Fox-IT has identified several security vulnerabilities in the voting process and software that was planned to be used for the Dutch House of Representatives elections of March 2017.
After receiving warnings from security experts regarding the software used in the elections and the risk posed by (state sponsored) hackers, the Minister Plasterk of Ministry of the Interior and Kingdom Relations has asked the leading cybersecurity company Fox-IT to carry out an independent risk assessment of the current Dutch voting system. Research by Fox-IT has shown that votes could be manipulated due to vulnerabilities in the process combined with technical vulnerabilities, such as outdated operating systems and the OSV software provided by software maker IVU.
Because of time constraint – there was only one solution – to make the manual counting process leading. Additionally, the votes were also counted digitally to verify the manual results. The German press has followed the uproar with big interest, as the elections to the Bundestag will take place on 24th September 2017. Reportedly a similar procedure as in The Netherlands is applicable in the elections Germany in which software from IVU is also used. The organizations and people involved have been warned and hopefully the identified risks will be remedied before the elections in Germany take place.