As part of its cybersecurity strategy, Swiss Post is allowing its IT systems to be publicly hacked. The company will provide financial rewards for confirmed vulnerabilities. Swiss Post’s experience shows that this is an extremely effective method for continually improving systems and protecting against attacks.
Swiss Post has published its new e-voting system with complete verifiability on a consistent basis. Since 2021, cryptographers and hackers have been able to check the source code and system documentation for errors and simulate attacks. Swiss Post is now expanding the test options by carrying out a public intrusion test. The implementation of repeated public intrusion tests is also a legal requirement of the Swiss Confederation for e-voting trial operations.
Attacks on the 1:1 infrastructure now possible
For four weeks, from 8 August to 2 September 2022, ethical hackers will be able to attack the Swiss Post e-voting infrastructure. Hackers will deal with the same infrastructure that will be used when the system goes live in the cantons. Swiss Post will reward confirmed vulnerabilities from the intrusion test as part of a bug bounty programme. The test is public and no registration is required to take part.
How will the intrusion test work?
Swiss Post will provide sample voting cards for the public intrusion test. Hackers and anyone else interested will then be able to simulate the vote casting process on the voting portal. The voting portal is the surface level of the e-voting system and therefore the first point of attack for hackers. The outer protective ring of the system is the e-voting infrastructure − this is what the hackers will attempt to breach with their attacks. The key security objectives for the e-voting system, such as voting secrecy and the authenticity of electronic ballot boxes, are however protected by both the infrastructure and other cryptographic security precautions. Public testing of these has been ongoing since 2021. Swiss Post provides a reward of up to 250,000 francs for vulnerabilities related to e-voting security objectives as part of the ongoing bug bounty programme. Up to 30,000 francs are available for vulnerabilities connected to the intrusion test that has now begun, i.e. in relation to the infrastructure.
Development for initial use to continue in parallel
Swiss Post’s goal for the intrusion test is to detect potential vulnerabilities and improve the e-voting infrastructure. Swiss Post will publish the confirmed findings on an ongoing basis on the specialist platform GitLab − the findings with the highest and second highest degree of severity will also be described in the blog. The company will then summarize the results of the test in a report. In parallel, Swiss Post will continue its work to address the findings from the independent audit by the Swiss Confederation and from the community programme. Work will also be done on the voting portal to make it more user-friendly ahead of first use.
The public intrusion test is another step towards making the e-voting system ready for the cantons to use in 2023.
Public review
- Auditability of the system further improved: in developing its future e-voting system, Swiss Post places great importance on the source code and documentation being comprehensible to third parties. For this reason, the company allows its auditability to be regularly reviewed externally. According to the latest report, Swiss Post has further improved auditability and almost achieved full marks (4.8 out of 5).
- Around 150 reports: in 2021, Swiss Post initiated an e-voting community programme and published all the relevant components and documentation for the beta version of its future system. Experts around the world are able to review and test it. Since January 2021, Swiss Post has received around 150 reports from specialists (as at July 2022). On the basis of these reports, Swiss Post has already implemented various improvements to the system. To the overview of findings.
