Russian military intelligence executed a cyberattack on a United States voting software supplier days before the presidential election, according to a classified document the Intercept reported on Monday.
The top-secret National Security Agency (NSA) document, which was provided anonymously to the Intercept and independently verified, is dated May 5. It states that that Russian General Staff Main Intelligence Directorate, the Russian military intelligence, was behind the attack.
The document also reveals that Russia sent spear-phishing emails—phishing emails custom tailored to their intended targets—to more than 100 local election officials before the election, the Intercept reported. It is unclear whether any of the local officials were infected with malware as a result of the spear-phishing attacks.
The report does not conclude whether the cyberattack had any effect on the presidential election, nor is a single NSA report conclusive regarding all details involved.
In January, the Obama administration said it had high confidence that Russia ordered an effort through the use of propaganda to undermine the public’s faith in the election and swirl distrust of Democratic nominee Hillary Clinton, who was opposing President Donald Trump.
The attack tricked local government employees into opening a Microsoft Word document that had malware which would give hackers control of infected computers, the Intercept reported. Before that, however, hackers sent spear-phishing emails to employees of an election software company—the document references VR Systems in Florida but does not explicitly identify the company by name—with a link directing them to a fake Google website requesting their login credentials. The NSA reportedly identified seven “potential victims” at the company.
On Oct.27, hackers set up a Gmail account appearing to belong to an employee of the election software company and sent emails to “U.S. government organizations” with a malicious Microsoft Word document that would send out a beacon to hackers, according to the report. The emails were sent to 122 email address “associated with named local government organizations” involved in managing voter registration systems, the Intercept reported.
The malware on infected machines would reportedly give them access to the voting machines; however, it is “unknown” what the spear-phishing attack could have done in terms of affecting election results.
The Department of Justice on Monday announced the arrest of an intelligence contractor, 25-year-old Reality Leigh Winner of Georgia, for allegedly leaking classified NSA documents to an unnamed online media outlet. The timing of Winner’s alleged infractions as well as the date of the leaked document match details in the Intercept report. According to NBC News, Winner is suspected of providing the documents to the Intercept.
Read the Intercept’s full report here.