11-Year-Old Emmet Brewer Hacks Into Florida Election Website Within 10 Minutes & Changes Results

In less than 10 minutes, 11-year-old Emmet Brewer successfully hacked in a replica website of the Florida Secretary of State and changed election results during a hacking convention in Las Vegas.

At the DefCon 26, one of the world’s largest hacking conventions, out of 40 hackers — more than 30 were able to hack into in replica websites of six swing states, Brewer completed his hack in under 10 minutes. The young hackers were taking part in the so-called “DEFCON Voting Machine Hacking Village,” a portion of which allowed kids the chance to manipulate party names, candidate names and vote count totals.

Here’s the DefCon Voting Machine Hacking Village roundup of discoveries for the day! Day 1 / Part 1 pic.twitter.com/ovQs7uX7jK

— DEFCON VotingVillage (@VotingVillageDC) 11. August 2018

Subscribe to our free weekly newsletter!

A week of political news in your in-box.
We find the news you need to know, so you don't have to.

The National Association for Secretaries of State questioned the hacking village events, claiming they don’t realistically portray a scenario where these machines could be accessed. “Providing conference attendees with unlimited physical access to voting machines, most of which are no longer in use, does not replicate accurate physical and cyber protections established by state and local governments before and on Election Day,” it said in a statement. “While it is undeniable websites are vulnerable to hackers, election night reporting websites are only used to publish preliminary, unofficial results for the public and the media. The sites are not connected to vote counting equipment and could never change actual election results.”‘

The hackers beg to differ. “To me that statement says that the secretaries of states are not taking this seriously. Although it’s not the real voting results it’s the results that get released to the public. And that could cause complete chaos,” said Nico Sell, the co-founder of the non-profit r00tz Asylum that teaches children how to become hackers and helped organize the event, told PBS. “The site may be a replica but the vulnerabilities that these kids were exploiting were not replicas, they’re the real thing. These things should not be easy enough for an 8-year-old kid to hack within 30 minutes, it’s negligent for us as a society.”

Matt Blaze, professor of computer and information science at the University of Pennsylvania who helped to organize the “hacking village” said it is “not surprising that these precocious, bright kids would be able to do it because the websites that are on the internet are vulnerable, we know they are vulnerable. What was interesting is just how utterly quickly they were able to do it.”