Leaked NSA Report Claims Russian 'Cyber Espionage' Against US Elections

Uploaded on 2017-06-09 in NEWS-Cybersecurity News, INTELLIGENCE--USA, FREE TO VIEW

US intelligence services believe hackers acting on behalf of the Russian military intelligence "executed cyber espionage operations" against election systems days before the country went to the polls in November las year.

A leaked NSA document report says at least one company providing software for the electoral process was targeted. More than 100 local election officials were also targeted by spear-phishing emails, the document alleges.

The publication of the document has been followed by the FBI announcing it has charged 25-year-old NSA contractor Reality Leigh Winner in connection with removing 'classified' information from a government location and providing it to a news organisation.

Within the five-page leaked document, there is no suggestion that the US result was impacted by the hacking attempts but it is the most detailed report to surface from officials about Russian interference within the election process.

"Russian General Staff Main Intelligence Directorate actors executed cyber espionage operations against a named US company in August 2016, evidently to obtain information on elections-related software and hardware solutions,' the NSA report says. The security agency says it received this information in April 2017 and the report is dated May 5.

The report continues: "The actors likely used data obtained from that operation to create a new email account and launch a voter registration-themed spear-phishing campaign targeting US local government organisations". It is believed the government officials, who were involved in voter registration systems, were targeted following their names being taken from the hacked company.

"It is unknown whether the aforementioned spear-phishing deployment successfully compromised the intended victims, and what potential data could have been accessed by the cyber actor," a comment attached to the document says.

Within the spear-phishing campaign the Russian actors sent malware inside a Word document which, when opened, would run a script that would infect other machines. The NSA's document also says email addresses were created by the Russian actors that may have been used to "offer election-related products and services".

Recently Winner was arrested and charges were announced by the US Justice Department. Within a 6-page affidavit it is alleged that Winner, who worked for Pluribus International Corporation, printed the NSA document and then sent it to the news organisation. 

Winner was identified following the NSA tracing the document's movements. It "appeared to be folded and/or creased, suggesting they had been printed and hand-carried out of a secured space," the legal document says. The security agency then says it found six individuals had printed the report and a scan on those people's computers showed she had been in contact with the news outlet.

The FBI added that Winner admitted to printing and sharing the document. If convicted of a crime, she could face a 10-year prison sentence.

Publication of the document comes just days after Vladimir Putin insisted his country wasn't involved in hacking. "I'm deeply convinced that no hackers can radically influence another country's election campaign," Putin said. However, at the St Petersburg economic forum, he conceded it would be "theoretically possible" for people to hack election systems.

Wired

You Might Also Read:

Electoral Influence: 40yrs Of Kremlin Interference:

Russian Military Was Behind Hacking Clinton Campaign:

How Russian Cyber Power Attacked The US:

 

 

 

« Islamic State's Social Media Strategy
UK’s Trident Nuclear Subs Vulnerability To Hackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TrustedSec

TrustedSec

TrustedSec is an information security consulting services, providing tailored solutions and services for small, mid, and large businesses.

Coro Cybersecurity

Coro Cybersecurity

Coro (formerly Coronet) empowers organizations to protect against malware, ransomware, phishing, and botnets - across devices, users, and cloud applications.

Nexis

Nexis

Nexis GmbH is a German IT security company specializing in IAM, access control, and risk management.

Mnemonica

Mnemonica

Mnemonica specializes in providing data protection system, information security compliance solutions, cloud and managed services.

GuardSI

GuardSI

GuardSI was created to protect companies from growing threats to security such as fraud, hacking, internal theft, accidents and human mistakes that can directly affect the business.

Jobsite

Jobsite

Jobsite is an award winning job board in the UK providing job listings in the key sectors of IT, Engineering and Finance.

Collins Aerospace

Collins Aerospace

Collins Aerospace provides cybersecurity services and systems to protect critical infrastructure facilities and railroad operations.

MicroSec

MicroSec

MicroSec is a company specializing in IoT security. We focus on bringing enterprise grade security to IoT and embedded systems.

7layers

7layers

7layers has established itself as one of the world’s leading test house groups for mobile devices and the growing number of wireless devices, modules and chipsets.

Teleport

Teleport

Teleport is a remote-first technology company. We enable engineers to quickly access any computing resource anywhere on the planet.

Oivan

Oivan

Oivan harnesses the strengths of the web, mobile, cloud, cybersecurity, and blockchain technologies to help our clients to launch transformative digital services.

Normalyze

Normalyze

Normalyze are solving some of the most painful problems enterprise IT security teams face in the cloud and data security space. We help enterprises protect all the data they run in the cloud.

Secjur

Secjur

Secjur is a provider of AI-based compliance tools that aim to put compliance, data protection, information security and whistleblowing on autopilot.

Core4ce

Core4ce

Core4ce is a mission-oriented company that serves as a trusted partner to the national security community.

Ventum Consulting

Ventum Consulting

Ventum Consulting stands for digitalization, networking and agilization. We take this up on the strategic, professional and technical side and support our customers in the digital transformation.

Entitle

Entitle

Entitle's SaaS-based platform automates how permissions are managed, enabling organizations to eliminate bottlenecks and implement robust cloud least privilege access.