Russian military intelligence executed a cyber attack on at least one US voting software supplier and sent spear-phishing e-mails to more than 100 local election officials just days before November's presidential election.
This is according to a highly classified intelligence report obtained by The Intercept. The top-secret National Security Agency (NSA) document, provided anonymously to The Intercept and independently authenticated, analyses intelligence recently acquired by the agency about a months-long Russian intelligence cyber effort against elements of the US election and voting infrastructure.
The US intelligence community said hacks were carried out by Russia to disrupt the election and eventually help Republican Donald Trump win.
The report indicates Russian hacking may have penetrated further into US voting systems than previously understood.
It states in its summary statement that it was Russian military intelligence, specifically the Russian General Staff Main Intelligence Directorate that conducted the cyber attacks.
This is despite Russian president Vladimir Putin saying patriotic Russian hackers may have staged cyber attacks against countries that had strained relations with Moscow on their own initiative, but the Russian state had never been involved in such hacking.
The US Department of Justice on Monday afternoon released a criminal complaint against Reality Leigh Winner, a 25-year-old intelligence contractor, accusing her of violating her top-secret security clearance to print and mail a classified document to the media early last month.
That classified document appears to be the one published by The Intercept just hours earlier.
Active investigation
Commenting on the report, Phillip Hallam-Baker, VP and principal scientist at cyber security firm Comodo, says what is being shown is that the integrity of an election depends on much more than the secrecy of the ballot and the integrity of the count.
"When looking at any security breach, the first question to ask is 'what are the assets at risk?' Whenever a government system is involved, reputation is a major asset, and an attack that damages the reputation of the election process will delegitimise the regime in some people's eyes."
Hallam-Baker points out the disclosure confirms the NSA was actively investigating Russian attempts to manipulate the result of the 2016 election and that significant evidence of interference had been uncovered.
The timing of the attacks makes it unlikely the objective of these particular attacks was to change the way the voting machines counted votes in the 2016 election, he notes.
"There would be little time to analyse material exfiltrated, let alone act on it to develop an attack against voting machines, which would, in any case, be in the process of being distributed to the polling stations in the weeks before the election. It is possible the attacks were advance planning for future elections, possibly outside the US."
He believes it is quite possible it was a stepping stone attack, and the ultimate targets were the customers - election officials.
"Changing the outcome of a presidential election by hacking voting machines would be very difficult because of the patchwork of different authorities and different systems in use. Changing the outcome of a state or local race is a real possibility, though," he adds.
According to Hallam-Baker, one direct attack suggested in the document is impersonation of a company managing absentee ballots.
"It is possible to imagine attacks in which such a company could suppress votes of targeted electors by suppressing distribution of ballots or causing cast ballots to be destroyed. But there is no reason to believe such attacks are even possible, let alone have been attempted at this point."
Share