On Monday, there was a huge new development out of nowhere on the Russian election meddling front. The Intercept has obtained a National Security Agency document (which they verified independently) that outlines a Russian cyber attack on an American voting machine software vendor last August. Another attack was launched just before Election Day.
The report, dated May 5, 2017, outlines two distinct attacks by the Russian General Staff Main Intelligence Directorate, or GRU:
- “…executed cyber espionage operations against a named U.S. company in August 2016, evidently to obtain information on elections-related software and hardware solutions.”
- Used intelligence gathered from that hack to send “spear phishing” emails to over 100 election officials from across the country to get them to download malware.
While no conclusions are drawn about the effects of the attacks, the report does state that “Russian intelligence obtained and maintained access to elements of multiple US state or local electoral boards.” Voter registration records were also a target of the GRU, according to the document.
The NSA also found evidence of the GRU sending test emails (emails sent to determine the validity of a given address) to another electoral software vendor as well as the American Samoa Election Office. It’s not clear if these were followed up by further attacks, though the targeting of American Samoa is curious due to its lack of electoral votes.