Black Hat is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

How to Create Public Confidence in Election Systems

View Recording

Thursday, February 21, 2019
11:00AM-12:00PM PST

Brought to you by:

How to Create Public Confidence in Election Systems, by Carsten Schuermann
Threatscape of the US Election, by Gage Mele

The WinVote voting machine was used in the 2004 & 2005 Virginia elections and has been dubbed the worst voting machine. It runs Windows XP, service pack 0, has by default Wifi enabled, and uses WEP security. Additionally, all the machines seem to use the same password “abcde”. Age old exploits give adversaries administrator level privileges without physical access. To make it worse, the remote desktop protocol is enabled by default on each machine. All of this is well-documented, however there are lessons that effect society beyond hacking.

The most important concern of any electoral process is public confidence: winners and losers must be convinced of the quality of the electoral process so that all can trust the outcome.

Computer Forensics is a powerful tool to identify election hacking, but how much public confidence does it create? There are at least 3 obstacles. 1) Scale: There are too many voting machines to analyze 2) Scope: Forensic analyses may be inconclusive, stating that no incriminating evidence was found yet and 3) Interpretation: How shall the irregularities be interpreted?

We will be looking at a forensic analysis of the WinVote voting machine and discuss the importance of evidence and alternatives to computer forensics to create public confidence.

Guest Presenter:

Carsten Schuermann Carsten Schuermann

Carsten Schuermann is an academic expert in election security. He has ten years of experience conducting research in elections. He has written over academic 60 papers, contributed to books, and is a member of the computer science faculty at IT University of Copenhagen and leads the Center for Information Security Research.

Sponsor Presenter:

Gage Mele Gage Mele

Gage Mele is a Security Analyst at Anomali who has applied his research and analytical skills from degrees in Criminal Justice and History. Gage will focus on election security, a complex topic with many areas to consider and analyze including The Current State and Belief of Election Cyber Security Integrity; Political Views on Cyber Security; Likely Targets: Who, What, and Disinformation.





Sign up to receive information about upcoming Black Hat events including Briefings, Trainings, speakers, and important event updates.


Sustaining Partners