A Florida election software company targeted by Russians in 2016 inadvertently opened a potential pathway for hackers to tamper with voter records in North Carolina on the eve of the presidential election, POLITICO reported on Wednesday, citing a document and a person with knowledge. From the report: VR Systems, based in Tallahassee but with customers in eight states, used what’s known as remote-access software to connect for several hours to a central computer in Durham County, N.C., to troubleshoot problems with the company’s voter list management tool, the person said. The software distributes voter lists to so-called electronic poll books, which poll workers use to check in voters and verify their eligibility to cast a ballot.
The company did not respond to POLITICO’s requests for comment about its practices. But election security experts widely condemn remote connections to election-related computer systems — not only because they can open a door for intruders but because they can also give attackers access to an entire network, depending on how they’re configured. In Durham County’s case, the computer in question communicated with North Carolina’s State Board of Elections to download the county’s voter list before elections, which could have potentially opened a gateway to the state system as well.
of this story at Slashdot.
Source:: Slashdot