Hackers associated with Russia’s military intelligence agency targeted a company with information on US voting software days before the election and used the data to launch “voter registration-themed” cyberattacks on local government officials, according to a top-secret National Security Agency document that was leaked to The Intercept.
The NSA document offers the clearest indication yet that Russian hackers sought to penetrate US voting systems tied to voter registration in the days and weeks leading up to the election.
“Russian intelligence obtained and maintained access to elements of multiple US state or local electoral boards,” the NSA concluded, citing information “that became available in April 2017.” The NSA did not draw any conclusions on whether the effort had any effect on the election’s outcome, according to The Intercept.
The NSA did not respond to request for comment from Business Insider, but the agency confirmed the document’s authenticity to The Intercept.
The Russian hackers also attempted to gain access to accounts associated with absentee balloting, “presumably with the purpose of creating those accounts to mimic legitimate services,” according to the report. But it is “unknown whether the aforementioned spear-phishing deployment successfully compromised all the intended victims, and what potential data from the victim could have been exfiltrated,” the NSA report said.
Cybersecurity experts fear that hackers breached the voter registration systems hoping they would be networked to actual voting machines, according to the Intercept.
“I would worry about whether an attacker who could compromise the poll book vendor might be able to use software updates that the vendor distributes to also infect the election management system that programs the voting machines themselves,” Alex Halderman, director of the University of Michigan Center for Computer Security and Society and an electronic voting expert, told the publication.
“Once you do that, you can cause the voting machine to create fraudulent counts,” he said.
Pamela Smith, president of the election integrity watchdog Verified Voting, told The Intercept that access to a state voter database would allow a hacker to “take malicious action by modifying or removing information.”
“This could affect whether someone has the ability to cast a regular ballot, or be required to cast a ‘provisional’ ballot,” she said, “which would mean it has to be checked for their eligibility before it is included in the vote, and it may mean the voter has to jump through certain hoops such as proving their information to the election official before their eligibility is affirmed.”
Russian President Vladimir Putin has long denied that the Kremlin had ordered cyberattacks on the Democratic National Committee and Hillary Clinton’s campaign chairman, John Podesta, during the 2016 election.
But he said last week that “patriotically minded” Russians, whom he compared to artists, might have taken it upon themselves “to fight against those who say bad things about Russia,” according to The New York Times, which was present at his news conference with Russian and foreign outlets in St. Petersburg on Thursday.
The statement was the closest Putin has come to acknowledging the view of US intelligence agencies that Russian hackers were behind the campaigns targeting Democrats during last year’s election.
“We’re not doing this at the state level,” Putin said. But he implied that it would be patriotic for private Russian citizens to “start making contributions — which are right, from their point of view — to the fight against those who say bad things about Russia.”