Latest in Gear

Image credit:

Russian intelligence agents targeted US voting-software company

And then they sent phishing emails to more than 100 local election officials.
Share
Tweet
Share

Sponsored Links

Getty Images

Russia's military intelligence agency infiltrated a US voting-software company and conducted a phishing campaign targeting more than 100 local elections officials, according to top-secret National Security Agency documents published by The Intercept. The cyberattacks occurred in the months and days before the US presidential election in November.

The US intelligence community concluded in January that top Russian authorities directed a hacking campaign against the US election infrastructure, including launching cyberattacks against the Democratic National Committee and the staff of candidate Hillary Clinton. The NSA documents published today offer a glimpse into how Russia actually attempted to infiltrate US elections systems, and what kind of information agents were interested in manipulating. The report does not state whether these attacks directly affected the results of the election.

The NSA said Russian hackers sent phishing emails in August to employees of a private US company that builds polling-place sign-in software. It was unclear whether this phishing attempt worked, though the agency concluded it likely compromised at least one account, considering there were subsequent attacks.

"The actors were probably trying to obtain information associated with election-related hardware and software applications," the NSA report reads.

The company isn't named, though as The Intercept notes, the report mentions EViD, a product used by Florida-based voting-software vendor VR Systems. EViD is "is a network of electronic devices at voting sites communicating with each other and with the county's voter registration system," the company says. EViD accesses information including voter registration status, name and address. VR Systems has contracts in California, Florida, Illinois, Indiana, New York, North Carolina, Virginia and West Virginia.

The hackers then set up an email account in the targeted company's name and sent two trojan-riddled Microsoft Word documents to 122 local government officials and organizations. This was likely around November 1st, the report reads.

"Given the content of the malicious email it was likely that the threat actor was targeting officials involved in the management of voter registration systems," the report says.

If someone opened one of the infected documents, it would trigger the invisible installation of additional malware that allows the hackers to constantly, quietly access the breached computer. The NSA says it's unclear whether this phishing campaign hooked anyone.

Russian intelligence agents toyed around with two additional hacking campaigns around the same time, one aimed at another US election company and the other targeting the American Samoa Election Office. These attacks appear to have stalled out and their associated email accounts deleted.

As The Intercept's NSA documents made their way across the internet today, so did reports that the Federal Bureau of Investigation was bringing charges against the person who leaked the top-secret report. The FBI has arrested government contractor Reality Leigh Winner on charges she unlawfully printed and shared top-secret information with a news outlet.

"The US Government Agency examined the document shared by the News Outlet and determined the pages of the intelligence reporting appeared to be folded and/or creased, suggesting they had been printed and hand-carried out of a secured space," the affidavit reads. The agency noted six people had printed out the report at the office, and just one of them, Winner, had sent an email to the news outlet itself. Winner admitted to the leak, according to the affidavit.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Chevy will start selling EV retrofit kits in 2021

Chevy will start selling EV retrofit kits in 2021

View
SSC NA promises a re-run of the Tuatara's top speed record attempt

SSC NA promises a re-run of the Tuatara's top speed record attempt

View
Google Meet starts rolling out custom backgrounds to web users

Google Meet starts rolling out custom backgrounds to web users

View
Apple program will replace AirPods Pro buds with crackling, ANC issues

Apple program will replace AirPods Pro buds with crackling, ANC issues

View
$149 Playdate handheld is 'ready to go,' orders start in early 2021

$149 Playdate handheld is 'ready to go,' orders start in early 2021

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr