Russian hackers attacked at least one US voting software supplier days before last year’s presidential election, according to a government intelligence report leaked Monday that suggests election-related hacking penetrated further into US voting systems than previously known.
The classified National Security Agency report, which was published online by The Intercept, does not say whether the hacking had any effect on election results. But it says Russian military intelligence attacked a US voting software company and sent spear-phishing emails to more than 100 local election officials at the end of October or beginning of November.
US intelligence agencies declined to comment.
However, the Justice Department announced Monday it had charged a government contractor in Georgia with leaking a classified report containing “Top Secret level” information to an online news organisation. The report the contractor allegedly leaked is dated May 5, the same date as the document The Intercept posted online. The document said Russian military intelligence “executed cyber espionage operations against a named US company in August 2016 evidently to obtain information on elections-related software and hardware solutions, according to information that became available in April 2017.” The hackers are believed to have then used data from that operation to create a new email account to launch a spear-phishing campaign targeting US local government organisations, the document said. “Lastly, the actors send test emails to two non-existent accounts ostensibly associated with absentee balloting, presumably with the purpose of creating those accounts to mimic legitimate services.”
Leaked NSA report says Russian military intelligence hacked US voting machine manufacturer weeks before election: https://t.co/Fn2wadB9Lz— Charlie Stross (@cstross) June 6, 2017
Russian attempt to hack voting raises need for FEDERAL LAW REQUIRING VOTING MACHINE PAPER TRAIL. RT the hell out of this. — Bill Prady (@billprady) June 5, 2017
The document did not name any state.
The information in the leaked document seems to go further than the US intelligence agencies’ January assessment of the hacking that occurred.
“Russian intelligence obtained and maintained access to elements of multiple US state or local electoral boards,” the assessment said. The Department of Homeland Security “assesses that the types of systems Russian actors targeted or compromised were not involved in vote tallying.”
The Intercept contacted NSA and the national intelligence director’s office about the document and both agencies asked that it not be published. US intelligence officials then asked The Intercept to redact certain sections. The Intercept said some material was withheld at US intelligence agencies’ request because it wasn’t “clearly in the public interest.”