theth the way we could defend ourselves. The second one was a giant storm where the roof collapsed on a county where they were keeping their Voting Machines. The county totaled out all of the items including the Voting Machines. There was no purchase Sale Agreement on the Voting Machines. The Insurance Company did not want it. They give it away to an ,lectronics recycler who then now have the equipment with no nda and no Purchase Agreement signed. Now if we get our hands on these machines we are not violating any rules or civil law. The manufacturer contacted them pleased, could you disassemble all of the machines and you know, basically take them out of commission. He said, sure. How much do want to pay me for each machine . They said, we want to use zero. He said, well do want to buy the machines that . He said, no. He said, well, he back anytime you want to buy the back. And he started selling them on ebay. So ladies and gentlemen, the voting machine. We have this culture of exploring things and hacking them and publishing results. So there was the upcoming def dmcathe storm, and the made this possible for the first time. We have been using these machines for more than a decade. This is the first time we get to actually look under the red . That does not under the hood . That does not make any sense from a policy standpoint and we need to really understand what is going on and how do we fix that. We cant run our country like that. When will the next storm happened, right . I want to think about that. I will hand it over to jake who will go into a moderated q a session then we will go to the audience for questions. Thank you very much. [applause] sit forjust going to the q a. First off, you and professor blais were the technical leads running the hacking village. Did you find . First of all, it is established that all machine is hakuba. Is hackable. Was a learning experience. For people to find the truth themselves. People came, said can i touch . Yes, go ahead. The other thing was the speed. One of the people who of been doing these things published a study. Of course if you have a few weeks you can hack it. First of all, if it is a nationstate they have that. They dont wake up all of a sudden. They have time. Work it the scope of took a long time. Right now, i would say that we have less than half an hour. I 10 00, ate door 11 00, it was supposed to be the introduction speech. At the time one machine had already so. The guys who did that said, can we show it . No, i need to go i want to he was at the speech for 40 five minutes comic came back. At the same time, he was from denmark so at the same time during the speech another person from Northern California hacked one. When the introductory speech was over, already too machines had fallen. This technology is very old. For a lot of people who were there, they were not even born when most of these came about. People on twitter were asking for tools to do this. Aret of the current tools not that much behind. These tools came to be cost 15 may be in new york. Very old technology. Some of the findings and there are so many things but one thing is we followed vulnerabilities which have not been studied before because of the rules of the road of the previous study. Ad, those vulnerabilities put unreasonable stress to a nonexisting can be hacked anytime during its lifetime anytime it has been hacked it cannot be cleaned. Everything from Mainland China to philippines, an name it, there is element. We do not even know that extension. What extension do they have in the design and building of this . Said the chain of custody when it is in the United States in use, and how did that come to be . Where came from . How can you make sure the machine you get is clean . So these are my opening remarks. Ok. So, sherry after spending a long time at nsa what are your thoughts on the relevance . Harrysllow on with comments and the comments you and jeff have made is the first thing you want to do when you kind of look at this problem is figure out what is the target . Is it something people would be interested in . And what is the way for that target to be legitimately hacked . Would it take a year . Would it take 5000 people to do this . Is this something we should really worry about or is it something that could be done but not likely to be done . The last thing as, would anybody be interested in doing it . There could be a lot of phone abilities out there but if nobody is interested, maybe we dont spend money or time and effort. So to quickly answer those three questions when were talking about this. Obviously, the specific target, well, the target might be the u. S. Democracy but the closest target would be the Voting Machines themselves. If you look at the companies, not that many years ago there were 19 or 20 more companies who recognized making voting space. S were big in that people would buy Voting Machines from them. The last few years, just like you know, a natural progression of economy and things that of happen on a global scale, companies have merged, gone out of business. Today theres really only three or four big bit, well known, recognize companies that will Voting Machines we would be interested in purchasing and using for our elections. By that furniture, we have focused the target set. It is no longer hundreds or even tens, it is three or four. That is a specific, limited target said an adversary would need to go after. The second thing is, you know, lets kind of look at how could this be done. Is there a realistic way to do that . If you look at the Voting Machines, and fact look at laptops, cell phones many of you are using now. Watches on our arms. His toys, refrigerators. Missiles, airplanes. You talk a lot about them at def con. What did they have in common . They are built of hardware, like this one here. They run with software. You know what . I think as you both mentioned in a lot of ways, it is not even specific to the voting machine. It is hardware and software. There are chips manufactured globally because of the global economy. We dont know where all of the chips come