We know with some certainty that Russia-affiliated hackers were responsible for stealing and leaking emails belonging to the Democratic National Committee and Hillary Clinton adviser John Podesta. We know that the U.S. intelligence community believes this was done as part of a broader campaign to support Donald Trump. Now, per a scoop at the Intercept, we know more about the details of what that broader campaign involved: A NSA document, the site reports, concludes that Russian intelligence operatives attempted to compromise the computers of 122 U.S. voting officials just days before the 2016 election.
You should read the whole story here, but the gist is as follows:
- The Intercept says it's obtained and verified the authenticity of an internal NSA report about a Russian hacking attack. CBS says it's also confirmed that the report is authentic.
- The report is a summary of conclusions and does not include "raw" intelligence data. It concludes that an attack against U.S. voter registration systems, was conducted last year by GRU, a Russian military intelligence agency.
- The effort began with an apparently successful August attempt to infiltrate the network of a voter registration services company that the Intercept identifies as Florida-based VR Systems.
- The hackers then used pilfered credentials to send emails that appeared as if they came from VR Systems to 122 local voting officials around the country. This portion of the attack was launched "on either October 31 or November 1."
- These emails included attachments that, if opened, triggered the installation of software that would allow the hackers to access the officials' computers.
The infiltration of VR Systems' network and voting officials' computers, the piece explains, could have allowed hackers to alter or delete voter registration information in such a way as to strategically create delays and chaos at specific polling locations. Crucially, however, the report does not include any evidence that this actually took place and says that it's not clear whether any of the officials' computers were compromised. And while the piece outlines a way that voting officials' computers could be used to target actual vote tallies, there's also no suggestion that this was attempted.
Nonetheless, to use a technical term often thrown around among underground "black hat" super-hackers: Wow!