Voting systems in the United States are so woefully hackable, even an 8-year-old could do it.

At least, that’s the conceit of a competition cosponsored by the Democratic National Committee at next week’s Def Con hacker conference in Las Vegas. The contest will include children, ages 8 to 16, who will be tasked with penetrating replicas of the websites that secretaries of state across the country use to publish election results. They’ll vie for $2,500 in prize money, $500 of which will come from the DNC and be awarded to the child who comes up with the best defensive strategy for states around the country.

The DNC’s chief technology officer, Raffi Krikorian, says he was inspired to team up with Def Con after scoping out an event at last year’s conference called Voting Village, where attendees—grown-ups this time—got to hack into various models of voting machines and find flaws. “We wanted to figure out how we could use this to our advantage,” Krikorian tells WIRED. “Let’s get those lessons back to secretaries of state.”

The Voting Village, which caters to experienced hackers, will continue this year. But the organizers behind the event wanted to expand their work to cover one of the most glaringly obvious holes in election security: state websites that post election results. International elections have already proven how these types of hacks can go horribly wrong. In 2014, Russian hackers penetrated the website of Ukraine's Central Election Commission and changed the election result, prompting Russian media to run with the false news.

But getting kids involved was more than just a cutesy ploy to get the public to pay attention to election security, says Jake Braun, who worked for the Department of Homeland Security under President Obama and is organizing the event. State election sites are so deeply flawed, Braun says, no adult hackers would be interested in cracking them. “The hackers would laugh us off the stage if we asked them to do this.”

So the Voting Village team partnered with r00tz Asylum, a nonprofit that runs security training for kids and is one of the cosponsors of the event along with the DNC and the University of Chicago. They tapped prominent cybersecurity expert Brian Markus to design mockups of state websites for 13 presidential battleground states, which the kids will attempt to hack.

Krikorian admits a lot of this work “is seriously low-hanging fruit,” but he says the most common questions he fields from local election officials are about how to defend their websites and voter databases. The fact that these officials are reaching out to the DNC—a campaigning organization that doesn’t administer elections—is a foreboding sign in and of itself. “If they’re reaching out to the party asking for advice, it sounds like they’re not getting the right advice from the government or any three-letter agencies,” Krikorian says.

'If they’re reaching out to the party asking for advice, it sounds like they’re not getting the right advice from the government or any three-letter agencies.' Raffi Krikorian, Democratic National Committee

That’s concerning given the mounting signals that the 2018 midterm elections are already under attack. Director of national intelligence, Dan Coats, said that “the warning lights are blinking red again,” with regard to attacks on United States infrastructure. Microsoft says it’s already thwarted three attacks on Democrats, including senator Claire McCaskill. Krikorian says he is in steady communication with both Microsoft and Google about potential threats against Democrats' email and storage services. He acknowledges, however, that the party's coordination with social media companies like Facebook and Twitter isn't as strong.

Given the scale of the threat, the DNC will obviously have to do a lot more than entrust election security to kids if it wants to avoid a repeat of 2016's cybersecurity catastrophe. That's why Krikorian joined the party in 2017, after a long career working in tech at companies like Twitter and Uber. When he came on board, the DNC was still recovering from the devastating Russian hack of its servers in the run-up to the 2016 election. Since then, he’s worked to fortify the party, bringing in industry experts like Bob Lord, formerly of Yahoo, to be the DNC’s chief of security. Together, they’ve pushed the organization to adopt basic security measures like two-factor authentication, and are working with outside experts to monitor suspicious traffic. They’ve also launched phishing attacks on the whole staff, not unlike the one that allowed Russian hackers to infiltrate their system to begin with.