from. Most of them come from outside. F the u. S. Primarily so there is this natural approach to Hack Software but hackers are starting to look at hardware for a number of reasons. Hardware hacks can be more persistent if you do a software upgrade. The malware will stick to that. Often times we think things are not connected to the internet but they really are, by the way. In the off chance they are not and somebody wanted to get into this device, and perhaps take data away from it, they have to get it out. If they do a kind of hardware hack or hardware implanted in change a check, now they have created a path to put the data out. So because of the global marketplace, because the Voting Machines as well as many other hardware made of just and software, the concept for how to do this is pretty well known and relatively easy, as we have seen. This created the opportunity. Now, who would want to do this and to have the capability to do this . At a number of nation states that have actively unitedying to influence states elections for years. Now we have given them a new way to do that. Perhaps some other elements as well. Criminal terrorist groups. Many of them are generally accepted by the community of having the wherewithal, that is the sophistication, the money, the wherewithal to pull this off. You say, ok, it is hard. They would have to do it one voting machine at a time. They are spread all over the country. Not really. Go back to the limited target, for manufacturers. These supply chain is a great kind of vector for them to do that. It could be done with an insider just for money. They could care less about the u. S. Change the software, check process. Huge,cyber could affect huge numbers of chips and things that would go when to the machines as well as other appliances. If you think about it, it is just a software hack. To go win and hack the Software Development of the Companies Developing software for the machines. And at the beginning put the malware and so when the software is downloaded it already has the malware inside. These are the things, read the newspapers today, we are seeing day. Done every single the bottom line has, are the Voting Machines special . No, they are really not. They are hardware and software. We have kind of demonstrated the disconnect. If you follow the scenario largest logically, we should really be concerned about the elections and our processes and the Voting Machines of the future. Thank you. The hesitancyan, that helps enhance the Cyber Security and local government who are the ones who administer our elections, what are we going to do about this . ] o audio, low audio and tractable problems. Intractable problems. It was mentioned i was in the air for some time ago. I would tell a story that helps put in context what we in the center for Internet Security do. Used used a come in annually and do a penetration of analysis of each service, air force being one. Then we did a debriefing. I am sure they are bigger and better today. My biggest fear was that if anyone was sitting in that room from the outside i would fired right away because they were very successful in penetrating our systems. I went to the nsa and said, this is not helpful. I need to know where to start. They came back and said, nobody had ever asked this question but it was helpful because we got our offense of an defense of teams together and they put together what they thought were the areas they saw that are exploited or we exploit. I only paid attention to the first part of the briefing because they said 80 of the attacks happen in misconfigured software. The software is not configured and initially properly. That was 80 . So i said, that is where we are going to start. I give that story as a way to give context to the center for Internet Security. Focused on what we call best practices. Configuring software and patching, knowing what is on your network, controlling administrative village, auditing, etc. Are all basic hygiene practices. Effective, those types of practices against the in they of the attacks philosophy being, why do something sophisticated, some examples are given here, if you can just get on the internet and go after the misconfigured software . Equifax is a good example because the apache strut software that was exploited it is an open source software. Does not have a supply chain issue. It is often an embedded in other products. This gets to be sort of a complex problem. The center for Internet Security focuses on best practices. We take commercial versions of products and through a collaborative process, we define what should be the secure configuration. We disable those things that have high security risk. We enable controls that ensure better security and weep propagate those. Propagate those. We have a set of controls, basic hygiene activities. There happens to be 20 of them. Our viewers, if an organization focuses on these they are addressing the most Common Thread patterns and they will be more secure. Our effort internally is going to be to take the elections ecosystem and to develop a set practices, a handbook of best practices for the election system. We will do this following our normal process in sort of a collaborative way. We have 400 or 500 people to collaborate with us and we will expand that horizon because there are those that have specific expertise and election systems. Well invite them and dhs, the elections consistence commission which has responsibility for focusing on the machines themselves. We will invite the National Association of secretaries of state and other Election Officials to participate. The reason being, lets get together and very quickly by the end of the year produce a set of best practices that will then be given to state and local governments. Our efforts will complement what the Systems Commission is developing presently with the National Institute of standards and technology, what is called the voluntary voter system guidelines. Version 2. 