Leaked NSA Report Claims Russian 'Cyber Espionage' Against US Elections

US intelligence services believe hackers acting on behalf of the Russian military intelligence "executed cyber espionage operations" against election systems days before the country went to the polls in November las year.

A leaked NSA document report says at least one company providing software for the electoral process was targeted. More than 100 local election officials were also targeted by spear-phishing emails, the document alleges.

The publication of the document has been followed by the FBI announcing it has charged 25-year-old NSA contractor Reality Leigh Winner in connection with removing 'classified' information from a government location and providing it to a news organisation.

Within the five-page leaked document, there is no suggestion that the US result was impacted by the hacking attempts but it is the most detailed report to surface from officials about Russian interference within the election process.

"Russian General Staff Main Intelligence Directorate actors executed cyber espionage operations against a named US company in August 2016, evidently to obtain information on elections-related software and hardware solutions,' the NSA report says. The security agency says it received this information in April 2017 and the report is dated May 5.

The report continues: "The actors likely used data obtained from that operation to create a new email account and launch a voter registration-themed spear-phishing campaign targeting US local government organisations". It is believed the government officials, who were involved in voter registration systems, were targeted following their names being taken from the hacked company.

"It is unknown whether the aforementioned spear-phishing deployment successfully compromised the intended victims, and what potential data could have been accessed by the cyber actor," a comment attached to the document says.

Within the spear-phishing campaign the Russian actors sent malware inside a Word document which, when opened, would run a script that would infect other machines. The NSA's document also says email addresses were created by the Russian actors that may have been used to "offer election-related products and services".

Recently Winner was arrested and charges were announced by the US Justice Department. Within a 6-page affidavit it is alleged that Winner, who worked for Pluribus International Corporation, printed the NSA document and then sent it to the news organisation. 

Winner was identified following the NSA tracing the document's movements. It "appeared to be folded and/or creased, suggesting they had been printed and hand-carried out of a secured space," the legal document says. The security agency then says it found six individuals had printed the report and a scan on those people's computers showed she had been in contact with the news outlet.

The FBI added that Winner admitted to printing and sharing the document. If convicted of a crime, she could face a 10-year prison sentence.

Publication of the document comes just days after Vladimir Putin insisted his country wasn't involved in hacking. "I'm deeply convinced that no hackers can radically influence another country's election campaign," Putin said. However, at the St Petersburg economic forum, he conceded it would be "theoretically possible" for people to hack election systems.

Wired

You Might Also Read:

Electoral Influence: 40yrs Of Kremlin Interference:

Russian Military Was Behind Hacking Clinton Campaign:

How Russian Cyber Power Attacked The US:

 

 

 

« Islamic State's Social Media Strategy
UK’s Trident Nuclear Subs Vulnerability To Hackers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Assure Technical

Assure Technical

Assure Technical offers a holistic approach to Technical Security. Our expertise and services span across the Physical, Cyber and Counter Surveillance domains.

Juniper Networks

Juniper Networks

Juniper Networks is the industry leader in network innovation. We provide network infrastructure and network security solutions.

Perkins Coie LLP

Perkins Coie LLP

Perkins Coie LLP is an internationalk law firm with offices across the USA and Asia. Practice areas include Privacy and Data Security.

TZ-CERT

TZ-CERT

TZ-CERT is the National Computer Emergence Response Team of Tanzania.

National Information Technology Development Agency (NITDA) - Nigeria

National Information Technology Development Agency (NITDA) - Nigeria

The National Information Technology Development Agency (NITDA) is committed to implementing the Nigerian National Information Technology Policy.

Nubo Software

Nubo Software

Nubo’s Virtual Mobile Infrastructure creates a virtual corporate device on your employee smartphones and tablets. Enable unlimited mobility without leaving any data at risk.

CyberGuru

CyberGuru

CyberGuru is a service provided by CyberSecurity Malaysia specializing in cyber security professional training and development.

Arkose Labs

Arkose Labs

Arkose Labs' Fraud and Abuse Platform combines Telemetry and adaptive Enforcement Challenges to break down the ROI of fraudsters and protect digital businesses.

Simply Hired

Simply Hired

Simply Hired is a job search engine that collects job listings from all over the web, including company career pages, job boards and niche job websites.

Valid Network

Valid Network

Valid Network DSP is blending traditional cyber security methodologies with blockchain transactions to achieve trust, internal and federated between organizations and stake holders.

Cyber Polygon

Cyber Polygon

Cyber Polygon is an annual online exercise which connects various global organisations to train their competencies and exchange best practices.

PKI Solutions

PKI Solutions

PKI Solutions offers Public Key Infrastructure (PKI) products, services, and training to help ensure the security of organizations now and in the future.

Rimstorm

Rimstorm

Rimstorm’s mission is to significantly improve the security of your data using award-winning, state-of-the-art technology combined with cyber managed security services.

Allurity

Allurity

Allurity is a group of tech-enabled cybersecurity service providers, comprised of best-in-class experts with a common mission to enable a safe digital world.

Avalor

Avalor

Avalor are on a mission to help security teams make faster, more accurate decisions by making sense of their data. With Avalor you can bring in data from anywhere, normalize it and analyze it.

Chorus

Chorus

Chorus are a leading Managed Security Service Provider (MSSP), and member of the Microsoft Intelligent Security Association (MISA), with three Microsoft Advanced Specialisations in security.