The Guardian
Email YouTube Facebook Instagram Twitter

Leaked intel report shows Russian hackers probed US voting systems

Related

The Intercept said the NSA document was dated May 5, and did not say how they acquired it. But barely an hour after its report appeared, the Department of Justice announced the arrest of Winner, an employee of a national security contractor in Augusta, Georgia, for leaking top secret information to “an online news outlet”. PHOTO: GETTYIMAGES

A top secret US report showing that hackers from Russian military intelligence tried repeatedly to break into US voting systems before last year’s presidential election raised new alarms Monday about the extent of Moscow’s meddling.

But the alleged leak of the National Security Agency document by one of the tens of thousands of private contractors to US spy agencies, barely one month after the report was written, became the newest embarrassment for the US intelligence community.

Keen to crack down on a flood of leaks, almost immediately after the report was published, the Trump administration announced the arrest of intelligence contractor Reality Leigh Winner, 25, on charges of violating the espionage act.

“Releasing classified material without authorization threatens our nation’s security and undermines public faith in government. People who are trusted with classified information and pledge to protect it must be held accountable when they violate that obligation,” Deputy Attorney General Rod Rosenstein said in a statement.

– Hacking by Russia’s GRU –
The NSA report was published Monday by The Intercept, an online news website which focuses on national security issues. It depicted a hacking operation tied closely to Moscow’s GRU intelligence directorate that targeted private US companies providing voter registration services and equipment to local governments.

The operation, which potentially threatened the integrity of the US vote, went on for months, until just days before the November 8 election, according to the document.

The NSA did not conclude whether the hackers had any effect on the outcome, The Intercept said. But US intelligence officials have repeatedly said vote tallies were not affected in the election, in which President Donald Trump beat Democrat Hillary Clinton in a shock upset.

The Intercept said the NSA document was dated May 5, and did not say how they acquired it. But barely an hour after its report appeared, the Department of Justice announced the arrest of Winner, an employee of a national security contractor in Augusta, Georgia, for leaking top secret information to “an online news outlet”.

While neither the information leaked or the outlet were identified in the arrest documents, the information was also described as a report dated May 5. Intelligence officials have confirmed to US media that Winner’s case was linked to The Intercept.

Asked about her arrest, Intercept spokeswoman Vivian Siu said the NSA document came to them anonymously. “The Intercept has no knowledge of the identity of the source,” she said.

– Hacking targeted local voting operations –
The NSA report expanded on US allegations that Russian President Vladimir Putin directed a concerted effort, involving hacking and disinformation, to interfere with the 2016 election to help Trump.

“Russian General Staff Main Intelligence Directorate actors … executed cyber espionage operations against a named US company in August 2016, evidently to obtain information on elections-related software and hardware solutions,” the NSA report says, according to The Intercept.

The report shows that, by trying to steal log-in credentials and using spear-fishing emails to plant malware, the hackers “obtained and maintained access to elements of multiple US state or local electoral boards.”

How successful that effort was, and what kind of data may have been stolen, remains an unanswered question, the NSA report says.

Florida-based VR Systems, whose electronic voter identification system was in use in eight states, was a target of the Russian hacking effort. In a statement the company said it had alerted its customers when it became aware of the phishing effort, and that none fell for it or were compromised.

“Phishing and spear-phishing are not uncommon in our society,” it said. “We have policies and procedures in effect to protect our customers and our company.”

VR Systems also stressed that none of its products are used for recording or tabulating votes.

– Trump angry over leakers –
Winner’s arrest was the first for leaks of classified information under the four-month-old Trump government. Besieged by leaks of his policies, conversations, and especially on the investigation into links between his campaign advisors and russia, Trump has ordered Justice Department officials to take severe actions against leakers.

According to reports, in February Trump told then-FBI director James Comey to consider arresting journalists who publish leaked classified information.



No Comments yet