0. An updated version trying to address a number of issues including security. That effort, were going to undertake immediately. Obviously based on the background of the organization focusing on best practices we have a put a good handle on foundational efforts for this and we will move forward. Thing is, under dhs oversight and funding, we provide security to state, local, tribal, territorial organizations. So we have about 1500 members. We provide education, we provide security monitoring, vulnerability assessments, incident responses. Alerts, warnings. Part of ouras education campaign, we will increase our emphasis using this handbook on election systems in conjunction with our other best practices activities to see if we cannot use the emphasis we now have on election systems to improve security really across state, local, tribal, and territorial organizations. Fantastic. What are you tell us, you guys planning for next her . Version two. Next her as our last year last year. S our the application time is already over. It in may whend we had the last portion. We dont know if it will be extended or not so we can adjust what we will do. The idea is, we want to get a we want back one to get our hands on the back and software. The provision of voting ballots to run the election to figure out the winner. We want to have a complete Voting System to attack so people can attack the network, the physical machines, they can go after the databases. This is a mindboggling part, just like the first time it has been done. No nda. There has never been a test of a system. This is mindboggling. Harry can probably tell you 10 different reasons. I would love to be able to create any kind of a complete system. It does not have to be the most up to date and complete system but we want to have a checkin,l out the portable, how you register the vote. Were going to try to invite some of the manufacturers. Really, i think probably because this is the first scrutiny the manufacturers have ever had, they are not sure what to do. That is a routine response. Comeeys industrys first into contact with hackers and people are given an honest opinion of technology, they pull back inside for a while. The best part of this is free, the worlds best hackers doing pro bono work. Giving away reports for free. Normally thousands and thousands of dollars a day. They are doing it because they want to see what is possible. I tell them, take advantage of this free resource. Learn what you can. Worthhink this is repeating. In the studies which have been made in ohio, california, none of those really have had infrastructure. They have been concentrated on Voting Machines. Look at the Voting Machines in def con village, these kind of comprehensive, this is the office. Lets take a look. That has notl you, been done, ever. In 15 years. Well, ever. The other thing i want to point out is how we took it back. The def con of latin america. Problems we are talking here, right now, argentina, this is an international problem. We have different flavors of democracy but similar problems. This is really international. That is a good segue to our next speaker. Thank you very much. Atlanticnk you to the council and fred for hosting today. Fred, you did an extraordinary thing. Communitiesther two in the country but especially in washington that do not usually made for lunch. The technical experts, hacker communities, sometime you can tell by our address. Nationaliplomatic Security Committee and we have you altogether in the same room which is very important because that merger of two communities highlights my main point today and that is that the technical vulnerabilities we are just describing are, i think, given the 2016 experience, raise it to a National Security issue. Fact, in my over 40 years of working on National Security issues, i do not believe ive seen a more Severe Threat to american National Security than the Election Hacking experience of 2016. That may seem extreme but when you consider the fundamental connection which could have been compromised and may have been thisomised last year and is the fundamental connection between the individual voter and the results of the election, if you can compromise that you do not need to attack america with planes and ships and tanks. You can undermine democracy from the inside. I think that is really the threat. F this todays session is not about the forensics of the 2016 election. I have confidence and i think we has american should have confidence that the multiple investigations underway will revealed was the full impact of 2016. Appened in the friend six will come out. But we do know this much we know russia tried to influence the election outcome last year and we know at a minimum they tried to discredit the outcome by casting doubt on its legitimacy. That is enough to get started, ok . Why is it so serious . One of the questions Sheree Paolello asked was, who cares . Who would want to do that to us sherri of the questions asked was, who cares . Who would want to do this to us . The russians. First of all, Vladimir Putin has already demonstrated successfully he can do this. In military terms, a threat is a combination of the capability right . Intent to use, that is the end of that statement. He has the capability, and he did use it. We have both capability and intent here. He influenced our political process. Democracy. Bts on our look at washington today. He added to the political gridlock in washington. Him. T very low cost to in military terms, this is a classic definition of a threat. Ofri this level vulnerability we would never accept this level of vulnerability in any of our control systems. The targeting system, our weapons control systems, the systems that control our nuclear weapons, right . We would never accept the kind of vulnerability exposed at def con this year. So we have work to do. Going away. T this was not a oneshot deal where they tried something and were off to the next target. Vladimir putin can be in office and even ifst 2029 he is replaced, a new russian leader would be attracted to similar tactics. On a tactic here that i think will exist. From what ied a lot think were a series of probing attacks in 2016. My guess is they were somewhat surprised by what they learned. Like some of the participants at def con. At how out of date and vulnerable the technology is. I think we should expect the next attacks to be more targeted and sophisticated. So the russian threat is real, and it is here to stay even beyond Vladimir Putin. This is a National Security issue because others watched. What was happening in 2016. Around, north korea, the socalled Islamic State and others. National issue because time is short. The 2018 and 2020 National Elections are just around the corner. 