Election hackers return to DEF CON as states look to Congress to fund solution

Andcherla Marcelin, a Miami-Dade election support specialists, checks voting machines for accuracy. Photo: Joe Raedle/Getty Images

The hacker conference DEF CON launched its second annual election hacking extravaganza on Friday after last year's conference led cybersecurity enthusiasts to discover several security flaws in election equipment and are poised to do the same thing again this year.

The big picture: One secretary of state argued at the event that the problem may be less about rediscovering how unsecure machines are, and more about getting the funding to do anything about it.

What they're saying: "We spend $700 billion for defense," California Secretary of State Alex Padilla told Axios. "Last week, the White House said that election security was a national security issue. For less than 1 tenth of 1%, Congress could make a world of difference."

The event: Padilla was one of several high profile attendees at this year's conference. He and Homeland Security Assistant Secretary for the Office of Cybersecurity and Communication Jeanette Manfra both spoke at the event and several Homeland Security cybersecurity experts participated in the hacking.

The background: Congress fronted $380 million for new election systems earlier this year — but that money came from a fund started more than a decade ago.

  • "The money Congress appropriated last month isn’t cybersecurity money, it’s still hanging chad money," said Padilla, who would later echo the remarks at a panel. "We need cybersecurity money."
  • Padilla noted that the changing cybersecurity landscape requires continually updated systems and replacing equipment. The one-time Congressional gift would not be enough for every state to make necessary repairs, let alone keep systems secure on any long-term basis.

State officials worry the hacking event will be misconstrued. The speed and thoroughness with which hackers tunneled into voting machines and a poll book last year received widespread press coverage.

  • On Thursday, the National Association of Secretaries of State said it supported the hacking event this year, but wanted to be clear the hacking did not accurately represent real world conditions.
"Providing conference attendees with unlimited physical access to voting machines...does not replicate accurate physical and cyber protections established by state and local governments. "

Hacking voting machines often needs to be done with physical access to each machine. Following proper security hygiene guidelines, including limiting access to machines, minimizes those threats.

  • Still, the DEF CON event is very useful, argue Manfra and Padilla. "I'd rather learn what to defend against here than from a hacker," said Padilla.

What's next

⚖️ Live updates: Democrats' second day of opening arguments

"He could release the aid or break the law. He chose to break the law," House impeachment manager Rep. Zoe Lofgren (D-Calif.) said at day 3 of Trump's Senate impeachment trial.

The big picture: Democrats have roughly 8 hours remaining over the next two days to lay out their case against Trump's alleged abuse of power and obstruction of Congress.

Go deeperArrowJan 21, 2020 - Politics

Putin foe Bill Browder was warned of potential danger in Davos

Photo: Julia Reinhart/Getty Images

No story caused a bigger stir in Davos this week than the news that two suspected Russian spies had been caught in August posing as plumbers in the Alpine town.

Between the lines: One prominent attendee instantly suspected a personal connection. Bill Browder, a U.S.-born financier and long-standing thorn in the side of Vladimir Putin, tells Axios that before departing for Davos he received a warning from the British security services — passed along by their Swiss counterparts — that he could be in danger.

Go deeperArrow5 hours ago - World

Chinese cities cancel Lunar New Year events amid Wuhan coronavirus outbreak

People in Guangzhou, China, wearing masks on public transportation. Photo: Stringer/Anadolu Agency via Getty Images

25 people have died from an outbreak of a new coronavirus strain that originated in Wuhan, China, including the first outside the immediate area, provincial authorities said Thursday.

The latest: Major cities in China, including Beijing, have canceled large public gatherings for the Lunar New Year holiday, the most important in the country, to help contain the outbreak, according to the Washington Post.

Go deeperArrowJan 20, 2020 - World