1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Leaked NSA report reveals Russian hackers targeted voting software firm days before the...

By midian182 ยท 5 replies
Jun 6, 2017
Post New Reply
  1. A top-secret NSA report obtained by The Intercept has revealed that Russian military intelligence launched a hacking campaign against at least one US voting software supplier and sent spear-phishing emails to over 100 local election officials. The cyberattacks took place just days before last November’s presidential election.

    Back in January, the Director of National Intelligence said the Democratic National Committee (DNC) hack, which saw emails stolen from the DNC and Hilary Clinton campaign leaked online, was ordered by the Russian government. Following the release of a declassified joint report from the FBI and DHS in December, the Obama Administration announced sanctions against the country, including the expulsion of 35 Russian diplomats.

    Today’s NSA report suggests the Russian hacks went deeper than previously realized, though it doesn’t reveal if they successfully affected the results of the election directly, as opposed to just influencing it through the DNC/Clinton leaks.

    The report reveals that the hackers, posing as Google employees, sent spoofed emails to employees of a US election software company. While the firm isn’t identified, there are references to EViD, a product made by Florida-based VR Systems.

    Seven employees received the emails, and while three were rejected by an email server, at least one account was likely compromised. Two months later, the hackers used the stolen information to set up a Gmail account designed to appear as if it came from an employee at VR Systems. They then sent 122 local government officials and organizations two Microsoft Word documents booby-trapped with trojans, which would allow the hackers to access the computers of anyone who opened them. The NSA said it’s unclear how successful this secondary attack proved.

    Another operation saw test emails sent to addresses at the American Samoa Election Office. It’s thought these were to determine whether the accounts existed before launching another phishing attack. The NSA believes the Russians were intent on“mimicking a legitimate absentee ballot-related service provider.”

    While the report indicates the Russian General Staff Main Intelligence Directorate, or GRU, was behind the attacks, Vladimir Putin continues to deny his government’s involvement. The Russian President recently said “patriotic hackers” may have meddled in the US election.

    It appears that the source of the leak has been identified. Not long after The Intercept’s report was published, the Department of Justice announced that 25-year-old federal contractor Reality Leigh Winner had been charged with removing classified material from a government facility and mailing it to a news outlet.

    "The US Government Agency examined the document shared by the News Outlet and determined the pages of the intelligence reporting appeared to be folded and/or creased, suggesting they had been printed and hand-carried out of a secured space," the affidavit reads. Six people printed the report, but only Winner mailed the news outlet. She has admitted to the leak.

    Permalink to story.

  2. David Belkin

    David Belkin TS Enthusiast Posts: 47   +41

    "Leaked NSA report", intentionally "leaked" or simply fabricated?, by the organization that's (still) spying and hacking into the entire world's computer networks and goes around and blames, amongst others, Russia, China and North Korea?
    Misagt likes this.
  3. Imagine being a Falcons fan and trying to convince people you actually won the Super Bowl. Now imagine doing that on a weekly basis.
  4. Scorpionking20

    Scorpionking20 TS Booster Posts: 65   +29

    Leaked. The story has been corroborated and verified.
    Godel likes this.
  5. JudasSheep

    JudasSheep TS Booster Posts: 96   +76

    Isn't this interesting, would be nice to get some truth out of all parties, but that is as likely as time to start going backwards.

    Something I have noticed and think is completely disregarded. Government agencies, affiliates & contractors are not attending training or even doing training on how to spot phishing emails. How to notice spoofed emails. How to configure an email server to filter these kinds of messages. How many times have we heard not to open emails from people we don't know or things with attachments from people we don't know or opening questionable emails in your personal email on a work computer!? Why are the people in charge not being held accountable?

    I am sure this Winner chic attended her training, but disregarded it because she was politically opposed to this administration. I think what she did took courage but just like Snowden, there is a right and wrong way to do things. This will only get her a prison sentence.

    The DNC would have had a better chance had Hillary and Potesda attended and paid attention to their training that is supposed to be mandatory for all Gov. employees.

    IT security is everyone's responsibility and it doesn't matter what your job is (gov or not). Having knowledge of the methods used and what to look for can keep you and your family safe from identity theft and other scams.
    Uncle Al likes this.
  6. Kenrick

    Kenrick TS Evangelist Posts: 630   +403

    Get over it liberal. Hillary lost.

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...