13 months out. We are disclosing today by the findings of the def con report just how vulnerable these systems are and we have essentially 16 months to harden our democracy. Process. E this is a National Security issue because other democracies are susceptible, too. Democracies in europe, south america. Also bought her a ball. The same democracies make up our this is not in americaonly vulnerability. We know for sure russia has attempted to penetrate and corrupt other electoral systems. Think about the french elections in the spring. But long before that. Georgia, baltic states, so forth. For all of these reasons, the security of the u. S. Election process should be a top National Security issue. Now look, i am not an expert here on the process and the machine and the hardware and software. That is not me. The good news is though, with these experts assembled, we pretty much know what we have to do. We have got to get back set of west practices that John Gilligan mentioned out to where the rubber meets the road in our voting process. That is not only to the 50 states but also thousands of voting jurisdictions across those states. We have a lot to do in a short time. To youed and we commit today that this group, this informal collision, will convene and within two months come back to this community, this joined community, with best practices. This has to be a nonpartisan, bipartisan effort. This is not about party politics. This is about our fundamental rights as american citizens and about the health of our american democracy. Look, for over 40 years as a military officer or diplomat, i did not rest in the sanctity, question the sanctity or validity of my vote. We often voted by paper will because we voted by absentee ballot. You complete your ballot, sign the back of the envelope, mail it in. For 40some years, that was enough. I believe i had fulfilled my civic duty and had confidence that vote would count. Over the last 12 months, given the experience of 2016, i do not feel that way anymore. I challenge all of us to think seriously about the challenges we now know took place. That were attempts to compromise and corrupt our fundamental rights is voting citizens. It is time to get this fixed. We have to secure our Voting System is a national priority. This report is a first step. Let me live it back to jake. Thank you. [applause] jake two why, in general lute. Thank you, general lute. Here are the things you can learn, no, or do. First of all, there were dozens of successful attacks on these machines. They are outlined in the report. One note we want to really highlight that came out of a lot of research that were done to these machines after def con is that with parts and software made all over the world and there are only three or four manufacturers, the one core point that Election Security experts and others have been decentralized the nature of our Voting Systems, the thousands and thousands of voting offices around the country is what kept us safe because russians would need to have tens of thousands of operatives go get physical access to machines to actually infiltrate the election. Know that is false. Through a handful of physical attacks and through manufacturers not in the United States, the russians could land malware into thousands of machines all at once and hack the entire u. S. Election without even leaving the country. That is a very important finding, number one. Number two is what jeff said that especially with Election Officials, the thing you can do is contact the folks at def con yourffer to give out machines, your databases, give them access to whatever else you just as this is an essentially free testing and training for your staff, that would normally cost you millions of dollars to purchase on your own. Finally and maybe most importantly is that the center for Internet Security is , anening a coalition informal coalition, of pretty impressive folks like the Atlantic Council to arrive at and then help educate congress as to why we need to pay for these best practices to be implemented and then ensure that state and local governments implement them. So with that, want to open it up. Aboutn will harri Talk Technology . Hack . Afterwards. We will have the demonstration. I did not know if you are pointing to someone else. Susan greene helmuth verified voting, went to thank you for this. It is important and critical. I am privileged to be able to attend the def con and attend lectures. It is great. Hurry is amazing for harri is amazing. To point out help her and this is as translated to states going to secure their Voting Systems. As some people may know, the state of virginia recently transitioned all of their Voting Systems to paper ballots because of some of the vulnerabilities that were disclosed in the def con conference. They reached out to us. We helped get them some information. I know harri was getting them information and letting them know what was found and they were able to go provide that information to the state board of elections. The state board of elections was information that and understand the security vulnerabilities and transition to paper that lets which is a transparent system that can protect us. So i want to thank you guys for seeing this transition to realworld change. Fantastic. Professor, do you have a question . Ok. Introduce yourself. Sure. I am a professor of computer thence and engineering at university of michigan and i have been working on the problem of securing election infrastructure for about 10 years. I just wanted to offer a couple reflections on