Another Putin Setup? German vote counting machines are hackable, researchers warn


by Alexander J Martin, Sky News:

Just three weeks before Germany’s parliamentary elections hackers say the vote could be manipulated by “trivial” attackers.

Machines which will be used to count votes in the German election can potentially be hacked to manipulate the results, researchers have warned.

Security issues with the devices set to be used on 24 September could mean that “public trust in the correct tabulation of votes is at stake”, according to the Chaos Computer Club (CCC) hacker association and computer scientist Martin Tschirsich.

The flawed software, called PC-Wahl, will be used as part of the preliminary election process in several German states, which are independently responsible for the first round of counting votes.

In a statement, the head of Germany’s federal returning office, Dieter Sarreither, said the integrity of election results was a matter “of the highest priority”.

German newspaper Der Spiegel reported that PC-Wahl’s manufacturer, vote-iT, denied that its software was unsafe, although the company did not respond to Sky News’ enquiries before publication.

Mr Sarreither’s returning office told vote-iT that it must take into account recommendations made by Germany’s information security agency to fix the weaknesses.

Fear of election hacking has been high in Germany following the US presidential election in 2016, during which Russian hackers allegedly targeted election-related systems in 21 states.

Germany’s domestic intelligence agency also accused a hacker group working for the Kremlin of attacking parliamentary IT systems in 2015.

Officials said that the attack may have been motivated by a desire to influence the election.

CCC researchers say the flaws in vote-iT’s software are so basic that a successful attack would not necessarily require a nation-state sponsor.

They added that the “trivial” nature of the attacks meant that “it would be prudent to assume that not only the CCC is aware of these vulnerabilities”.

The CCC is one of the largest associations of hackers in Europe and has frequently criticised government initiatives which its members believe fail to show adequate concern about information security.

Read More @