A top secret National Security Agency document shows that hackers from Russian military intelligence tried repeatedly to break into US voting systems before last year’s presidential election, The Intercept reported.
The online news outlet said on Monday the NSA report depicted a hacking operation tied closely to Moscow’s GRU intelligence directorate that targeted private US companies providing voter registration services and equipment to local governments around the country.
The operation, which potentially threatened the integrity of the US vote, went on for months, until just days before the November 8 election, according to the document.
The NSA did not conclude whether the hackers had any effect on the outcome, The Intercept said. But US intelligence officials have repeatedly said vote tallies were not affected in the election, won in a shock upset by Donald Trump.
The Intercept, which focuses on national security issues, said the NSA document was dated May 5, the most up to date view made public so far by US intelligence services of the Russian effort.
The Intercept did not say how they acquired the document, but shortly after its report appeared, the Department of Justice announced the arrest of Reality Leigh Winner, an employee of a national security contractor, for leaking top secret information to “an online news outlet”.
While neither the information nor the outlet were identified, the information was also described as a report dated May 5.
Asked about the arrest, Intercept spokeswoman Vivian Siu said the NSA document came to them anonymously. “The Intercept has no knowledge of the identity of the source,” she said.
The report expanded on US allegations that Russian President Vladimir Putin directed a concerted effort, involving hacking and disinformation, to interfere with the election to help Trump.
“Russian General Staff Main Intelligence Directorate actors … executed cyber espionage operations against a named US company in August 2016, evidently to obtain information on elections-related software and hardware solutions,” the NSA report says, according to The Intercept.
“The actors likely used data obtained from that operation to … launch a voter registration-themed spear-phishing campaign targeting US local government organisations.”
The report was published just days after Putin denied allegations that the Russian state had meddled in the US election.
Putin conceded, however, that there may have been hacking by Russians unconnected with the government.
As for the charges of government involvement, he said: “This useless and harmful chatter needs to stop.”
The NSA did not immediately reply to requests for comment on the report.
The Intercept said that the agency, Washington’s most important signals intelligence body, sought first to dissuade them from publishing it, and then requested redactions.
The report shows that, by trying to steal log-in credentials and using spear-fishing emails to plant malware, the hackers “obtained and maintained access to elements of multiple US state or local electoral boards.”
How successful that effort was, and what kind of data may have been stolen, remains an unanswered question, the NSA report says.
It also notes that despite then-president Barack Obama’s warning to Putin in September last year to not interfere with the election, the hacking attack on voter systems continued through October.