this absolutely fantastic set of achievements that has come out of def con. Lute says,mbassador this is absolutely a National Security problem. That is the biggest thing that has changed from when i started working in this field till today. We started in 2007 thinking, it is possible people might temper with a few localized election systems but statelevel attacks, nationstate attackers changing a result that sounds like Science Fiction. It does not sound like Science Fiction anymore. The Voting System as we have seen in many, many different studies over the past 10 years that have come out of different academic groups is vulnerable throughout the technical infrastructure. The infrastructure is a decade or decades out of date and there are all kinds of ways that attackers might be able to compromise voting equipment. But the def con results do in my mind more than anything else and this is an amazing confirmation and extension of all of the different works that has shown machines to be vulnerable and now, even in machines like the dex that harri and others like us have studied in the past, there are more vulnerabilities being found by. Tudying it at def con these machines are broken to be core. The core. In terms of best practices that will be developed by this new initiative will be a fantastic steps toward helping states secure the infrastructure. At the one other component that is so critical at the center of the solution is really low tech. That is to make sure we are using voting paper. And that we are looking at enough of that paper to know theher results are really same. As President Trump himself said on election day, theres Something Really Nice about paper. You dont have to worry about hacking. By taking the simple, lowcost steps i think we can go a long way to protecting against different threats in the severe. This sphere. I actually have two questions about the technical aspects of the report. The supply chain problems which you brought up. Beyond creating chaos in the election, can this be used in any way to target a specific election . All, the short answer is yes because if you have a persistent attack that is sure universal door. What is the control structure . One of the easiest things is actually naming a candidate on the ballot. You cannot change it. You can use multiple ways to communicate. Should already be in place. Be justmy comment would assume all we can do is create chaos. We know there is more than that. And even to have a little chaos, it would cause such a loss of confidence i think in the election system that that, you know, would make people walk around and say, you know, is this legitimate . Legitimate . Tion even if it was, just a fact that people are question not i think its hugely damaging to our government and democracy in general. You dont even have to go past grading the chaos for this to be a significant problem. They are either the company charged with maintaining the system or states maintaining the systems followed best practices, the backdoors would still only be accessible usb attack. I am just trying to get a sense of the extent of the let me answer to things. This is ang is candidate who wants to win. The third model has not seen people are not asking what are all the possible reasons. No onnow there is wednesday. There will be eight and if i can bet on that i could make a huge amount of money. So there is a financial opportunity. Again, the other answer which is ae those machines do have usb port. That is wanting. The other thing is the statement, there are no wireless. That is already decertified. Stines recount, one of the important pieces of information that came out in the trial is that there is a new generation of machines that use wireless. The answer here is that we thaty found as a community this information has been in public documents. Never disseminated. It is already so, you dont need to have a typical usb. That was my second question. The onert only mentions machine or the one brand of. Achine that has wifi we are hoping for another storm. [laughter] you mentioned machines from verizon, the information flow. There is a paper ballot thater machine that has capability. Was ink the comment than i was involved more was. Right, so what we know from studies of different machines as well as the backend infrastructure is that there are several ways they might be remotely attacked. One is through the supply chain, as the panelists of emphasized that could be through machines as they are sold or through Software Updates for the machines that are delivered from the manufacturers. Before everyte is election, every single voting machine in the country has to be programmed with the design of the ballot. The races and candidates. That program is recorded on a usb stick or memory card. What we have demonstrated in past studies is that if you can modify that programming, you can take control of the voting machine and cause it to miscount the votes and shifted to whichever candidate you want. That is a real danger because those files that define the ballot are often created on machines that are connect it to the internet. Thing here iser what has been discovered also is it is probably u. S. Specific, is that the that meanso do the actual programming of the machines happens outside of the jurisdiction which in my opinion means they have no of their own. Theet me just try to raise conversation a little bit above the machines themselves. When you take the whole lifecycle or ecosystem of the election process there are other eagerly disturb a thing disturbing processes. All of the voters here, you are in some vote state registration database. To validate your entry to the ballot. If you could corrupt those databases which are all stored on the internet, right . By transposing two digits of your street address or changing your middle initial, right . Duty shows upic at the fire station or across the river to vote that day, the id does not meet the database, it never gets to be ballot. So when you look at sort of the whole lifecycle of the process, vulnerabilityown but there are likely other