Report suggests Russia hackers breached voting software firm

APTFilter CERT-LatestNews Malware Security News SocialEngineering ThreatsActivists ThreatsCybercrime ThreatsEconomic ThreatsStrategic VulnerabilitiesAll VulnerabilitiesHardware


Russian hackers attacked at least one U.S. voting software supplier days before last year’s presidential election, according to a government intelligence report leaked on Monday that suggests election-related hacking penetrated further into U.S. voting systems than previously known.

While U.S. intelligence agencies declined to comment, shortly after the release of the classified National Security Agency report by ‘The Intercept’ the Justice Department announced it had charged government contractor Reality Leigh Winner in Georgia with leaking a classified report containing “Top Secret level” information. The report the contractor allegedly leaked is dated May 5, the same date as the document that ‘The Intercept’ has posted online.

The report does not say whether the hacking had any effect on election results. But it says Russian military intelligence attacked a U.S. voting software company and sent spear-phishing emails to more than 100 local election officials at the end of October or beginning of November.

Kremlin’s denial

The document said Russian military intelligence “executed cyber espionage operations against a named U.S. company in August 2016 evidently to obtain information on elections-related software and hardware solutions, according to information that became available in April 2017”.

Dmitry Peskov, spokesman for President Vladimir Putin, denied the allegations on Tuesday, saying that the Kremlin did not see “any evidence to prove this information is true”.

He said Moscow categorically denies “the possibility” of the Russian government being behind it. The hackers are believed to have then used data from that operation to create a new email account to launch a spear-phishing campaign targeting U.S. local government organizations, the document said. “Lastly, the actors send test emails to two non—existent accounts ostensibly associated with absentee balloting, presumably with the purpose of creating those accounts to mimic legitimate services.”

The document did not name any State. The leaked information seems to go further than the U.S. intelligence agencies’ January assessment of the hacking that occurred.

“Russian intelligence obtained and maintained access to elements of multiple U.S. state or local electoral boards,” the assessment said. The Department of Homeland Security “assesses that the types of systems Russian actors targeted or compromised were not involved in vote tallying.”