“Crosscheck was launched by the Kansas Secretary of State’s office, which continues to run the program to this day. But, for whatever reason, before election officials in Kansas actually acquire any of the voter data, it is dumped onto a server maintained by the Arkansas Secretary of State’s office. According to security experts, the network on which the server sits is highly susceptible to attack. One of the researchers told Gizmodo with high confidence that infiltrating the network would likely take only a matter of hours.”I've asked Secretary of State Mark Martin's office about the issue.
One of the researchers told Gizmodo with high confidence that infiltrating the network would likely take only a matter of hours.
Researchers at Netragard, a penetration testing company specializing in “realistic threats,” concluded that administrators overseeing the Arkansas server are likely deluded by a false sense of security. The firm’s CEO and managing partner, Adriel Desautels, said that “breaching these systems can likely be done by a novice hacker,” a conclusion he arrived at less than five minutes into examining the network.
“If the State of Arkansas hired us to deliver a penetration test, based on what we see here, we’d almost certainly be able to breach without them detecting us,” Desautels said. “In fact, we’re so confident in that, that we wouldn’t bill them if we failed to breach.”