In the wake of the 2016 election, that inviolability is increasingly in question, but given that there are 66 weeks until midterm elections, and 14 weeks until local 2017 elections, there's plenty of time to fix the poor state of voting technology, right? Wrong. To secure voting infrastructure in the US in time for even the next presidential election, government agencies must start now.
At Def Con 2017 in Las Vegas, one of the largest hacker conferences in the world, Carsten Schurmann (coauthor of this article) demonstrated that US election equipment suffers from serious vulnerabilities. It took him only a few minutes to get remote control of a WINVote machine used in several states in elections between 2004 and 2015. Using a well-known exploit from 2003 called MS03-026, he gained access to the vote databases stored on the machine. This kind of attack is not rocket science and can be executed by almost anyone. All you need is basic knowledge of the Metasploit tool.
Had Schurmann hacked the WINVote during an election, he could have changed the vote totals stored on the machine, observed voters while they were voting or simply have turned off the machine during voting day to cause havoc.