Just a few days before the 2016 presidential election, Russian military intelligence hackers targeted a Florida voting software company and more than 100 local election officials, according to a highly classified National Security Agency report obtained by The Intercept and verified by CBS News.
Though the report does not draw any conclusions on whether the cyberattack influenced the outcome of the election, it is the first piece of evidence that has come to light that not only did Russian hackers meddle in the 2016 election by stealing and distribute damaging campaign communications, but also went after America’s election infrastructure itself. The document also undermines Russian President Vladimir Putin’s recent assertion that allegations his government interfered in the U.S. political process are a “fiction.”
Here are the key revelations from the Intercept report:
- On August 24 of last year, Russian hackers sent emails designed to look like they were from Google to employees of an unnamed U.S. election software company. The NSA document does not directly identify the company in question, but contains references to the VR Systems, whose electronic voter database products are used in eight states. Our of seven “potential victims,” at least one of the employee accounts was “likely compromised,” the NSA concluded.
- In late October, the hackers impersonated that voting software company employee in an email blast to 122 addresses “associated with named local government organizations,” likely to officials “involved in the management of voter registration systems.” According to the Intercept: “The emails contained Microsoft Word attachments purporting to be benign documentation for VR Systems’ EViD voter database product line, but which were in reality maliciously embedded with automated software commands that are triggered instantly and invisibly when the user opens the document.”
- The NSA report confirms that “Russian military intelligence, specifically the Russian General Staff Main Intelligence Directorate, or GRU,” conducted the cyber attacks. GRU “may have breached at least some elements of the voting system,” particularly “elements of multiple U.S. state or local electoral boards.”
- The NSA document details two other Russian hacking attempts: one targeting another U.S. election company and another aimed at the American Samoa Election Office. On the latter effort, the NSA said the goal was “mimicking a legitimate absentee ballot-related service provider” but did not say what information was obtained.
VR Systems said in a statement to the Intercept: “We have policies and procedures in effect to protect our customers and our company.” The company did not respond to questions about the specific hack detailed in the NSA document.