Leaked NSA Report Claims Russian 'Cyber Espionage' Against US Elections

Uploaded on 2017-06-09 in NEWS-Cybersecurity News, INTELLIGENCE--USA, FREE TO VIEW

US intelligence services believe hackers acting on behalf of the Russian military intelligence "executed cyber espionage operations" against election systems days before the country went to the polls in November las year.

A leaked NSA document report says at least one company providing software for the electoral process was targeted. More than 100 local election officials were also targeted by spear-phishing emails, the document alleges.

The publication of the document has been followed by the FBI announcing it has charged 25-year-old NSA contractor Reality Leigh Winner in connection with removing 'classified' information from a government location and providing it to a news organisation.

Within the five-page leaked document, there is no suggestion that the US result was impacted by the hacking attempts but it is the most detailed report to surface from officials about Russian interference within the election process.

"Russian General Staff Main Intelligence Directorate actors executed cyber espionage operations against a named US company in August 2016, evidently to obtain information on elections-related software and hardware solutions,' the NSA report says. The security agency says it received this information in April 2017 and the report is dated May 5.

The report continues: "The actors likely used data obtained from that operation to create a new email account and launch a voter registration-themed spear-phishing campaign targeting US local government organisations". It is believed the government officials, who were involved in voter registration systems, were targeted following their names being taken from the hacked company.

"It is unknown whether the aforementioned spear-phishing deployment successfully compromised the intended victims, and what potential data could have been accessed by the cyber actor," a comment attached to the document says.

Within the spear-phishing campaign the Russian actors sent malware inside a Word document which, when opened, would run a script that would infect other machines. The NSA's document also says email addresses were created by the Russian actors that may have been used to "offer election-related products and services".

Recently Winner was arrested and charges were announced by the US Justice Department. Within a 6-page affidavit it is alleged that Winner, who worked for Pluribus International Corporation, printed the NSA document and then sent it to the news organisation. 

Winner was identified following the NSA tracing the document's movements. It "appeared to be folded and/or creased, suggesting they had been printed and hand-carried out of a secured space," the legal document says. The security agency then says it found six individuals had printed the report and a scan on those people's computers showed she had been in contact with the news outlet.

The FBI added that Winner admitted to printing and sharing the document. If convicted of a crime, she could face a 10-year prison sentence.

Publication of the document comes just days after Vladimir Putin insisted his country wasn't involved in hacking. "I'm deeply convinced that no hackers can radically influence another country's election campaign," Putin said. However, at the St Petersburg economic forum, he conceded it would be "theoretically possible" for people to hack election systems.

Wired

You Might Also Read:

Electoral Influence: 40yrs Of Kremlin Interference:

Russian Military Was Behind Hacking Clinton Campaign:

How Russian Cyber Power Attacked The US:

 

 

 

« Islamic State's Social Media Strategy
UK’s Trident Nuclear Subs Vulnerability To Hackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

OneLogin

OneLogin

OneLogin simplifies identity management with secure, one-click access,for employees, customers and partners, through all device types, to all enterprise cloud and on-premise applications.

CipherPoint Software

CipherPoint Software

CipherPoint Software provides data-centric auditing and protection solutions for securing unstructured information

Astra

Astra

Astra's website security solution provides real-time protection against malware, hackers, SQLi, XSS, DDoS, LFI and RFI.

Seceon

Seceon

Seceon OTM, is a cyber security advanced threat management platform that visualizes, detects, and eliminates threats in real time.

Securepoint

Securepoint

Securepoint is the market leader in the development of professional “Unified Threat Management” solutions in Germany.

Logic Supply

Logic Supply

Logic Supply is a global industrial PC company focused on hardware for the IoT edge. We design highly-configurable computers engineered for reliability.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DataDome

DataDome

DataDome offers real-time AI protection against all OWASP automated threats, including credential stuffing, layer 7 DDoS attacks, SQL injection & intensive scraping.

Concordium

Concordium

Concordium aims to build the world’s leading open-source, permissionless, and decentralized blockchain with built-in user identity at the protocol level.

Vijilan Security

Vijilan Security

Vijilan provides 24/7 SOC services to MSPs/VARs. Our Security Operations Center is global, and our services are exclusive to the Channel.

eSec Forte Technologies

eSec Forte Technologies

eSec Forte Technologies is a CMMi Level 3 certified Global Consulting and IT Security Services company.

Infinite Ranges

Infinite Ranges

Infinite Ranges delivers secure, comprehensive digital solutions by connecting experts with the best products and services for the digital age.

TatvaSoft

TatvaSoft

TatvaSoft is a custom software development company delivering business IT solutions and related services to customers across the globe.

Corsearch

Corsearch

Combining AI-powered technology and decades of industry expertise, Corsearch is revolutionizing how companies establish and protect their brands.

Omdia

Omdia

Omdia is a technology research and advisory group. Our deep knowledge of tech markets combined with our actionable insights empower organizations to make smart growth decisions.

Emircom

Emircom

Emircom is one of the Middle East's leading independent providers of IT infrastructure services, helping clients to drive growth and deliver measurable outcomes.