German hackers say vote software a security 'write-off'

September 7, 2017

German IT security experts said Thursday that they had found "serious flaws" in the ballot software being used for the September 24 elections in which Chancellor Angela Merkel is seeking a fourth term.

The Chaos Computer Club, Europe's biggest hacker collective, said the system to count and transmit vote results lacked proper encryption and other tools, labelling it a "write-off".

The privately developed "PC-Wahl" (PC Election) —used for years in several of Germany's 16 states—"should never have been used," said a CCC spokesman, Linus Neumann.

"The number of possible attack targets and the severity of vulnerabilities exceeded our worst fears," he said in comments first published by news weekly Die Zeit.

The report highlights fears about cyberattacks before and during the election in Germany, where lawmakers' PCs were crippled in a 2015 attack which security services pinned on Russia.

The CCC warned that German parliamentary results could potentially be manipulated remotely because the software failed to meet even "the basic principles of IT security".

CCC hackers have in the past highlighted IT security flaws in high-profile cases, and their members often give expert testimony in German parliamentary hearings and court cases.

But the developer of the software, Volker Berninger, rejected the criticism, telling Die Zeit that "in the worst-case scenario, someone would create confusion".

"Some wrongful results would be published on the internet, but the correct ones would still exist on paper. This would cause anger and confusion but have no relevance."

But the CCC said any online attack would have "the potential to permanently undermine confidence in the democratic process".

"This is simply not the right millennium in which to turn a blind eye to IT security in elections," Neumann said.

Explore further: Briton faces court over Deutsche Telekom cyber attack

Related Stories

Recommended for you

Augmented reality takes 3-D printing to next level

February 20, 2018

Cornell researchers are taking 3-D printing and 3-D modeling to a new level by using augmented reality (AR) to allow designers to design in physical space while a robotic arm rapidly prints the work.

What do you get when you cross an airplane with a submarine?

February 15, 2018

Researchers from North Carolina State University have developed the first unmanned, fixed-wing aircraft that is capable of traveling both through the air and under the water – transitioning repeatedly between sky and sea. ...

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.