In an age of superfast computer systems and interconnected every part, the one certain approach to defend the integrity of election outcomes is to return to paper and pen.
That’s the view of Sijmen Ruwhof, an moral or “white hat” hacker, who final month revealed that the Dutch election’s fee pc software program was riddled with vulnerabilities.
In a shock announcement simply weeks earlier than the March 15 elections – seen as a bellwether of the rise of far-right and populist events throughout Europe – Dutch officers introduced they have been abandoning the pc system in use since 2009 to return to counting ballots by hand.
It was Ruwhof who found the issue. On the request of Dutch broadcaster RTL he spent only one night inspecting the OSV software program, developed for the Dutch authorities by a German firm, by way of a web based YouTube explanatory video, discovering 25 weak factors.
“It gave the impression to be fully insecure. I used to be fairly shocked that we run our democracy, our election course of based mostly on very weak software program,” he instructed AFP.
Inside days of the RTL report, the inside ministry introduced ballots forged by the 12.9 million eligible voters would now be hand counted.
Then the pinnacle of the Dutch secret providers (AIVD) made one other beautiful revelation – prior to now six months there had been a whole lot of tried cyber-attacks on Dutch corporations and authorities businesses. Most have been believed to have been carried out by Russian, Chinese language and Iranian hackers.
“It is an actual problem to remain forward of the sport,” AIVD head Rob Bertholee mentioned.
However these revelations, just like the beautiful information that Russian hackers seem to have meddled within the US presidential elections, have been of little shock to Ruwhof.
As a 12-year-old he turned fascinated by computer systems. Self-taught, he managed to hack into the college computer systems and knowledgeable grateful academics the system was insecure.
That was 19 years and an data know-how diploma in the past. Now 31, Ruwhof makes his residing working for banks, authorities departments, and main corporations hacking at their request into their methods to show their weaknesses.
“It’s totally simple,” he insisted, with none smugness. However he stays annoyed that for a lot of corporations and organisations safety is nearly an afterthought.
“Software program methods are so complicated these days that it is arduous for a single IT individual to understand the entire system. So no one has the whole image of the system. As a hacker you simply go by and also you scan for weak spots and also you all the time discover one thing.”
The world has been fortunate to this point, as a result of few terror teams just like the so-called Islamic State have the capability but to unleash “cyber terrorism”.
However think about if from a pc far, far-off malfeasants may snap the ability grid, change the system for purifying ingesting water, or empty tens of millions without delay from financial institution accounts, undermining the monetary system?
And that it’s not the worst state of affairs.
“In the event you handle to control election software program, you possibly can resolve who runs a rustic, and that is an entire completely different affect,” Ruwhof warned.
‘Subtle spy units’
His recommendation? “If you wish to defend your system towards state sponsored hacking, ditch your pc. You can not belief it,” he mentioned.
Computer systems are “extremely subtle spy units” they usually “are in every single place in our society” – with increasingly more units from our vehicles to our espresso machines changing into interconnected.
Nations who need to use computer systems for vote counting ought to construct their very own system from scratch. And so they cannot use present working methods for concern somebody may have written a backdoor into tens of millions of traces of code.
“You must write your personal working system, it’s a must to design your personal and you should perceive that the election course of is of the utmost excessive integrity. So you actually need to have the best requirements for safety,” mentioned Ruwhof.
However it’s a massively costly prospect, and with time the software program will degrade.
Prior to now elections “have been all the time executed with out computer systems,” Ruwhof mentioned.
“As a result of there’s a pc, we should always use a pc? No, let’s follow paper. It is probably the most safe possibility.”