Russia 'hacked voting systems before US election'

Voter registration official also targeted by nation state - report

NSA data

Russian military intelligence perpetrated a broad campaign to hack the network of a voter registration services company and target voting officials days before the US presidential election, according to allegedly leaked NSA documents.

The report was handed to investigative website The Intercept by an anonymous source. While it does not show any "raw" intelligence on which the analysis is based, the report does give a glimpse into the shadowy world of cyber-espionage and the NSA's understanding of events.

The report, which both the publication and CBS said they have independently verified, claimed the campaign by Russia's military began in August 2016 when hackers attempted to gain access to systems belonging to Florida-based VR Systems. VR Systems was not directly identified in the report, but the report contains references to products made by the company.

The documents state that Russian military intelligence, specifically the Russian General Staff Main Intelligence Directorate, or GRU, carried out attacks.

Hackers then used stolen credentials to send spear-phishing emails to 122 local voting officials around the US. This attack was carried out "on either October 31 or November 1", the report says.

Attachments in these emails, if opened, infected computers with malware that would allow hackers to access officials' PCs.

Such infiltration would have enabled an attacker to alter or delete voter registration information to create delays at polling stations. However, the report does not offer any evidence that any such attacks were successful. 

The report concluded "with high confidence" that Russian ordered an extensive, multi-pronged propaganda effort "to undermine public faith in the US democratic process, denigrate Secretary [Hillary] Clinton, and harm her electability and potential presidency." 

Since the publication of the report, the Justice Department announced that a criminal complaint was filed in the Southern District of Georgia charging Reality Leigh Winner, 25, a federal contractor, with removing classified material from a government facility and sending it to a news outlet.

Featured Resources

Security analytics for your multi-cloud deployments

IBM Security QRadar SIEM solution brief

Download now

Five reasons to move to the cloud

Join the enterprises moving their workloads to the cloud

Download now

Architecting hybrid IT and edge for digital advantage

Why business leaders should consider a hybrid IT strategy

Download now

Six reasons to accelerate remote asset monitoring with AI

How to optimise resources, increase productivity, and grow profit margins with AI

Download now

Recommended

10,000 emails hit with fake FedEx and DHL phishing attacks
phishing

10,000 emails hit with fake FedEx and DHL phishing attacks

24 Feb 2021
Hackers are using Google Alerts to help spread malware
hacking

Hackers are using Google Alerts to help spread malware

22 Feb 2021
North Korea expected to increase cyber attacks due to COVID struggles
hacking

North Korea expected to increase cyber attacks due to COVID struggles

22 Feb 2021
Microsoft is concerned with escalating web shell attacks
hacking

Microsoft is concerned with escalating web shell attacks

12 Feb 2021

Most Popular

Mysterious Silver Sparrow malware hits 30,000 macOS devices
malware

Mysterious Silver Sparrow malware hits 30,000 macOS devices

22 Feb 2021
IBM reportedly mulls sale of Watson Health business
mergers and acquisitions

IBM reportedly mulls sale of Watson Health business

22 Feb 2021
Microsoft to launch standalone Office 2021 suite
Microsoft Office

Microsoft to launch standalone Office 2021 suite

19 Feb 2021