Disclosed for the first time via public address on Wednesday, West Virginia Secretary of State, Mac Warner, said there was an unsuccessful attempt to breach the pilot program, dubbed the “military mobile voting solution”, during the 2018 election cycle.
Someone attempted to tamper with West Virginia’s blockchain-based voting pilot.
Though specifics cannot be revealed while the incident is under investigation by the Federal Bureau of Investigation (FBI), Warner said “no votes were altered, impacted, viewed or in any way tampered with.”
Developed by Medici-backed blockchain startup Voatz, the mobile app maker was tapped to provide citizens and military personnel deployed overseas a secure way to vote. The app uses facial and thumbprint recognition and stores voter-verified ballot receipts on an immutable ledger.
“The system worked as designed and intended. The attempt was detected, thwarted at the gate and reported to the authorities”, Voatz CEO Nimit Sawhney told CoinDesk.
To date, the startup has conducted more than 31 pilots, including an implementation in Denver, Colorado’s municipal elections this past May. It completed a $7 million Series A in June.
The hackers’ IP addresses were turned over to the FBI, who will determine if crimes were committed. CNN reported Friday, the addresses may by tied to students enrolled in a University of Michigan election security course.
West Virginia Ditches Blockchain Voting App Provider Voatz
Voatz, the blockchain-based voting app that was recently claimed by researchers to have vulnerabilities, will no longer be used in West Virginia’s coming elections.On Saturday, NBC News reported that West Virginia’s secretary of state, Mac Warner, had announced that disabled and overseas voters would not, after all, be able to vote with mobile applications during the state’s primaries. Instead, they will have to use a service by Democracy Live, which allows users to fill out a ballot online and return it via post.
West Virginia piloted Voatz’s app during last year’s general midterm election, and introduced legislation early this February mandating an electronic voting option for counties across the state. NBC also said that it had seen an agreement between Voatz and the state, indicating the app firm would provide its services for voting in 2020.
However, it seems West Virginia’s confidence in the technology was been shaken by two studies from MIT and the Department of Homeland Security (DHS) published in mid-February said the Voatz app and internal processes had a number of security vulnerabilities that could lead to hackers altering the ballot and revealing voter identities.
The DHS’ Cybersecurity and Infrastructure Security Agency (CISA), however, determined that Voatz had «no active threats» on its network during the week-long operation for the U.S. midterm elections in September 2019.
Voatz said it has since addressed recommendations provided by the DHS.
An election auditor who supervised Utah County’s rollout of the Voatz system told CoinDesk previously that at least some of the bugs the MIT researchers found cannot be exploited in practice.
“If the public doesn’t want it, or is skeptical to the point they’re not confident in the results, we have to take that into consideration”, Donald Kersey, general counsel to the West Virginia secretary of state, said in NBC’s report.
