Information Security News
With fewer than 24 hours before polls open for the 2016 US presidential election, consider this your periodic reminder that e-voting machines expected to tally millions of votes are woefully antiquated and subject to fraud should hackers get physical access to them.
A case in point is the Sequoia AVC Edge Mk1, a computerized voting machine that will be used in 13 states this year, including in swing states such as Arizona, Pennsylvania, and Wisconsin. The so-called direct-recording electronic vote-counting system has long been known to be susceptible to relatively simple hacks that manipulate tallies and ballots. Researchers from security firm Cylance are driving that point home with demonstration hacks. The first one causes one or more votes for one candidate to count as votes for that candidate's rival. A second one alters the names as they appear on the electronic balloting screen.
The hacks work by tampering with—or more precisely, reflashing—the PCMCIA card, a storage device in the voting machine that's similar to the tiny hard drive that's used by many digital cameras. The fraud could be carried out by inserting a maliciously modified card inside a Sequoia AVC Edge machine, although the attackers would likely have to circumvent tamper-evident seals that are designed to flag such abuse. The video above shows the hack being used to alter both the public and protective counters the machine uses to count and recount results to ensure tallies are valid. The decade-old hack first came to public attention in 2007 in a research paper titled Source Code Review of the Sequoia Voting System.
Tesco Bank has been forced to suspend its online transactions after fraudulent criminal activity was spotted on thousands of its customer accounts over the weekend.
A total of 40,000 current accounts were hit by suspicious transactions. Money was pinched from 20,000 of the affected current accounts, Tesco Bank said on Monday morning.
"We apologise for the worry and inconvenience that this has caused for customers, and can only stress that we are taking every step to protect our customers’ accounts," said the bank's chief Benny Higgins.