vulnerabilities that are equally problematic. Go ahead. I hope the panel can comment. Alex has worked on this issue for a long time and the solution on the voting machine front is the lowtech solution. Vote on paper. Look at paper. But the problem seems to be political in getting to the solutions. To nato allies have moved paper. The french election, they used electronic voting but they stopped at an face of the threat. The dutch move to paper and handcounted the paper in the last election. But we are struggling at the National Level to get a voluntary grant available to states so that they can maybe switch to paper said they can do postelection audits. If you can talk about how to get a Political Climate of urgency which just does not seem to be there. Well, so i think that is one thing i think that is exactly why were trying to do this. This is exactly why we are partnering with the Atlantic Council which is one of the preeminent National Security organizations and the country. Without firmly positioning this problemational security it is we will never get the urgency we need and that is exactly why were here today and exactly why were so excited conveney have agreed to this broad friday of people to come up with best practices. Of, likesort imagination, like going from the abstract to the concrete where you have so many things to worry about. This is one more. It now that it has arrived, you have to take steps and that is scary because now you have a new problem. There is no four years of Nuclear Deterrence around this. This is another issue which brings risks. You know, you have entrenched lobbying interests. I am sure the manufacturers do not like being called out. Who would . Nobody would. I am sure people have staked their reputations on the budget so there are a lot of interest involved and you have to pull a youturn and that is going to be a problem. Is fundamentally a mental shift from the presumption your vote is secure or our votes are secured to now i think the presumption that, you know, maybe they are not so secure. That does not come overnight. That is why van slyke today, the def con experience, this report are so important. Likeat is why events today, the def con expense, this report are so important. Were trying to amplify that message nationally so there is broad recognition it is a National Security problem. That it is bipartisan or non partisan and goes across all structures. We have to wake up. At one time we thought we were invulnerable, it turns out we are vulnerable. Go ahead. Go ahead. Hello. Reuters. The last question on the topic is broader, more systemic vulnerabilities. Recently notified hackers. By russian it is come out that a couple states said that is not true. What you told us was not in our election systems but maybe department or labor or something was scanned or one or two others. So i am wondering if the issue of how we run elections in america, the United States is on sort of this state, federal relationship if that is a specific vulnerability in your view that makes the united makes itre that more difficult to address these problems because of those tensions specifically. Dhs has said it is trying to work more with the states, the states have said they are trying to work more but there is still a lot of tension in the room when they tried to discuss these ideas and figure out what really happened last year and move 2020. D to 2018 and how does that relationship between dhs, the states, and the federal government improve Going Forward . Forward, dhs working with the states has agreed that there will be eight much more invigorated process for notification and information sharing. Theyve agreed they will create what is called elections information sharing capability analysis. Results on that collaboration and coordination will go a long way to resolving some of what i saw were the problems of the past. I think a lot of the problems of the past were if i could describe, there were technical activities that were recognized and the Technical Community within different organizations were notified. Now, that happens every day. That happens every day so it was the tie to the elections and as out,sador lute pointed weve woken to the new significance to some of these potential threat patterns and i think that caused some of the confusion, is that at the time was anrecognized there activity but it was viewed as a event. Themill, everyday it was only in retrospect when it was linked to a pattern of it became tothen rise to the level of saying, ait a minute, this is campaign with a particular objective and then i think all Early Communications sort of got sort of lost and so i been Going Forward theres a commitment to say, all right, we just need to make sure were those keyith and localrs in state governments with elections responsibility and not just the Technical Community. Helps a little bit. In the back thank you very much. Much, def con, for the work youve done and all who have collaborated. I have an historical question related to the supply chain. Year butnow the exact it was roughly about eight years ago when an individual mine colleague of came, after a trip to china, and thought waswhat he equipment being manufactured at a location in p. R. C. Basebutted a and i told him to report that to proper authorities and linked him on that. Im wondering if anyone knows situation. Out that i think diebold is out of the business now but the idea that is being manufactured and ifuntry like china any analysis, do we have any thatsis of any equipment doctored, say, specifically doctored for the were exercising an option if they chose to affect an election. Two things to. That one is when you look at holes, its full of hard to understand are the holes or is it just because its just sloppy, its quality. Dumb are not adversaries are not done, theyll make sure that if there number of problems, one is their back door in and if theyre caught, theyll say of problems here, its hard to tell if that problem was intentionally put there to be used or not. Only once you get to really highly secure systems where the are so few