Friday afternoon, US election officials got an unpleasant surprise. The security firm Cylance released a report disclosing a new attack on the popular Sequoia AVC Edge voting machine, potentially compromising both the machine’s public vote tally and a backup known as the Protective Counter. An accompanying video showed how the attack would take place, attacking the underlying software through a firmware port on the front of the machine. In the home stretch of election season, the result was an alarming reminder of how vulnerable many voting machines still are.
Researchers have been raising concerns about the AVC Edge since 2007, but it’s still in use in over 100 counties, including in much-watched swing states like Florida and Nevada. Cylance’s attack is limited, requiring sustained physical access and a full power cycle to alter the cartridge containing the machine’s final vote tally. Still, it’s an alarming sight for anyone concerned about the integrity of the election, and leaves election boards with little time to respond.
For some security professionals, releasing the demo just four days before the election — amid frequent accusations of election tampering from the Trump campaign — crossed a line. “This disclosure seems political in nature,” says Katie Moussouris, a bug-bounty expert and founder of Luta security. “Releasing this publicly, after DHS and states have been aware of these types of attacks for years, only serves to fuel the fires of doubting the election results. This is a case of not helping security while simultaneously undermining the democratic process.” According to Reuters, 48 of 50 states have accepted help from Homeland Security in defending against such attacks.
Reached for comment by The Verge, Cylance defended the disclosure. “Voting machine vulnerabilities have been well-researched for almost a decade and have been well-reported in this election cycle, but they have yet to be fully addressed,” the company said in a statement. “In this particular case, we tested potential voting machine vulnerabilities, and once a real world exploitation was discovered, we believed it was our responsibility to inform the public, the authorities and state election officials and volunteers to allow them to improve security measures and ensure the sanctity of our elections.” The vulnerability was disclosed to Sequoia and election officials in advance of publication.
But according to Princeton researcher Andrew Appel, Cylance’s attack would be easily defeated by conventional auditing techniques. Appel demonstrated vulnerabilities in a similar Sequoia machine earlier this year, and says there are still serious concerns about the security of machines like the AVC. But crucially, the Cylance attack focuses on altering a machine’s results cartridge after the polls have closed, which means the results have already been printed out and signed by an election official. The genuine tally would also be stored in the machine’s flash memory, so it would be easy to work back to the original total after the discrepancy was discovered.
“If there’s any question about the results cartridge, it can be compared to the printout and the flash memory of the computer,” says Appel. “Now if the machine was hacked in advance of the election, it could write bad results in all three places — but that doesn’t seem like what they’ve demonstrated here.”
That leaves election officials in a tricky place. For all the controversy, Cylance really has found a flaw in Sequoia’s voting machines, and if a similar bug were found in Flash or Chrome, the company responsible would be rushing to patch it. But with no clear fix and many of the machines already in use for early voting, the best defense is rigorous auditing and protecting physical access to the machines — something most precincts were already doing.
The result takes us back to the fundamentals of election security: even with vulnerable machines, the biggest risk is simply spreading chaos. In the final days before the election, the hard question is whether announcing one more vulnerability does more harm than good.