NSA Report: Russia Obtained Access to Multiple State or Local Electoral Boards
A classified NSA report obtained and released by The Intercept has provided the most in-depth look, thus far, into the extent of Russian attempts to meddle in U.S. elections.
The report, dated May 5th and released in early June, notes that the Russian General Staff Main Directorate, or GRU, was the party responsible for the cyberattacks.
Though the report does not comment on to what extent Russian efforts were successful in impacting actual election outcomes, it raises concerning questions, noting that “Russian intelligence obtained and maintained access to elements of multiple U.S. state or local electoral boards” and had also focused significant efforts in targeting private sector companies, including the manufacturer of devices responsible for tracking, maintaining, and verifying voter rolls.
Two months after its apparent success in its private sector phishing attacks, Russian intelligence turned its attention to targeting U.S. local government organizations, with an apparent focus on local officials “involved in the management of voter registration systems,” with an end-goal of “mimicking a legitimate absentee ballot-related service provider,” according to the NSA. Concerningly, while it is known that the efforts to target private sector companies met with some success, the report is unclear as to whether the government targeting efforts were successful and, if so, what data was obtained or impacted, though according to a statement provided to The Intercept by Jake Williams, founder of IT-security firm Rendition Infosec himself a former member of the NSA’s Tailored Access Operations hacking team, the type of attack Russia used, if it indeed met with success, would provide essentially “unlimited” ability to interface with the compromised system. “Once the user opens up that email, the attacker has all the same capabilities that the user does.”
The report is a clear rebuff of Russian President Vladimir Putin’s widely-dismissed claim that Russia “never engaged in that on a state level, and have no intention of doing so,” a statement that was followed by subsequent suggestions that rogue Russian hackers with “patriotic leanings” may have been involved. In fact, the intelligence organization responsible, the GRU, is the Russian government’s largest foreign intelligence agency.
Posted in General News