that you can tell thats a sophisticated back door, you can have this conversation but at this level of technology, you know, they probably dont have to install anything specific ofause its already so full problems. One of the exemptions with the dmca, though, prohibits us from sharing so researchers got the machines. They dumped the software in a lot of these machines but a prohibition for copyright where you cant just publish the software dumps. Can you look at them, analyze them foryou cant post anybody to download so were a little bit hampered because you to get your own machine, dump your own software, analyze your own software and you foundorld what without releasing the software but some people are doing that and theyre going through the there anyng for, are signs that binarys been tampered with or weird functions that dont make sense but its would like as we because we cant share it to a Larger Community to get a widespread analysis. Harry had an interesting find on one of the taiwan machines. So, first of all, one of the which is from diebold actually says manufactured from taiwan. Find the company to find that their main well, listed Production Facility is in china so thats manufactured there. More to this point, second, jeff, in this area, for the whole im i have been working is almost impossible to make any kind of reasonable educates about whether you are looking incompetence or malice. You want to think its incompetence. So many things where you really in the findings you say, what would be the legal use for this feature . What would be the reason you this . Do the answers always, its a test feature. Would like to point out by the way, coming from because i wasnt planning to do a live demo here because of the time we have. I want to point out that hardware is the new software. Mentally think that software is cheap and hardware of dollars of production costs and whatnot. Ins is a whole computer made chenshown. Starter withck 98,000 funding which was already 4 each. Sold this is a server with capabilities. This is the other computer you need. Actually, the computer, physical in oneeighth of an inch thick. Not anymore something which is expensive. The other thing is, electronics something you could inspect, you can understand. Be fairly reasonable whatcap the chip and look the chip is inside. Today, its not anymore. Are no anymore designed by humans. The microchips are designed by you write that chip as a form of software. Is today, whether you have a chip which you dont itw who designed it and how made theetched, who maps, you dont know what the chip is going to do and a very features areidden found. Recently, we all learned from to have a hidden processor capability inside the processor. Recently it was found that one the biggest manufacturers of aips for cars, they have hidden processor inside the processor and nobody has an comesation where the code to that person and that person the memory so if you control that, the game is over. So we are in a situation where its really the ability of machines are gone. You cannot audit the machine. The results and i think the results matter and really when we look in the thingon, its a good to especially when were about Voter Registration and also American Election is so cannot that you really go hand count. You have to use technology. The key there is audit. Audit the results. Make sure that the results make sense. Think theyre absolutely certain the result is why not audit it . If you dont audit, you dont know what is the result. Really today, in next four years there will be no machine where anyone in this i absolutely guarantee that will be honest what itsing exactly supposed to do because you cannot make that promise. Its unfeasible. You can make the best effort but you cannot give a guarantee. Important. Very to your basic question, we did find there were parts made in china in most or all of the machines. Sherry, do you want to comment should we care about that . A former nation state hacker hat on . We absolutely should care about that. And even if we didnt care about the nation state, individuals and sold and so we should absolutely care about manufactured in the u. S. I dont think we could be absolutely sure theyre today the bulk of the not manufactured in the u. S. And its almost impossible to audit the chips. Even random selection, theyre too complicated. Thisjust hard to say, yes, chip is built exactly like it was designed and like it was meant and it works exactly like supposed to. You would want the machines manufactured by companies with a of secure record operations, secure software cycles, hiringe good secure teams, being transparent and open and all of that is lacking. The kind of companies we rely on for other dimensions of National Security communications, control of nuclear weapons. We dont just outsource this material. This is done through a very strict chain of reliable suppliers and that just simply does not apply today to the election process. And in fact, if you look look at the want to d. O. D. As an example, theyve started down a path by trying to a secure foundry for some of the weapons systems, not enough for all of them, but to weually build chips that have more faith that theyll work and do the function the way theyre supposed to. We have a question from handle. Def con yes. Live streaming this on the voting village twitter page and the report is downloadable on defcon. Org. Is ifestion from twitter securing democracy involves a federal bipartisan effort, are optimistic it will be found in congress . They said that in 140 characters . So ive learned not to make such predictions. Ok. But part of the story today and part of the story in this report that this is not just a state and local problem. Governmentfederal problem. A National Security problem, a National Security the trackity and record at the federal level is opening National Security issues is that there is bipartisan support. I think theres a long track of comingstory together when the nations at risk and thats what were here. Ng on thanks to the atlantic they brought a Bipartisan Group of