A highly classified National Security Agency report details how Russian military intelligence attempted a spear-phishing email attack just days ahead of the 2016 presidential election, The Intercept reported.
The website said it verified the NSA document and redacted certain portions it deemed not vital to the national interest, but declined an NSA request not to write about or publish the document at all.
CBS News also verified the document's veracity.
"Russian General Staff Main Intelligence Directorate actors . . . executed cyber espionage operations against a named U.S. company in August 2016, evidently to obtain information on elections-related software and hardware solutions," the document reads. "The actors likely used data obtained from that operation to . . . launch a voter registration-themed spear-phishing campaign targeting U.S. local government organizations."
There is no indication the hacking effort was successful in influencing vote counts, though it was able to get into the voter registration systems.
The attempt worked like this:
A spear-phishing email was sent to local government workers from an email account posing as an e-voting vendor. If the recipient opened Microsoft Word documents in the email, their computer would be infectected with malware that allowed the Russian hackers to take control of their computers.
Yet another spear-phishing email was sent to an unidentified voting systems vendor that took employees to a fake Google website where their login information was requested. At least seven "potential victims" at the company were identified by the NSA.
The report said it is "unknown whether the aforementioned spear-phishing deployment successfully compromised all the intended victims, and what potential data from the victim could have been exfiltrated."
But The Intercept noted it appears the hackers obtained the information it wanted, since they then sent spear-phishing emails Oct. 31 or Nov. 1 to 122 email addresses "associated with named local government organizations," most likely "involved in the management of voter registration systems."
The attempt does not appear to have been able to have changed election outcomes, but instead could have affected the system which verifies voters' identities and registration and could have slowed down the voting process in certain areas. This slowdown is similar to an online "denial of service" attack where a website is shut down by multiple attempts by hackers to access the site, thereby not allowing actual users to access the site.
The Obama White House in January reported on U.S. intelligence work that had found Russian government attempts to affect the election, but was less detailed.
The Russian government has denied any such efforts, with Russian President Vladimir Putin telling NBC's Megyn Kelly in an interview aired Sunday that American intelligence agents "have been misled" and "aren't analyzing the information in its entirety."
Any hacking could have been done by patriotic Russians not affiliated with the government — or could have been perpetrated by state or non-state actors in any other country who put false Russian "fingerprints" on the actions, Putin said.
Meanwhile, NBC reported 25-year-old Reality Leigh Winner has been charged with leaking a top-secret document to a news outlet. According to The Smoking Gun, Winner is charged with leaking the NSA report to The Intercept.
© 2024 Newsmax. All rights reserved.