Leaked NSA Report Claims Russian 'Cyber Espionage' Against US Elections

US intelligence services believe hackers acting on behalf of the Russian military intelligence "executed cyber espionage operations" against election systems days before the country went to the polls in November las year.

A leaked NSA document report says at least one company providing software for the electoral process was targeted. More than 100 local election officials were also targeted by spear-phishing emails, the document alleges.

The publication of the document has been followed by the FBI announcing it has charged 25-year-old NSA contractor Reality Leigh Winner in connection with removing 'classified' information from a government location and providing it to a news organisation.

Within the five-page leaked document, there is no suggestion that the US result was impacted by the hacking attempts but it is the most detailed report to surface from officials about Russian interference within the election process.

"Russian General Staff Main Intelligence Directorate actors executed cyber espionage operations against a named US company in August 2016, evidently to obtain information on elections-related software and hardware solutions,' the NSA report says. The security agency says it received this information in April 2017 and the report is dated May 5.

The report continues: "The actors likely used data obtained from that operation to create a new email account and launch a voter registration-themed spear-phishing campaign targeting US local government organisations". It is believed the government officials, who were involved in voter registration systems, were targeted following their names being taken from the hacked company.

"It is unknown whether the aforementioned spear-phishing deployment successfully compromised the intended victims, and what potential data could have been accessed by the cyber actor," a comment attached to the document says.

Within the spear-phishing campaign the Russian actors sent malware inside a Word document which, when opened, would run a script that would infect other machines. The NSA's document also says email addresses were created by the Russian actors that may have been used to "offer election-related products and services".

Recently Winner was arrested and charges were announced by the US Justice Department. Within a 6-page affidavit it is alleged that Winner, who worked for Pluribus International Corporation, printed the NSA document and then sent it to the news organisation. 

Winner was identified following the NSA tracing the document's movements. It "appeared to be folded and/or creased, suggesting they had been printed and hand-carried out of a secured space," the legal document says. The security agency then says it found six individuals had printed the report and a scan on those people's computers showed she had been in contact with the news outlet.

The FBI added that Winner admitted to printing and sharing the document. If convicted of a crime, she could face a 10-year prison sentence.

Publication of the document comes just days after Vladimir Putin insisted his country wasn't involved in hacking. "I'm deeply convinced that no hackers can radically influence another country's election campaign," Putin said. However, at the St Petersburg economic forum, he conceded it would be "theoretically possible" for people to hack election systems.

Wired

You Might Also Read:

Electoral Influence: 40yrs Of Kremlin Interference:

Russian Military Was Behind Hacking Clinton Campaign:

How Russian Cyber Power Attacked The US:

 

 

 

« Islamic State's Social Media Strategy
UK’s Trident Nuclear Subs Vulnerability To Hackers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Contrast Security

Contrast Security

Contrast Security is the leader in modernized application security, embedding code analysis and attack prevention directly into software.

DTEX Systems

DTEX Systems

DTEX Systems is the global leader for insider risk management. We empower organizations to prevent data loss by proactively stopping insider risks from becoming insider threats.

CloudHesive

CloudHesive

CloudHesive provides cloud solutions through consulting and managed services with a focus on security, reliability, availability and scalability.

Konfidas

Konfidas

Konfidas provide high-level cybersecurity consulting and professional tailored solutions to meet specific cybersecurity operational needs.

National Cyber Security Centre (NCSC) - Netherlands

National Cyber Security Centre (NCSC) - Netherlands

NCSC Netherlands coordinates enhancing the cyber resilience of the Netherlands in the digital domain.

Cybercrypt

Cybercrypt

Cybercrypt is a world leading system provider in robust cryptography. Protecting critical assets, applications and sensitive data.

GroupSense

GroupSense

GroupSense helps governments and enterprises take control of digital risk with cyber reconnaissance, counterintelligence and monitoring for breached credentials.

NuID

NuID

NuID is a pioneer in trustless authentication and decentralized digital identity.

Havoc Shield

Havoc Shield

Havoc Shield is an all-in-one information security platform that includes everything a growing team needs to secure their remote workforce.

Nucleon Security

Nucleon Security

Nucleon Endpoint Detection and Response EDR is the most effective way to protect the value created by your organization against any threat.

Tugboat Logic

Tugboat Logic

Tugboat Logic was created to address the skills and expertise gap in the security and compliance industry. Our goal is to simplify and automate information security management for every enterprise.

HCS

HCS

HCS is an IT Company and Telecoms provider with an experienced team who are dedicated to ensuring our clients business systems are protected.

Atlas Cloud

Atlas Cloud

Atlas Cloud is a UK-wide provider of managed services based in Newcastle. Our ‘research-led’ approach to IT services helps leaders make better decisions about IT for their businesses.

Sentar

Sentar

Sentar is a cyber intelligence company, applying advanced analytics and systems engineering expertise to protect our national security by securing mission-critical assets.

Tyto Athene

Tyto Athene

At Tyto Athene, we harness the power of technology to provide solutions that shape the future.

P3M Works

P3M Works

P3M Works delivers Cyber Security and Digital Transformation projects across both private and public sector clients.