members of congress to the voting village. Heard, republican from texas, did a Facebook Live and there said its not a democrat or republican issue but a National Issue and were going to Homeland Security to brief them on the findings of this report ran by a obviously, republican administration, have been taking it very seriously been veryst i have impressed with their response to this so far. There, Rebecca Kaplan with cbs news. I wanted to know if the results where you saw def con caused you acceptedon the widely conclusion that no votes were tampered with during the 2016 election even though there is admission that databases with were hacked. Ation back to 2007 when we did the study for state ohio, back then, bonnerretary attorney asked me, well, there has been never a documented incidence votes have been changed during the real election and my answer was, please continue this method and that will remain to be true forever machines dont have capability of providing you if ic evidence to see they cannot prove they were honest. They cannot prove they have been hacked. Dont have the basic capabilities of providing you that forensic evidence, that data. You can see that the machine was hacked is that the be found thatd to it was hacked. Thats the sad truth. So anyone who says i have or another,one way thats an opinion. Is, it can be done without leaving trace. As i mentioned in my remarks, this effort represented here on the stage is not about the forensics from last year in actually affecting the results. Were going to let the federal government deal with that problem. We know enough, however, at this point, to be concerned enough to forward towards best practices because at least 14 states are at least somewhat reliant still on these kinds of machines and what we know from d. H. S. Published report, some 20 states there were at probes at the registration databases in at least 20 states. Enough for us to get moving and thats what this group is going to do. Running over so this will be the last one. Go ahead. Marks. Joe for anyone interested, the Congress Considers extending the dmca exemption right now. There particular things you would like them to rewrite in it to give you broader room to there anynd is concerted effort, either commenting or otherwise, to try to do that . Good question. A so i think in the original dmca Safe Harbor Provision for reverse engineering for security purposes. Was never litigated or was a validied what security purpose and none of the researcher wanted to be the test for that. So a lot of people tiptoed inund and dipped their toe and had several friends who have been intimidated and their dmcarch shut down by threat. Its common in the security conference world to have your talks pulled at the last second because the manufacturer threatens them with a lawsuit. Specifick the exemption was for electronic voting Machine Technology and pretty clearly written. I think matt blaze and coalition of academics were active in the workedet correct wording correct. That should be permanent but issue,just one electronic voting. What about automobiles . What about other Life Safety Systems . They shouldnt be, like, well, on carsears im working and that one will expire and in three years ill do automobiles and then back to cars when that exemption starts again. A concertedve ability for the nations researchers to search and find sued intoar of being sued oblivion, to find problems in software that all of us use and trying to solve the exploits. Theyre trying to basically provide a Public Service. It should be like a Public Benefit corporation, there a shield for Public Benefit research, especially the you work with manufacturer to get the problems fixed. An act of congress to protect us. The library ofn congress. Well wrap up after are to protectws proprietary information and trade secrets. You design software, usually big part of that trade specification, how the software is going to run. That in thee election world, the specification is the statues and laws. A why we are protecting where the fulfilled the law from information if theyre fulfilling the statues and the laws. Right now, i want to really con, we didnt have the back end system. We didnt run an election. We affect the system in a most fundamental level. We went to the basement and see if we can turn the lights on and off and we found we can. The conclusion of that is we of things done a lot on the upper layers which is the actual election but we didnt do that because we didnt have the back end system. Im not a u. S. Citizen. Im a european. Come from a little bit different culture in that way incomprehensible for me protected and why there is barriers for inspection fulfillingystem is the law and protections stopping researchers to verify that the are selling what they claim to be selling. Thank you all very much. [applause] [captions performed by national captioning institute] [captions Copyright National 2017]satellite corp. Announcer cspan, where history unfolds daily. In 1979, cspan was created as a Public Service right americas Cable Television companies and hand brought to today by your cable or satellite provider. This morning on capitol hill, a look at proposals to a tape the nations infrastructure. We are alive at 10 00 a. M. Eastern on cspan2. At 10 15 a. M. , the opioid counsel and committee on health on cspan3. In the subcommittee on middle east and north africa look set policy toward lebanon live on and on cspan2, the subcommittee on africa examines funding for state department and usaid funding. That starts at 2 00 p. M. Eastern. Thursday were live in nashville, tennessee for the next stop on the cspan bus 50 capitals tour. A. M. Eastern,30 discussing the top policy issues in tennessee. Thursday for the entire washington journal starting at 7 00 a. M. Eastern on cspan. Next, we take you to new jersey where they are less than one month away for a vote on replacing income and governor chris christie. About one hour. Live from New Jersey Performing Arts Center in newark, new jersey, welcome to the new jersey
comparemela.com © 2020. All Rights Reserved.